An Analysis of DepenDNS

13 years 9 months ago

Download www.isg.rhul.ac.uk

Recently, a new scheme to protect clients against DNS cache poisoning attacks was introduced. The scheme is referred to as DepenDNS and is intended to protect clients against such attacks while being secure, practical, efficient and conveniently deployable. In our paper we examine the security and the operational aspects of DepenDNS. We highlight a number of severe operational deficiencies that the scheme has failed to address. We show that cache poisoning and denial of service attacks are possible against the scheme. We also demonstrate a high factor amplification attack against DepenDNS, which can lead to a large scale Internet denial of service attack. Our findings and recommendations have been validated with real data collected over time. Keywords DNS, DepenDNS, DNS cache poisoning, Denial of Service, Amplfication.

Nadhem J. AlFardan, Kenneth G. Paterson

Real-time Traffic

Cache | Information Technology | ISW 2010 | Service Attack | Severe Operational Deficiencies |

claim paper

Post Info
More Details (n/a)

Added	13 Feb 2011
Updated	13 Feb 2011
Type	Journal
Year	2010
Where	ISW
Authors	Nadhem J. AlFardan, Kenneth G. Paterson

Comments (0)

Sciweavers

An Analysis of DepenDNS

Cache | Information Technology | ISW 2010 | Service Attack | Severe Operational Deficiencies |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers