[Busec] Fwd: RISCS/Hariri Institute seminar: Amir Herzberg, DNS Poisoning: New Attacks and Defenses - Wednesday, Feb. 13, at the Hariri Institute

Leonid Reyzin reyzin at cs.bu.edu
Fri Feb 8 17:03:28 EST 2013


---------- Forwarded message ----------
From: Treese, Win <treese at bu.edu>
Date: Wed, Feb 6, 2013 at 2:44 PM
Subject: RISCS/Hariri Institute seminar: Amir Herzberg, DNS Poisoning: New
Attacks and Defenses - Wednesday, Feb. 13, at the Hariri Institute
To: "faculty-affiliates at hic.bu.edu" <faculty-affiliates at hic.bu.edu>


  The Center for Reliable Information Systems and Cyber Security, and the
Hariri Institute, are pleased to present:
 DNS Poisoning: New Attacks and Defenses

Prof. Amir Herzberg
Associate Professor of Computer Science
Bar-Ilan University

10:00 AM on Wednesday, February 13, 2013
Hariri Institute Conference Room, MCS–180

*Abstract*

The Domain Name System (DNS) is key to the operation of the Internet, and
its security is critical to prevent a variety of threats. Cryptographic
defenses were designed (DNSSEC), but are not widely deployed; instead,
multiple challenge-response defenses are used. However, we show how
attackers may be able to poison in spite of these defenses; specifically:

   - Circumvent source port randomisation, in the (common) case where the
   resolver connects to the Internet via different NAT devices.
   - Circumvent IP address randomisation, using some (standard-conforming)
   resolvers. -Circumvent query randomisation, including both randomisation by
   prepending a random nonce and case randomisation (0x20 encoding).

 We present countermeasures preventing our attacks; however, a better
conclusion is to adopt good cryptographic security such as DNSSEC.
Depending on time, we will present a subset of these results, and, if time
allows, we may also discuss the challenges and status of DNSSEC deployment.

Joint work with Haya Shulman.

*Speaker biography*

Amir Herzberg is Associate Professor of Computer Science at Bar-Ilan
University in Israel. HIs current research areas includes many areas of
computer security, particularly network security and applications of
cryptography. He received his Ph.D. from the Technion in Israel in 1991.
Before joining the faculty at Bar-Ilan University in 2002, he worked in
research and management with IBM Research and as a CTO of a startup
company. He frequently consults for R&D companies as well as the banking,
communications, and government sectors.

***Faculty sponsor: Ari Trachtenberg*

The Hariri Institute is located at the east end of 111 Cummington Mall in
Boston. For map and directions, see www.bu.edu/hic/directions


   -
      - DNS Poisoning: New Attacks and Defenses
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20130208/d7c68ee7/attachment.html>


More information about the Busec mailing list