DDoS attacks threaten Internet security and stability, with attacks reaching
the Tbps range. A popular approach involves DNS-based reflection and
amplification, a type of attack in which a domain name, known to return a large
answer, is queried using spoofed requests. Do the chosen names offer the
largest amplification, however, or have we yet to see the full amplification
potential? And while operational countermeasures are proposed, chiefly limiting
responses to ‘ANY’ queries, up to what point…
DNS
The DNS TXT resource record is the one that without doubt provide users with
the most flexibility of content, as it is a largely unstructured. Although it
might be the ideal basis for storing any form of text-based information, it
also poses a security threat, as TXT records can also be used for malicious
and unintended practices. Yet, we reckon that TXT records are often overlooked
in security research. In this paper, we present the first structured study of
the uses of TXT records, with a…
The possibility to include Unicode characters in domain names allows users to
deal with domains in their regional languages. This is done by introducing
Internationalized Domain Names (IDN). However, the visual similarity between
different Unicode characters - called homoglyphs - is a potential security
threat, as visually similar domain names are often used in phishing attacks.
Timely detection of suspicious homograph domain names is an important step
towards preventing sophisticated attacks,…