Description
Security Track - Protocol
Although DNS based attacks aren’t a regular part of the news cycle they’re extremely common. Visibility into data from numerous sources shows DDoS attacks using DNS as a vector has been growing steadily, on a trend to double over the past 6 ½ years. As a percentage of other forms of DDoS DNS made up 65% in Q2 2024, an all time high. Duration and intensity of attacks, and assets targeted, have...
DNSBomb is a new practical and powerful pulsing DoS attack exploiting DNS queries and responses.
DNS employs a variety of mechanisms to guarantee availability, protect security, and enhance reliability. In this paper, however, we reveal that these inherent beneficial mechanisms, including timeout, query aggregation, and response fast-returning, can be transformed into malicious attack...
While DNS is often exploited for reflective DoS attacks, it can also be turned into a powerful amplifier to overload itself. We refer to this emerging type of attacks as "self-amplification". They enable an attacker to overwhelm a victim DNS server using substantially fewer requests than conventional attacks. The possibilities of such vulnerabilities have been long predicted by the designers...
Due to the criticality of the KeyTrap vulnerabilities the task force assembled to address the issues decided to prefer fast, working fixes over elaborate long-term solutions. In consequence, the short-term mitigations are sufficient to prevent impactful attacks, but their propriety as long-term fixes is limited. In this talk we propose long-term solutions to address DNSSEC validation-based...
We will review different DNS DDoS vulnerabilities identified by academic institutions over the past five years, such as NXNS, NRDelegation, and the recent CacheFlush Attacks discovered by our group.
The commonalities, differences and causal relationships between these attacks will be highlighted.
We will then discuss how these vulnerabilities were discovered and explore whether there is a...
