Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Detection and forensics of domains hijacking

 
: Borgwart, Andreas; Boukoros, Spyros; Shulman, Haya; Royeen, Carel van; Waidner, Michael

:

Institute of Electrical and Electronics Engineers -IEEE-:
IEEE Global Communications Conference, GLOBECOM 2015. Proceedings : 6-10 December 2015, San Diego, California
Piscataway, NJ: IEEE, 2015
ISBN: 978-1-4799-5952-5 (electronic)
ISBN: 978-1-4799-5951-8 (USB)
ISBN: 978-1-4799-5953-2 (Print on Demand)
6 S.
Global Communications Conference (GLOBECOM) <2015, San Diego/Calif.>
Englisch
Konferenzbeitrag
Fraunhofer SIT ()

Abstract
The naming service provided by Domain Name System (DNS) is essential for locating resources on the Internet, for distributing security mechanisms in an authenticated manner, and for facilitating future applications. Unfortunately, despite the critical function that the naming service of the DNS infrastructure fulfills, it is extremely vulnerable to domain hijacking attacks. While most of the attacks go undetected, they are detrimental for the availability of the Internet services, and the security and privacy of clients and networks. We designed and developed a system, we call LUDIC (LookUp DIstributed Cache), for detection of domain hijacking attacks. Our system also enables forensic analysis and provides victims with signed evidences allowing them to prove breaches to third parties, such as a court of law or a resolution authority. LUDIC uses distributed vantage points to validate DNS records, and does not require establishing a chain of trust to a centralised trust anchor, hence sidestepping the adoption challenges inherent in DNSSEC. Our system does not introduce any changes to the existing infrastructure and can be easily integrated into an Intrusion Detection System (IDS) or a firewall, while providing an immediate benefit to adopters.

: http://publica.fraunhofer.de/dokumente/N-382535.html