DARKReading/Alharbiについて、ここに記述してください。
https://twitter.com/securityflower/status/1095191066020466688
Collaborative Client-Side DNS Cache PoisoningAttackFatemah Alharbi∗†, Jie Chang‡, Yuchen Zhou§, Feng Qian¶, Zhiyun Qian∗, and Nael Abu-Ghazaleh
∗∗Computer Science Department,University of California
Riverside{falha08@,zhiyunq@cs.,nael@cs.}ucr.edu†Taibah University,Yanbu, Saudi Arabiafmhharbi@taibahu.edu.sa‡LinkSure Network,Chinachangjie@wifi.com§Information Assurance DepartmentNortheastern Universityzhou.yuc@husky.neu.edu¶Computer Science DepartmentUniversity of Minnesota – Twin Cityfengqian@umn.edu
Abstract— DNS poisoning attacks inject malicious entries intothe DNS resolution system,
allowing an attacker to redirectclients to malicious servers.
These attacks typically target a DNSresolver allowing attackers to poison a DNS entry for all machinesthat use the compromised resolver.
However, recent defenses can effectively protect resolvers rendering classical DNS poisoningattacks ineffective.
In this paper, we present a new class of DNSpoisoning attacks targeting the client-side DNS cache.
The attack initiates DNS poisoning on the client cache, which is used in all main stream operating systems to improve DNS performance,circumventing defenses targeting resolvers.
Our attack allows an off-path attacker to collaborate with a piece of an unprivilegedmalware to poison the OS-wide DNS cache on a client machine.
We developed the attack on Windows, Mac OS, and UbuntuLinux. Interestingly, the behaviors of the three operating systemsare distinct and the vulnerabilities require different strategies toexploit.
We also generalize the attack to work even when theclient is behind a Network Address Translation (NAT) router. Our results show that we can reliably inject malicious DNS mappings,with on average, an order of tens of seconds.
Finally, we proposea defense against this type of poisoning attacks.