论文信息 - Study of DNS Rebinding Attacks on Smart Home Devices

Study of DNS Rebinding Attacks on Smart Home Devices

DNS rebinding is an attack technique know for more than 20 years, which is experiencing a revival caused by the ever-increasing networking of Internet of Things (IoT) devices. Thus, the potential attack surface is growing rapidly, and this paper shows that DNS rebinding attacks on many smart home devices are still successful. Nevertheless, various conditions must be fulfilled for this type of attack. This leads to the fact that such attacks rarely occur in practice since router vendors often provide DNS rebinding protection. Nevertheless, we believe that it is valuable to investigate whether individual devices are theoretically vulnerable and to create a certain awareness so that the existing countermeasures are used correctly.

Thorsten Holz | Dennis Tatang | Tim Suurland

[1] Georgios Kambourakis,et al. DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[2] Martin Johns,et al. Protecting the Intranet Against "JavaScript Malware" and Related Attacks , 2007, DIMVA.

[3] Yakov Rekhter,et al. Address Allocation for Private Internets , 1994, RFC.

[4] Dan Boneh,et al. Protecting browsers from DNS rebinding attacks , 2009, ACM Trans. Web.

[5] Yunxing Dai,et al. FireDrill: Interactive DNS Rebinding , 2013, WOOT.

[6] Nick Feamster,et al. Web-based Attacks to Discover and Control Local IoT Devices , 2018, IoT S&P@SIGCOMM.

[7] Thorsten Holz,et al. Large-Scale Analysis of Infrastructure-Leaking DNS Servers , 2019, DIMVA.

[8] Ben Stock,et al. Eradicating DNS Rebinding with the Extended Same-origin Policy , 2013, USENIX Security Symposium.

[9] Dan S. Wallach,et al. Java security: from HotJava to Netscape and beyond , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[10] Jeremiah Grossman,et al. XSS Attacks: Cross Site Scripting Exploits and Defense , 2007 .

[11] David A. Wagner,et al. Dynamic pharming attacks and locked same-origin policies for web browsers , 2007, CCS '07.