Cache Poisoning Attack - Explore the Science & Experts | ideXlab

Scan Science and Technology

Contact Leading Edge Experts & Companies

Cache Poisoning Attack

The Experts below are selected from a list of 177 Experts worldwide ranked by ideXlab platform

Nael Abu-ghazaleh – 1st expert on this subject based on the ideXlab platform

  • INFOCOM – Collaborative Client-Side DNS Cache Poisoning Attack
    IEEE INFOCOM 2019 – IEEE Conference on Computer Communications, 2019
    Co-Authors: Fatemah Alharbi, Jie Chang, Yuchen Zhou, Feng Qian, Zhiyun Qian, Nael Abu-ghazaleh

    Abstract:

    DNS Poisoning Attacks inject malicious entries into the DNS resolution system, allowing an Attacker to redirect clients to malicious servers. These Attacks typically target a DNS resolver allowing Attackers to poison a DNS entry for all machines that use the compromised resolver. However, recent defenses can effectively protect resolvers rendering classical DNS Poisoning Attacks ineffective. In this paper, we present a new class of DNS Poisoning Attacks targeting the client-side DNS Cache. The Attack initiates DNS Poisoning on the client Cache, which is used in all main stream operating systems to improve DNS performance, circumventing defenses targeting resolvers. Our Attack allows an off-path Attacker to collaborate with a piece of an unprivileged malware to poison the OS-wide DNS Cache on a client machine. We developed the Attack on Windows, Mac OS, and Ubuntu Linux. Interestingly, the behaviors of the three operating systems are distinct and the vulnerabilities require different strategies to exploit. We also generalize the Attack to work even when the client is behind a Network Address Translation (NAT) router. Our results show that we can reliably inject malicious DNS mappings, with on average, an order of tens of seconds. Finally, we propose a defense against this type of Poisoning Attacks.

  • Collaborative Client-Side DNS Cache Poisoning Attack
    IEEE INFOCOM 2019 – IEEE Conference on Computer Communications, 2019
    Co-Authors: Fatemah Alharbi, Jie Chang, Yuchen Zhou, Feng Qian, Zhiyun Qian, Nael Abu-ghazaleh

    Abstract:

    DNS Poisoning Attacks inject malicious entries into the DNS resolution system, allowing an Attacker to redirect clients to malicious servers. These Attacks typically target a DNS resolver allowing Attackers to poison a DNS entry for all machines that use the compromised resolver. However, recent defenses can effectively protect resolvers rendering classical DNS Poisoning Attacks ineffective. In this paper, we present a new class of DNS Poisoning Attacks targeting the client-side DNS Cache. The Attack initiates DNS Poisoning on the client Cache, which is used in all main stream operating systems to improve DNS performance, circumventing defenses targeting resolvers. Our Attack allows an off-path Attacker to collaborate with a piece of an unprivileged malware to poison the OS-wide DNS Cache on a client machine. We developed the Attack on Windows, Mac OS, and Ubuntu Linux. Interestingly, the behaviors of the three operating systems are distinct and the vulnerabilities require different strategies to exploit. We also generalize the Attack to work even when the client is behind a Network Address Translation (NAT) router. Our results show that we can reliably inject malicious DNS mappings, with on average, an order of tens of seconds. Finally, we propose a defense against this type of Poisoning Attacks.

Toru Fujiwara – 2nd expert on this subject based on the ideXlab platform

  • ISITA – Web security model with Cache
    , 2016
    Co-Authors: Hayato Shimamoto, Naoto Yanai, Shingo Okamura, Toru Fujiwara

    Abstract:

    Cache is a mechanism in a web system to store web contents in order to provide them efficiently. Since there is an Attack called a browser Cache Poisoning Attack where an adversary utilizes a web Cache, analyzing the security under environments with a Cache is necessary. Based on this motivation, we discuss a potential weakness of the existing security model due to a lack of a Cache, and then propose a new security model by introducing the Cache. In particular, we define main capability of a Cache and headers to control the Cache, and introduce intermediaries which are entities to deal with a Cache. We furthermore identify a fact that these approaches are able to deal with the more strong adversary’s capability by discussing how to execute the browser Cache Poisoning Attack in the proposed model. We implement a part of the proposed model by Alloy.

  • Web security model with Cache
    2016 International Symposium on Information Theory and Its Applications (ISITA), 2016
    Co-Authors: Hayato Shimamoto, Naoto Yanai, Shingo Okamura, Toru Fujiwara

    Abstract:

    Cache is a mechanism in a web system to store web contents in order to provide them efficiently. Since there is an Attack called a browser Cache Poisoning Attack where an adversary utilizes a web Cache, analyzing the security under environments with a Cache is necessary. Based on this motivation, we discuss a potential weakness of the existing security model due to a lack of a Cache, and then propose a new security model by introducing the Cache. In particular, we define main capability of a Cache and headers to control the Cache, and introduce intermediaries which are entities to deal with a Cache. We furthermore identify a fact that these approaches are able to deal with the more strong adversary’s capability by discussing how to execute the browser Cache Poisoning Attack in the proposed model. We implement a part of the proposed model by Alloy.

Fatemah Alharbi – 3rd expert on this subject based on the ideXlab platform

  • INFOCOM – Collaborative Client-Side DNS Cache Poisoning Attack
    IEEE INFOCOM 2019 – IEEE Conference on Computer Communications, 2019
    Co-Authors: Fatemah Alharbi, Jie Chang, Yuchen Zhou, Feng Qian, Zhiyun Qian, Nael Abu-ghazaleh

    Abstract:

    DNS Poisoning Attacks inject malicious entries into the DNS resolution system, allowing an Attacker to redirect clients to malicious servers. These Attacks typically target a DNS resolver allowing Attackers to poison a DNS entry for all machines that use the compromised resolver. However, recent defenses can effectively protect resolvers rendering classical DNS Poisoning Attacks ineffective. In this paper, we present a new class of DNS Poisoning Attacks targeting the client-side DNS Cache. The Attack initiates DNS Poisoning on the client Cache, which is used in all main stream operating systems to improve DNS performance, circumventing defenses targeting resolvers. Our Attack allows an off-path Attacker to collaborate with a piece of an unprivileged malware to poison the OS-wide DNS Cache on a client machine. We developed the Attack on Windows, Mac OS, and Ubuntu Linux. Interestingly, the behaviors of the three operating systems are distinct and the vulnerabilities require different strategies to exploit. We also generalize the Attack to work even when the client is behind a Network Address Translation (NAT) router. Our results show that we can reliably inject malicious DNS mappings, with on average, an order of tens of seconds. Finally, we propose a defense against this type of Poisoning Attacks.

  • Collaborative Client-Side DNS Cache Poisoning Attack
    IEEE INFOCOM 2019 – IEEE Conference on Computer Communications, 2019
    Co-Authors: Fatemah Alharbi, Jie Chang, Yuchen Zhou, Feng Qian, Zhiyun Qian, Nael Abu-ghazaleh

    Abstract:

    DNS Poisoning Attacks inject malicious entries into the DNS resolution system, allowing an Attacker to redirect clients to malicious servers. These Attacks typically target a DNS resolver allowing Attackers to poison a DNS entry for all machines that use the compromised resolver. However, recent defenses can effectively protect resolvers rendering classical DNS Poisoning Attacks ineffective. In this paper, we present a new class of DNS Poisoning Attacks targeting the client-side DNS Cache. The Attack initiates DNS Poisoning on the client Cache, which is used in all main stream operating systems to improve DNS performance, circumventing defenses targeting resolvers. Our Attack allows an off-path Attacker to collaborate with a piece of an unprivileged malware to poison the OS-wide DNS Cache on a client machine. We developed the Attack on Windows, Mac OS, and Ubuntu Linux. Interestingly, the behaviors of the three operating systems are distinct and the vulnerabilities require different strategies to exploit. We also generalize the Attack to work even when the client is behind a Network Address Translation (NAT) router. Our results show that we can reliably inject malicious DNS mappings, with on average, an order of tens of seconds. Finally, we propose a defense against this type of Poisoning Attacks.