The Hitchhiker’s Guide to DNS Cache Poisoning

Son, Sooel; Shmatikov, Vitaly

doi:10.1007/978-3-642-16161-2_27

Cited by 69 publications

(37 citation statements)

References 11 publications

(19 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…3) Security Threats and Countermeasures: DNS attacks commonly arise from cache poisoning [128] that mainly affects nodes employing DNS bootstrapping [17] to retrieve online peers but also users of online blockchain explorers. 3 One countermeasure is a security extension of DNS, called DNSSEC, which provides authentication and data integrity.…”

Section: B Public Network / the Internetmentioning

confidence: 99%

A Security Reference Architecture for Blockchains

Homoliak

Venugopalan

Hum

et al. 2019

2019 IEEE International Conference on Blockchain (Blockchain)

View full text Add to dashboard Cite

Due to their interesting features, blockchains have become popular in recent years. They are full-stack systems where security is a critical factor for their success. The main focus of this work is to systematize knowledge about security and privacy issues of blockchains. To this end, we propose a security reference architecture based on models that demonstrate the stacked hierarchy of various threats (similar to the ISO/OSI hierarchy) as well as threat-risk assessment using ISO/IEC 15408. In contrast to the previous surveys [39], [8], [139], [20], we focus on the categorization of security incidents based on their origins and using the proposed architecture we present existing prevention and mitigation techniques. The scope of our work mainly covers aspects related to decentralized nature of blockchains, while we mention common operational security issues and countermeasures only tangentially.Index Terms-blockchain • distributed ledgers • reference architecture • threat-risk assessment arXiv:1904.06898v1 [cs.CR]

show abstract

Section: B Public Network / the Internetmentioning

confidence: 99%

A Security Reference Architecture for Blockchains

Homoliak

Venugopalan

Hum

et al. 2019

2019 IEEE International Conference on Blockchain (Blockchain)

View full text Add to dashboard Cite

show abstract

“…Typical man-in-the-middle attacks on HTTPS rely on DNS rebinding [22,44] or cache poisoning [45,46] and on fooling the client into accepting a bogus, mis-issued, or compelled certificate [47,48]. The goal is for a network attacker to impersonate a trusted HTTPS server [49].…”

Section: Related Workmentioning

confidence: 99%

Network-based Origin Confusion Attacks against HTTPS Virtual Hosting

Delignat-Lavaud

Bhargavan

2015

Proceedings of the 24th International Conference on World Wide Web

View full text Add to dashboard Cite

We investigate current deployment practices for virtual hosting, a widely used method for serving multiple HTTP and HTTPS origins from the same server, in popular content delivery networks, cloud-hosting infrastructures, and web servers. Our study uncovers a new class of HTTPS origin confusion attacks: when two virtual hosts use the same TLS certificate, or share a TLS session cache or ticket encryption key, a network attacker may cause a page from one of them to be loaded under the other's origin in a client browser. These attacks appear when HTTPS servers are configured to allow virtual host fallback from a client-requested, secure origin to some other unexpected, less-secure origin. We present evidence that such vulnerable virtual host configurations are widespread, even on the most popular and securityscrutinized websites, thus allowing a network adversary to hijack pages, or steal secure cookies and single sign-on tokens. To prevent our virtual host confusion attacks and recover the isolation guarantees that are commonly assumed in shared hosting environments, we propose fixes to web server software and advocate conservative configuration guidelines for the composition of HTTP with TLS.

show abstract

“…An attacker may poison the cache by compromising an authoritative DNS server or by forging a response to a recursive DNS query sent by a resolver to an authoritative server. The implementation of this attack is given in [17]. Wiener [19] proposed that information encoded in the public exponent "e" might help to factor "n".…”

Section: International Journal Of Computer Applications (0975 -8887) mentioning

confidence: 99%

Spam Control Mechanism using Identity based Message Admission

Mahesh¹,

Kodada²,

M³

2013

IJCA

View full text Add to dashboard Cite

Spammers have a tremendous financial incentive to compromise user Email accounts. Many approaches to curb spam have been developed. In the traditional DKIM signature approach no Certificate Authority is used. Survey tells that most of the DNS are exploited to DNS cache poisoning attack. Further smaller keys are exposed to Wiener attack. Also DKIM does not verify the author and does not provide security after signature generation/verification. An attacker can be able to trick the recipient by masquerading as a legitimate sender and insert malicious information and send as spam Mails to other recipients. Therefore this paper addresses the issues by allowing sender to indicate that their emails are signed and encrypted using ID based mediated RSAA technique based on user identity. This system use Certificate Authority and a key Mediator in its architecture. During decryption the Key mediator does partial decryption and the recipient does full decryption of message. If original message is recovered and verified the sender message is accepted else rejected or blocked as spam message.

show abstract

The Hitchhiker’s Guide to DNS Cache Poisoning

Cited by 69 publications

References 11 publications

A Security Reference Architecture for Blockchains

A Security Reference Architecture for Blockchains

Network-based Origin Confusion Attacks against HTTPS Virtual Hosting

Spam Control Mechanism using Identity based Message Admission

Contact Info

Product

Resources

About