Zone poisoning

None, None; None, None; None, None

Zone poisoning

The how and where of non-secure DNS dynamic updates

Conference Paper (2016)

Author(s)

M.T. Korczynski (TU Delft - Organisation & Governance)

Michał Król (EA 4297 TIMR UTC/ESCOM)

Michel Van Eeten (TU Delft - Organisation & Governance)

Research Group

Organisation & Governance

DOI related publication

https://doi.org/10.1145/2987443.2987477

Security Measurement Domain Name System Zone poisoning Dynamic updates

To reference this document use:

https://resolver.tudelft.nl/uuid:ea94cc79-ea51-4c6c-9e7e-a6e9142f5811

More Info

expand_more

Publication Year

2016

Language

English

Research Group

Organisation & Governance

Volume number

14-16-November-2016

Pages (from-to)

271-278

ISBN (electronic)

9781450345262

Abstract

This paper illuminates the problem of non-secure DNS dynamic updates, which allow a miscreant to manipulate DNS entries in the zone files of authoritative name servers. We refer to this type of attack as to zone poisoning. This paper presents the first measurement study of the vulnerability. We analyze a random sample of 2.9 million domains and the Alexa top 1 million domains and find that at least 1,877 (0.065%) and 587 (0.062%) of domains are vulnerable, respectively. Among the vulnerable domains are governments, health care providers and banks, demonstrating that the threat impacts important services. Via this study and subsequent notifications to affected parties, we aim to improve the security of the DNS ecosystem.

No files available

Metadata only record. There are no files for this record.