| Item type |
SIG Technical Reports(1) |
| 公開日 |
2019-11-26 |
| タイトル |
|
|
タイトル |
A survey on the status of measures against IP fragmentation attacks on DNS |
| タイトル |
|
|
言語 |
en |
|
タイトル |
A survey on the status of measures against IP fragmentation attacks on DNS |
| 言語 |
|
|
言語 |
eng |
| 資源タイプ |
|
|
資源タイプ識別子 |
http://purl.org/coar/resource_type/c_18gh |
|
資源タイプ |
technical report |
| 著者所属 |
|
|
|
Graduate School of Engineering, Chukyo University |
| 著者所属 |
|
|
|
Graduate School of Engineering, Chukyo University |
| 著者所属(英) |
|
|
|
en |
|
|
Graduate School of Engineering, Chukyo University |
| 著者所属(英) |
|
|
|
en |
|
|
Graduate School of Engineering, Chukyo University |
| 著者名 |
Kenya, Ota
Tsunehiko, Suzuki
|
| 著者名(英) |
Kenya, Ota
Tsunehiko, Suzuki
|
| 論文抄録 |
|
|
内容記述タイプ |
Other |
|
内容記述 |
The risk of DNS cache poisoning attacks using IP fragmentation was presented by Herzberg and Shulman in 2012 and 2013. And we showed that the attacks are feasible, and several open-source implementations were still affected by the attacks. In the wake of our proposal, measures to major open-source implementations for ignoring NS records in Authority or Additional sections of negative response at DNS cache server, and for ignoring Path MTU Discovery at DNS authoritative server were taken. Also, DNS flag day 2020 is planned to take measures against fragmentation attacks such as reducing default EDNS buffer size. If the authoritative servers that manage TLDs or multiple zones have not been taken measures, this attack increases the risk of massive hijacking at once. In this research, we survey whether authoritative servers that manage TLDs can be affected by the attacks. |
| 論文抄録(英) |
|
|
内容記述タイプ |
Other |
|
内容記述 |
The risk of DNS cache poisoning attacks using IP fragmentation was presented by Herzberg and Shulman in 2012 and 2013. And we showed that the attacks are feasible, and several open-source implementations were still affected by the attacks. In the wake of our proposal, measures to major open-source implementations for ignoring NS records in Authority or Additional sections of negative response at DNS cache server, and for ignoring Path MTU Discovery at DNS authoritative server were taken. Also, DNS flag day 2020 is planned to take measures against fragmentation attacks such as reducing default EDNS buffer size. If the authoritative servers that manage TLDs or multiple zones have not been taken measures, this attack increases the risk of massive hijacking at once. In this research, we survey whether authoritative servers that manage TLDs can be affected by the attacks. |
| 書誌レコードID |
|
|
収録物識別子タイプ |
NCID |
|
収録物識別子 |
AA11235941 |
| 書誌情報 |
研究報告コンピュータセキュリティ(CSEC)
巻 2019-CSEC-87,
号 11,
p. 1-7,
発行日 2019-11-26
|
| ISSN |
|
|
収録物識別子タイプ |
ISSN |
|
収録物識別子 |
2188-8655 |
| Notice |
|
|
|
SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc. |
| 出版者 |
|
|
言語 |
ja |
|
出版者 |
情報処理学会 |
IPSJ-CSEC19087011.pdf (1.8 MB)
