Pwnie Awards 2017

2020 Nomination for Most Innovative Research

DNS Cache Poisoning Attack Reloaded

Keyu Man, Zhiyun Qian

The DNS cache poisoning attack expanded via a side channel inside Linux kernel which can be used to infer the correct port number of the outstanding DNS request. The team found over 34% of the open resolver population on the Internet are vulnerable (and in particular 85% of the popular DNS services including Google’s 8.8.8.8). Furthermore, the attack was comprehensively validated against a variety of server configurations and network conditions in both controlled experiments and a production DNS resolver (with authorization).

DNS Cache Poisoning Attack Reloaded: Revolutions with Side Channels