Standard

Zone poisoning : The how and where of non-secure DNS dynamic updates. / Korczynski, Maciej; Król, Michał; Van Eeten, Michel.

IMC 2016 - Proceedings of the 2016 ACM Internet Measurement Conference. Vol. 14-16-November-2016 Association for Computing Machinery (ACM), 2016. p. 271-278.

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Harvard

Korczynski, M, Król, M & Van Eeten, M 2016, Zone poisoning: The how and where of non-secure DNS dynamic updates. in IMC 2016 - Proceedings of the 2016 ACM Internet Measurement Conference. vol. 14-16-November-2016, Association for Computing Machinery (ACM), pp. 271-278, 2016 ACM Internet Measurement Conference, IMC 2016, Santa Monica, United States, 14/11/16. https://doi.org/10.1145/2987443.2987477

APA

Korczynski, M., Król, M., & Van Eeten, M. (2016). Zone poisoning: The how and where of non-secure DNS dynamic updates. In IMC 2016 - Proceedings of the 2016 ACM Internet Measurement Conference (Vol. 14-16-November-2016, pp. 271-278). Association for Computing Machinery (ACM). https://doi.org/10.1145/2987443.2987477

Vancouver

Korczynski M, Król M, Van Eeten M. Zone poisoning: The how and where of non-secure DNS dynamic updates. In IMC 2016 - Proceedings of the 2016 ACM Internet Measurement Conference. Vol. 14-16-November-2016. Association for Computing Machinery (ACM). 2016. p. 271-278 https://doi.org/10.1145/2987443.2987477

Author

Korczynski, Maciej ; Król, Michał ; Van Eeten, Michel. / Zone poisoning : The how and where of non-secure DNS dynamic updates. IMC 2016 - Proceedings of the 2016 ACM Internet Measurement Conference. Vol. 14-16-November-2016 Association for Computing Machinery (ACM), 2016. pp. 271-278

BibTeX

@inproceedings{ea94cc79ea514c6c9e7ea6e9142f5811,
title = "Zone poisoning: The how and where of non-secure DNS dynamic updates",
abstract = "This paper illuminates the problem of non-secure DNS dynamic updates, which allow a miscreant to manipulate DNS entries in the zone files of authoritative name servers. We refer to this type of attack as to zone poisoning. This paper presents the first measurement study of the vulnerability. We analyze a random sample of 2.9 million domains and the Alexa top 1 million domains and find that at least 1,877 (0.065{\%}) and 587 (0.062{\%}) of domains are vulnerable, respectively. Among the vulnerable domains are governments, health care providers and banks, demonstrating that the threat impacts important services. Via this study and subsequent notifications to affected parties, we aim to improve the security of the DNS ecosystem.",
keywords = "Domain Name System, Dynamic updates, Measurement, Security, Zone poisoning",
author = "Maciej Korczynski and Michał Kr{\'o}l and {Van Eeten}, Michel",
year = "2016",
month = "11",
day = "14",
doi = "10.1145/2987443.2987477",
language = "English",
volume = "14-16-November-2016",
pages = "271--278",
booktitle = "IMC 2016 - Proceedings of the 2016 ACM Internet Measurement Conference",
publisher = "Association for Computing Machinery (ACM)",
address = "United States",

}

RIS

TY - GEN

T1 - Zone poisoning

T2 - The how and where of non-secure DNS dynamic updates

AU - Korczynski, Maciej

AU - Król, Michał

AU - Van Eeten, Michel

PY - 2016/11/14

Y1 - 2016/11/14

N2 - This paper illuminates the problem of non-secure DNS dynamic updates, which allow a miscreant to manipulate DNS entries in the zone files of authoritative name servers. We refer to this type of attack as to zone poisoning. This paper presents the first measurement study of the vulnerability. We analyze a random sample of 2.9 million domains and the Alexa top 1 million domains and find that at least 1,877 (0.065%) and 587 (0.062%) of domains are vulnerable, respectively. Among the vulnerable domains are governments, health care providers and banks, demonstrating that the threat impacts important services. Via this study and subsequent notifications to affected parties, we aim to improve the security of the DNS ecosystem.

AB - This paper illuminates the problem of non-secure DNS dynamic updates, which allow a miscreant to manipulate DNS entries in the zone files of authoritative name servers. We refer to this type of attack as to zone poisoning. This paper presents the first measurement study of the vulnerability. We analyze a random sample of 2.9 million domains and the Alexa top 1 million domains and find that at least 1,877 (0.065%) and 587 (0.062%) of domains are vulnerable, respectively. Among the vulnerable domains are governments, health care providers and banks, demonstrating that the threat impacts important services. Via this study and subsequent notifications to affected parties, we aim to improve the security of the DNS ecosystem.

KW - Domain Name System

KW - Dynamic updates

KW - Measurement

KW - Security

KW - Zone poisoning

UR - http://www.scopus.com/inward/record.url?scp=85000578154&partnerID=8YFLogxK

U2 - 10.1145/2987443.2987477

DO - 10.1145/2987443.2987477

M3 - Conference contribution

VL - 14-16-November-2016

SP - 271

EP - 278

BT - IMC 2016 - Proceedings of the 2016 ACM Internet Measurement Conference

PB - Association for Computing Machinery (ACM)

ER -

ID: 57302811