1 |
Cache Poisoning in DNS over HTTPS clientsBlidborg, Emilia, Gunnarsson, Caroline January 2020 (has links)
DNS over HTTPS (DoH) is a protocol used to send traditional DNS traffic over HTTPS. This causes the DNS name resolving traffic to be encrypted and transmitted over the same port as regular HTTPS traffic. This thesis maps a number of previous vulnerabilities in DNS and compares those risks with the DoH protocol and its implementation, mainly focusing on cache poisoning. A number of attacks from a DoH server to a DoH client are applied. The results show that it is possible to inject incorrect data into the DoH client’s cache. The consequences of this can be extensive, an example of this is a redirect to a malicious webpage, which when using DoH can be difficult to detect because the DNS traffic is encrypted. Further work is needed to mitigate the security holes discovered, as well as to further identify potential threats.
|
2 |
Current practices for DNS Privacy : Protection towards pervasive surveillance / DNS 프라이버시에 대한 현상황 : 광범위한 감시에 대한 보호Lee, Songho January 2019 (has links)
Current usage of the DNS system is a significant loophole of Internet users' privacy, as all queries and answers for resolving web address are not protected in most cases. The report elaborates which Internet users' privacy interests exist, and presents the current technologies to enhance DNS Privacy through a systematic literature review. The report also explores the limitations of the current practices and presents several proposals such as DNS-over-Tor and methods to change the trusted recursive resolver to mitigate current limitations periodically. / Den nuvarande användningen av DNS-systemet är ett signifikant kryphål för internetanvändares integritet, eftersom alla frågor och svar som krävs för att konvertera en webbadress till IP-adress inte skyddas i de flesta fall. Rapporten identifierar internetanvändarnas integritetsintressen och presenterar den nuvarande tekniken som syftar till att förbättra DNS-sekretessen genom en systematisk litteraturgranskning. Rapporten undersöker också begränsningarna i den nuvarande praxis och redovisar flera förslag såsom DNS-över-Tor och metoder som möjliggör periodiskt ändring av rekursiva resolvrar, och de metoderna förväntas att minimera integritetsläckor.
|
Page generated in 0.0458 seconds