Speaker
Jaeson Schultz
(Cisco Systems, Inc)
Description
Bit errors in memory, when they occur in a stored domain name, can direct Internet traffic to the wrong location, potentially compromising security. When a domain name one bit different from a target domain is registered in order to intercept traffic for malicious purposes, the attack is called bitsquatting. For example, by changing only one bit, a target domain such as “twitter.com” can become the bitsquat domain “twitte2.com”.
Summary
Bitsquatting attacks are more practical now than ever before, and the effects of bit errors on not only domains but also on application level protocols can be unexpected. This DNS research project describes several previously unknown vectors for bitsquatting attacks, then presents some general statistics about the scope of the bitsquatting problem, and finally proposes some novel mitigations which do not involve the mass registration of additional domains.
Primary author
Jaeson Schultz
(Cisco Systems, Inc)
