Zobrazeno 1 - 9
of 9
pro vyhledávání: '"Jeitner, Philipp"'
We explore the security of residential routers and find a range of critical vulnerabilities. Our evaluations show that 10 out of 36 popular routers are vulnerable to injections of fake records via misinterpretation of special characters. We also find
Externí odkaz:
http://arxiv.org/abs/2208.12003
Publikováno v:
SIGCOMM '21: Proceedings of the 2021 ACM SIGCOMM 2021 Conference, August 2021, Pages 836-849
We perform the first analysis of methodologies for launching DNS cache poisoning: manipulation at the IP layer, hijack of the inter-domain routing and probing open ports via side channels. We evaluate these methodologies against DNS resolvers in the
Externí odkaz:
http://arxiv.org/abs/2205.06085
Publikováno v:
31th USENIX Security Symposium (USENIX Security 22), 2022
We demonstrate the first downgrade attacks against RPKI. The key design property in RPKI that allows our attacks is the tradeoff between connectivity and security: when networks cannot retrieve RPKI information from publication points, they make rout
Externí odkaz:
http://arxiv.org/abs/2205.06064
Publikováno v:
30th USENIX Security Symposium (USENIX Security 21), 2021, pages 3147-3164, ISBN 978-1-939133-24-3
Internet resources form the basic fabric of the digital society. They provide the fundamental platform for digital services and assets, e.g., for critical infrastructures, financial services, government. Whoever controls that fabric effectively contr
Externí odkaz:
http://arxiv.org/abs/2205.05473
Autor:
Jeitner, Philipp, Shulman, Haya
Publikováno v:
30th USENIX Security Symposium (USENIX Security 21), 2021, pages 3165-3182, ISBN 978-1-939133-24-3
The traditional design principle for Internet protocols indicates: "Be strict when sending and tolerant when receiving" [RFC1958], and DNS is no exception to this. The transparency of DNS in handling the DNS records, also standardised specifically fo
Externí odkaz:
http://arxiv.org/abs/2205.05439
Publikováno v:
2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S), Valencia, Spain, 2020, pp. 41-42
Many applications and protocols depend on the ability to generate a pool of servers to conduct majority-based consensus mechanisms and often this is done by doing plain DNS queries. A recent off-path attack [1] against NTP and security enhanced NTP w
Externí odkaz:
http://arxiv.org/abs/2010.09331
Publikováno v:
2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
We demonstrate the first practical off-path time shifting attacks against NTP as well as against Man-in-the-Middle (MitM) secure Chronos-enhanced NTP. Our attacks exploit the insecurity of DNS allowing us to redirect the NTP clients to attacker contr
Externí odkaz:
http://arxiv.org/abs/2010.09338
Publikováno v:
2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S), Valencia, Spain, 2020, pp. 49-50
The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal for enhancing the security of NTP with Chronos against on-path attackers seems the most pro
Externí odkaz:
http://arxiv.org/abs/2010.08460
Autor:
Jeitner, Philipp
The Domain Name System (DNS) provides domain-to-address lookup-services used by almost all internet applications. Because of this ubiquitous use of the DNS, attacks against the DNS have become more and more critical. However, in the past, studies of
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::08aca66b0293827f3d57666c62606608
http://tuprints.ulb.tu-darmstadt.de/21523/
http://tuprints.ulb.tu-darmstadt.de/21523/