Home > Research > Publications & Outputs > Poster: Fragmentation Attacks on DNS over TCP

Research

Links

Text available via DOI:

View graph of relations

Poster: Fragmentation Attacks on DNS over TCP

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published

Standard

Poster: Fragmentation Attacks on DNS over TCP. / Dai, Tianxiang; Shulman, Haya; Waidner, Michael.
2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS). IEEE, 2021.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Harvard

Dai, T, Shulman, H & Waidner, M 2021, Poster: Fragmentation Attacks on DNS over TCP. in 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS). IEEE. https://doi.org/10.1109/icdcs51616.2021.00118

APA

Dai, T., Shulman, H., & Waidner, M. (2021). Poster: Fragmentation Attacks on DNS over TCP. In 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS) IEEE. https://doi.org/10.1109/icdcs51616.2021.00118

Vancouver

Dai T, Shulman H, Waidner M. Poster: Fragmentation Attacks on DNS over TCP. In 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS). IEEE. 2021 Epub 2021 Jul 7. doi: 10.1109/icdcs51616.2021.00118

Author

Dai, Tianxiang ; Shulman, Haya ; Waidner, Michael. / Poster: Fragmentation Attacks on DNS over TCP. 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS). IEEE, 2021.

Bibtex

@inproceedings{6b52ce78667c4601a82f9f37dd22de92,
title = "Poster: Fragmentation Attacks on DNS over TCP",
abstract = "The research and operational community believe that TCP provides protection against IP fragmentation based attacks and recommend that servers avoid sending responses over UDP and use TCP instead. In this work we show for the first time that IP fragmentation attacks may also apply to communication over TCP. We perform a study of the nameservers in the 100K-top Alexa domains and find that 454 domains are vulnerable to IP fragmentation attacks. Of these domains, we find 366 additional domains that are vulnerable only to IP fragmentation attacks on communication with TCP. We also find that the servers vulnerable to TCP fragmentation can be forced to fragment packets to much smaller sizes (of less than 292 bytes) than servers vulnerable to UDP fragmentation (not below 548 bytes). This makes the impact of the attacks against servers vulnerable to fragmentation of TCP segments much more detrimental. Our study not only shows that the recommendation to use TCP and avoid UDP is risky but it also shows that the attack surface due to fragmentation is larger than was previously believed. We evaluate known IP fragmentation-based DNS cache poisoning attacks against DNS responses over TCP.",
author = "Tianxiang Dai and Haya Shulman and Michael Waidner",
year = "2021",
month = oct,
day = "4",
doi = "10.1109/icdcs51616.2021.00118",
language = "English",
isbn = "9781665445146",
booktitle = "2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS)",
publisher = "IEEE",

}

RIS

TY - GEN

T1 - Poster: Fragmentation Attacks on DNS over TCP

AU - Dai, Tianxiang

AU - Shulman, Haya

AU - Waidner, Michael

PY - 2021/10/4

Y1 - 2021/10/4

N2 - The research and operational community believe that TCP provides protection against IP fragmentation based attacks and recommend that servers avoid sending responses over UDP and use TCP instead. In this work we show for the first time that IP fragmentation attacks may also apply to communication over TCP. We perform a study of the nameservers in the 100K-top Alexa domains and find that 454 domains are vulnerable to IP fragmentation attacks. Of these domains, we find 366 additional domains that are vulnerable only to IP fragmentation attacks on communication with TCP. We also find that the servers vulnerable to TCP fragmentation can be forced to fragment packets to much smaller sizes (of less than 292 bytes) than servers vulnerable to UDP fragmentation (not below 548 bytes). This makes the impact of the attacks against servers vulnerable to fragmentation of TCP segments much more detrimental. Our study not only shows that the recommendation to use TCP and avoid UDP is risky but it also shows that the attack surface due to fragmentation is larger than was previously believed. We evaluate known IP fragmentation-based DNS cache poisoning attacks against DNS responses over TCP.

AB - The research and operational community believe that TCP provides protection against IP fragmentation based attacks and recommend that servers avoid sending responses over UDP and use TCP instead. In this work we show for the first time that IP fragmentation attacks may also apply to communication over TCP. We perform a study of the nameservers in the 100K-top Alexa domains and find that 454 domains are vulnerable to IP fragmentation attacks. Of these domains, we find 366 additional domains that are vulnerable only to IP fragmentation attacks on communication with TCP. We also find that the servers vulnerable to TCP fragmentation can be forced to fragment packets to much smaller sizes (of less than 292 bytes) than servers vulnerable to UDP fragmentation (not below 548 bytes). This makes the impact of the attacks against servers vulnerable to fragmentation of TCP segments much more detrimental. Our study not only shows that the recommendation to use TCP and avoid UDP is risky but it also shows that the attack surface due to fragmentation is larger than was previously believed. We evaluate known IP fragmentation-based DNS cache poisoning attacks against DNS responses over TCP.

U2 - 10.1109/icdcs51616.2021.00118

DO - 10.1109/icdcs51616.2021.00118

M3 - Conference contribution/Paper

SN - 9781665445146

BT - 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS)

PB - IEEE

ER -