Abstract
DNS caches are an extremely important tool, providing services for DNS as well as for a multitude of applications, systems and security mechanisms, such as anti-spam defences, routing security (e.g., RPKI), firewalls. Subverting the security of DNS is detrimental to the stability and security of the clients and services, and can facilitate attacks, circumventing even cryptographic mechanisms. We study the caching component of DNS resolution platforms in diverse networks in the Internet, and evaluate injection vulnerabilities allowing cache poisoning attacks. Our evaluation includes networks of leading Internet Service Providers and enterprises, and professionally managed open DNS resolvers. We test injection vulnerabilities against known payloads as well as a new class of indirect attacks that we define in this work. Our Internet evaluation indicates that more than 92% of the Internet's DNS resolution platforms are vulnerable to records injection and can be persistently poisoned.
Original language | English |
---|---|
Title of host publication | INFOCOM 2017 - IEEE Conference on Computer Communications |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
ISBN (Electronic) | 9781509053360 |
DOIs | |
State | Published - 2 Oct 2017 |
Externally published | Yes |
Event | 2017 IEEE Conference on Computer Communications, INFOCOM 2017 - Atlanta, United States Duration: 1 May 2017 → 4 May 2017 |
Publication series
Name | Proceedings - IEEE INFOCOM |
---|---|
ISSN (Print) | 0743-166X |
Conference
Conference | 2017 IEEE Conference on Computer Communications, INFOCOM 2017 |
---|---|
Country/Territory | United States |
City | Atlanta |
Period | 1/05/17 → 4/05/17 |
Bibliographical note
Publisher Copyright:© 2017 IEEE.