An analysis of DepenDNS. (English)
Burmester, Mike (ed.) et al., Information security. 13th international conference, ISC 2010, Boca Raton, FL, USA, October 25‒28, 2010. Revised selected papers. Berlin: Springer (ISBN 978-3-642-18177-1/pbk). Lecture Notes in Computer Science 6531, 31-38 (2011).
Summary: Recently, a new scheme to protect clients against DNS cache poisoning attacks was introduced. The scheme is referred to as DepenDNS and is intended to protect clients against such attacks while being secure, practical, efficient and conveniently deployable. In our paper we examine the security and the operational aspects of DepenDNS. We highlight a number of severe operational deficiencies that the scheme has failed to address. We show that cache poisoning and denial of service attacks are possible against the scheme. Our findings and recommendations have been validated with real data collected over time.
Start
Contact
Print
General Help
