Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Internet-wide study of DNS cache injections

: Klein, A.; Shulman, H.; Waidner, M.


Akan, O. ; Institute of Electrical and Electronics Engineers -IEEE-:
IEEE INFOCOM 2017, IEEE Conference on Computer Communications : 1-4 May 2017, Atlanta, Georgia, USA
Piscataway, NJ: IEEE, 2017
ISBN: 978-1-5090-5336-0
ISBN: 978-1-5090-5337-7
Conference on Computer Communications (INFOCOM) <2017, Atlanta/Ga.>
Fraunhofer SIT ()

DNS caches are an extremely important tool, providing services for DNS as well as for a multitude of applications, systems and security mechanisms, such as anti-spam defences, routing security (e.g., RPKI), firewalls. Subverting the security of DNS is detrimental to the stability and security of the clients and services, and can facilitate attacks, circumventing even cryptographic mechanisms. We study the caching component of DNS resolution platforms in diverse networks in the Internet, and evaluate injection vulnerabilities allowing cache poisoning attacks. Our evaluation includes networks of leading Internet Service Providers and enterprises, and professionally managed open DNS resolvers. We test injection vulnerabilities against known payloads as well as a new class of indirect attacks that we define in this work. Our Internet evaluation indicates that more than 92% of the Internet's DNS resolution platforms are vulnerable to records injection and can be persistently poisoned.