Protecting Browsers from DNS Rebinding Attacks and Enhancing Byte-Level Network Intrusion Detection Signatures with Context
University Maryland College University
Monitoring, Auditing, Intrusion Detection, Intrusion Prevention, and Penetration Testing
November 9, 2014
Review of paper #1 4
Article ...view middle of the document...
This paper will showcase two papers debating DNS rebinding onslaughts and enhancing byte-level Network Intrusion Detection System (NIDS). A DNS rebinding onslaught put in jeopardy the honor of brand determination in DNS with the objective of governing the IP address of the host and that the prey finally joins. The same origin policy and DNS
The second paper outlines the mechanics of signature equivalency NIDS and procedures for embellishing the machination of that process. NIDS furnish a priceless apparatus for network managers to discover illegal network traffic. Sommer and Paxson (2003) detailed how increasing background signatures to an adjustable stage like NIDS spreads the capability of the network. The writer’s review the process of the benefits and constraints, improvement points, examination of the network and similar endeavors.
Review of paper #1
Jackson, C., Barth, A., Bortz, A., Shao, W., & Boneh, D. (2009). Protecting browsers from DNS rebinding attacks. ACM Transactions on the Web, 3(1), 1 -26. doi.acm.org/10.1145/1462148.1462150.
This report deliberated the DNS rebinding attacks impairing the same-origin procedure of browsers, modifying them into clear network proxies. A perpetrator can avoid consortiums and distinctive firewalls, deliver unsolicited email, and exploit pay-per-click promoters utilizing DNS rebinding. The author determines the overhead importance of intensifying DNS rebinding attacks, noticing that a perpetrator commands lower than $100 to seize 100,000 IP addresses. The author examines countermeasures to DNS rebinding attacks, consisting of enhancements to the ideal “DNS pinning,” and propose modifications to browser plug-ins, firewalls, and Web servers. They’re countermeasures have been embraced by plug-in sellers and by many free public accessible firewall applications.
What are the article’s main contributions and strengths?
The main contributions and strengths of the article are the use of pinning to defend against DNS rebinding. DNS rebinding attacks impairs the same-origin standard by complicating the browser into stirring subject matter regulated by unequal quantities into an independent security baseline. A perpetrator can avoid firewalls to spider enterprise internal networks, steal classified records, and expose interior servers that are not patched utilizing DNS rebinding. A perpetrator can also seize a customer’s IP address to deliver unsolicited email and to exploit pay-per-click promoters. DNS rebinding weaknesses allows the perpetrator...