Team for Research in
Ubiquitous Secure Technology

Protecting Browsers from DNS Rebinding Attacks
Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, Dan Boneh

Citation
Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, Dan Boneh. "Protecting Browsers from DNS Rebinding Attacks". Computer and Communications Security, October, 2007.

Abstract
DNS rebinding attacks subvert the same-origin policy of browsers and convert them into open network proxies. We survey new DNS rebinding attacks that exploit the interaction between browsers and their plug-ins, such as Flash Player and Java. These attacks can be used to circumvent firewalls and are highly cost-effective for sending spam e-mail and defrauding pay-per-click advertisers, requiring less than $100 to temporarily hijack $100,000 IP addresses. We show that the classic defense against these attacks, called "DNS pinning," is ineffective in modern browsers. The primary focus of this work, however, is the design of strong defenses against DNS rebinding attacks that protect modern browsers: we suggest easy-to-deploy patches for plug-ins that prevent large-scale exploitation, provide a defense tool, dnswall, that prevents firewall circumvention, and detail two defense options, policy-based pinning and host name authorization.

Electronic downloads

Citation formats  
  • HTML
    Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, Dan
    Boneh. <a
    href="http://www.truststc.org/pubs/307.html"
    >Protecting Browsers from DNS Rebinding
    Attacks</a>, Computer and Communications Security,
    October, 2007.
  • Plain text
    Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, Dan
    Boneh. "Protecting Browsers from DNS Rebinding
    Attacks". Computer and Communications Security,
    October, 2007.
  • BibTeX
    @inproceedings{JacksonBarthBortzShaoBoneh07_ProtectingBrowsersFromDNSRebindingAttacks,
        author = {Collin Jackson and Adam Barth and Andrew Bortz and
                  Weidong Shao and Dan Boneh},
        title = {Protecting Browsers from DNS Rebinding Attacks},
        booktitle = {Computer and Communications Security},
        month = {October},
        year = {2007},
        abstract = {DNS rebinding attacks subvert the same-origin
                  policy of browsers and convert them into open
                  network proxies. We survey new DNS rebinding
                  attacks that exploit the interaction between
                  browsers and their plug-ins, such as Flash Player
                  and Java. These attacks can be used to circumvent
                  firewalls and are highly cost-effective for
                  sending spam e-mail and defrauding pay-per-click
                  advertisers, requiring less than $100 to
                  temporarily hijack $100,000 IP addresses. We show
                  that the classic defense against these attacks,
                  called "DNS pinning," is ineffective in modern
                  browsers. The primary focus of this work, however,
                  is the design of strong defenses against DNS
                  rebinding attacks that protect modern browsers: we
                  suggest easy-to-deploy patches for plug-ins that
                  prevent large-scale exploitation, provide a
                  defense tool, dnswall, that prevents firewall
                  circumvention, and detail two defense options,
                  policy-based pinning and host name authorization.},
        URL = {http://www.truststc.org/pubs/307.html}
    }
    

Posted by Adam Barth on 28 Oct 2007.
Groups: trust
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.