CISPA
Browse

DNS Unchained: Amplified Application-Layer DoS Attacks Against DNS Authoritatives

Download (350.13 kB)
conference contribution
posted on 2023-11-29, 18:08 authored by Jonas Bushart, Christian RossowChristian Rossow
We present DNS Unchained, a new application-layer DoS attack against core DNS infrastructure that for the first time uses amplification. To achieve an attack amplification of 8.51, we carefully chain CNAME records and force resolvers to perform deep name resolutions — effectively overloading a target authoritative name server with valid requests. We identify 178508 potential amplifiers, of which 74.3% can be abused in such an attack due to the way they cache records with low Time-to-Live values. In essence, this allows a single modern consumer uplink to downgrade availability of large DNS setups. To tackle this new threat, we conclude with an overview of countermeasures and suggestions for DNS servers to limit the impact of DNS chaining attacks.

History

Preferred Citation

Jonas Bushart and Christian Rossow. DNS Unchained: Amplified Application-Layer DoS Attacks Against DNS Authoritatives. In: The International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 2018.

Primary Research Area

  • Threat Detection and Defenses

Name of Conference

The International Symposium on Research in Attacks, Intrusions and Defenses (RAID)

Legacy Posted Date

2018-07-02

Open Access Type

  • Unknown

BibTeX

@inproceedings{cispa_all_2624, title = "DNS Unchained: Amplified Application-Layer DoS Attacks Against DNS Authoritatives", author = "Bushart, Jonas and Rossow, Christian", booktitle="{The International Symposium on Research in Attacks, Intrusions and Defenses (RAID)}", year="2018", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC