The Role of DNS TTL Values in Potential DDoS Attacks: What Do the Major Banks Know About It?
暂无分享,去创建一个
In this paper, we examine the impact of DNS TTL values on the overall user experience in accessing a web site. We demonstrate that a web-site that utilizes inappropriate DNS TTL values could experience damaging and costly consequences, especially if falling victim to a DDoS attack. Subsequently, we represent the results of our survey that has looked into the DNS TTL values of the major US and EU banks. The results of this survey show that in the world of financial institutions, the level of assets and public exposure is highly correlated with the level of sophistication in DNS (Record) management. Specifically, we show that a number of (often smaller-scale) banks choose inappropriately long DNS TTL values, creating a vulnerability that could be easily exploited by an adversary.
[1] Bruce M. Maggs,et al. Globally Distributed Content Delivery , 2002, IEEE Internet Comput..
[2] Peter Reiher,et al. A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.
[3] Ron Aitchison,et al. Pro DNS and BIND 10 , 2011 .
[4] Saleem N. Bhatti,et al. Reducing DNS caching , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).