Formal Analysis of the Kaminsky DNS Cache-Poisoning Attack Using Probabilistic Model Checking

Αλεξίου, Νικόλαος; Basagiannis, Stylianos; Katsaros, Panagiotis; Dashpande, Tushar; Smolka, Scott A.

doi:10.1109/hase.2010.25

Cited by 25 publications

(17 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, we solved the linear system of equations to derive the probability of a false synchronization. As a future work, we could apply probabilistic model checking to verify the correctness of the analytical model and improve the modeling effectiveness [9].…”

Section: Discussionmentioning

confidence: 99%

Analysis and Modeling of False Synchronizations in 3G-WLAN Integrated Networks

Ntantogian¹,

Xenakis²,

Stavrakakis³

2012

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Abstract. Recently, a set of problems have been solved analytically, in order to improve various aspects of the authentication procedure in mobile networks. In these problems, an analytical model is derived, which is used to draw guidelines on the selection of the appropriate value of various system parameters. We observe that all these problems can be solved using a generic modeling procedure that is based on Markov chains assuming exponential distributions. In this paper we apply this generic modeling procedure to the problem of false synchronizations in 3G-WLAN integrated networks. To this end, we first elaborate on false synchronization using a numerical example that facilitates the better understanding of the presented notions. Then, an analytical model based on a four dimensional Markov chain is developed, using the generic modeling procedure, whose accuracy is verified through simulations.

show abstract

Section: Discussionmentioning

confidence: 99%

Analysis and Modeling of False Synchronizations in 3G-WLAN Integrated Networks

Ntantogian¹,

Xenakis²,

Stavrakakis³

2012

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

show abstract

“…Our CTMC model for the Kaminsky attack [1] implements a victim DNS server that generates times to request url queries to resolve one or more resource names within some domain. While the victim waits for a legitimate response to its query, the intruder tries with rate guess to provide a fake response that, if correctly matching the query id, will be accepted by the victim, thus corrupting its cache.…”

Section: Applicationsmentioning

confidence: 99%

“…-We also provide a control-theoretic characterization of the probabilistic Model Repair problem, and in the process establish a formal link between model repair and the controller-synthesis problem for linear systems. -We demonstrate the practical utility of our approach by applying it to a number of significant case studies, including a DTMC reward model of the Zeroconf protocol for assigning IP addresses, and a CTMC model of the highly publicized Kaminsky DNS cache-poisoning attack [1]. The rest of the paper develops along the following lines.…”

Section: Introductionmentioning

confidence: 99%

Model Repair for Probabilistic Systems

Bartocci

Grosu

Katsaros

et al. 2011

Tools and Algorithms for the Construction and Analysis of Systems

Self Cite

102

View full text Add to dashboard Cite

Abstract. We introduce the problem of Model Repair for Probabilistic Systems as follows. Given a probabilistic system M and a probabilistic temporal logic formula φ such that M fails to satisfy φ, the Model Repair problem is to find an M that satisfies φ and differs from M only in the transition flows of those states in M that are deemed controllable. Moreover, the cost associated with modifying M 's transition flows to obtain M should be minimized. Using a new version of parametric probabilistic model checking, we show how the Model Repair problem can be reduced to a nonlinear optimization problem with a minimal-cost objective function, thereby yielding a solution technique. We demonstrate the practical utility of our approach by applying it to a number of significant case studies, including a DTMC reward model of the Zeroconf protocol for assigning IP addresses, and a CTMC model of the highly publicized Kaminsky DNS cache-poisoning attack.

show abstract

“…Wong and Nikander [2010] proposed a new architecture to secure DNS, basing the architecture on the idea of decoupling identity and location; using certificate look-up to establish authority, and a dns-like service to discover location. Dagon's presentation [Dagon 2008] and Alexiou et al's [2010] analytical work discussed the danger in DNS cache poisoning, with Dagon [2008] referring to some recent RFCs to combat the attack, and Alexiou et al [2010] studied the Kaminsky attack in depth. Suggestion in all works require implementation change at the server side, in which the client is dependent on the adoption rate of the implementation change.…”

Section: Related Workmentioning

confidence: 99%

A Proxy View of Quality of Domain Name Service, Poisoning Attacks and Survival Strategies

Yuan

Chen

Mohapatra

et al. 2013

ACM Trans. Internet Technol.

View full text Add to dashboard Cite

KRISHNA KANT, IntelThe Domain Name System (DNS) provides a critical service for the Internet -mapping of user-friendly domain names to their respective IP addresses. Yet, there is no standard set of metrics quantifying the Quality of Domain Name Service (QoDNS), let alone a thorough evaluation of it. This article attempts to fill this gap from the perspective of a DNS proxy/cache, which is the bridge between clients and authoritative servers. We present an analytical model of DNS proxy operations that offers insights into the design tradeoffs of DNS infrastructure and the selection of critical DNS parameters.Due to the critical role DNS proxies play in QoDNS, they are the focus of attacks including cache poisoning attack. We extend the analytical model to study DNS cache poisoning attacks and their impact on QoDNS metrics. This analytical study prompts us to present Domain Name Cross-Referencing (DoX), a peer-to-peer systems for DNS proxies to cooperatively defend cache poisoning attacks. Based on QoDNS, we compare DoX with the cryptography-based DNS Security Extension (DNSSEC) to understand their relative merits.

show abstract

Formal Analysis of the Kaminsky DNS Cache-Poisoning Attack Using Probabilistic Model Checking

Cited by 25 publications

References 8 publications

Analysis and Modeling of False Synchronizations in 3G-WLAN Integrated Networks

Analysis and Modeling of False Synchronizations in 3G-WLAN Integrated Networks

Model Repair for Probabilistic Systems

A Proxy View of Quality of Domain Name Service, Poisoning Attacks and Survival Strategies

Contact Info

Product

Resources

About