DNS hijacking without exploration

DNS hijacking without exploration

ID:39755031

大小:2.68 MB

页数:22页

时间:2019-07-10

DNS hijacking without exploration_第1页
DNS hijacking without exploration_第2页
DNS hijacking without exploration_第3页
DNS hijacking without exploration_第4页
DNS hijacking without exploration_第5页
资源描述:

《DNS hijacking without exploration》由会员上传分享,免费在线阅读,更多相关内容在学术论文-天天文库

1、'!Bitsquatting!DNS$Hijacking$without$Exploitation$$$$$$$$$$$$$$'''''''''''''''''''Artem&Dinaburg&(artem.dinaburg@raytheon.com,&artem@dinaburg.org)&Raytheon&Company&July,&2011&Cleared'for'public'release.'Reference'#20117307'Copyright'©'2011'Raytheon'Company.'All'rights'reserved.''1Introduction+'Com

2、puter'hardware,'especially'RAM,'can'suffer'from'random'errors'that'manifest'as'corruption'of'one'or'more'bits.'The'causes'of'these'errors'range'from'manufacturing'defects'to'environmental'factors'such'as'cosmic'rays'and'overheating.'While'the'probability'of'a'single'error'is'small,'the'total'error

3、'amount'in'all'RAM'connected'to'the'Internet'is'significant.'Malicious'attackers'can'exploit'these'random'errors'remotely.''This'paper'presents'an'attack'called'bitsquatting'that'leverages'random'errors'and'DNS'to'direct'Internet'traffic'to'attacker7controlled'destinations.'To'prove'the'feasibilit

4、y'of'bitsquatting,'several'frequently'resolved'domains'were'bitsquatted'and'all'HTTP'requests'to'the'subsequent'domains'were'logged.'An'analysis'of'six'months'of'log'data'reveals'that'virtually'every'operating'system'and'platform'is'affected.'Fortunately,'bitsquatting'attacks'are'easy'to'mitigate.

5、''The'rest'of'this'paper'is'as'follows:'Section'2'discusses'computer'hardware'errors,'the'causes'of'those'errors,'and'measured'error'rates.'Previous'use'of'bit'errors'to'defeat'security'mechanisms'is'reviewed'in'Section'3.'The'bitsquatting'attack,'intuition'behind'it,'and'the'experiment'design'is'

6、described'in'Section'4.'Six'months'of'bitsquatting'logs'from'the'experiment'are'analyzed'in'Section'5.'Effective'mitigations'and'countermeasures'against'bitsquatting'attacks'are'presented'in'Section'6.'2Computer+Hardware+Errors+'Software'writers'implicitly'assume'computer'hardware'and'other'electr

7、onic'components'operate'correctly.'This'assumption'is'not'always'true.'Computer'hardware,'including'various'information'transmission'and'storage'media,'does'experience'errors.'One'possible'hardware'error'is'a'bit

当前文档最多预览五页,下载文档查看全文

此文档下载收益归作者所有

当前文档最多预览五页,下载文档查看全文
温馨提示:
1. 部分包含数学公式或PPT动画的文件,查看预览时可能会显示错乱或异常,文件下载后无此问题,请放心下载。
2. 本文档由用户上传,版权归属用户,天天文库负责整理代发布。如果您对本文档版权有争议请及时联系客服。
3. 下载前请仔细阅读文档内容,确认文档内容符合您的需求后进行下载,若出现内容与标题不符可向本站投诉处理。
4. 下载文档时可能由于网络波动等原因无法下载或下载错误,付费完成后未能成功下载的用户请联系客服处理。