Stopping DNS Rebinding Attacks in the Browser

Mohammadreza Hazhirpasand, Arash Ale Ebrahim, Oscar Nierstrasz

Abstract

DNS rebinding attacks circumvent the same-origin policy of browsers and severely jeopardize user privacy. Although recent studies have shown that DNS rebinding attacks pose severe security threats to users, up to now little effort has been spent to assess the effectiveness of known solutions to prevent such attacks. We have carried out such a study to assess the protective measures proposed in prior studies. We found that none of the recommended techniques can entirely halt this attack due to various factors, e.g., network layer encryption renders packet inspection infeasible. Examining the previous problematic factors, we realize that a protective measure must be implemented at the browser-level. Therefore, we propose a defensive measure, a browser plug-in called Fail-rebind, that can detect, inform, and protect users in the event of an attack. Afterwards, we discuss the merits and limitations of our method compared to prior methods. Our findings suggest that Fail-rebind does not necessitate expert knowledge, works on different OSes and smart devices, and is independent of networks and location.

Download


Paper Citation


in Harvard Style

Hazhirpasand M., Ale Ebrahim A. and Nierstrasz O. (2021). Stopping DNS Rebinding Attacks in the Browser.In Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-491-6, pages 596-603. DOI: 10.5220/0010310705960603


in Bibtex Style

@conference{icissp21,
author={Mohammadreza Hazhirpasand and Arash Ale Ebrahim and Oscar Nierstrasz},
title={Stopping DNS Rebinding Attacks in the Browser},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2021},
pages={596-603},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010310705960603},
isbn={978-989-758-491-6},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Stopping DNS Rebinding Attacks in the Browser
SN - 978-989-758-491-6
AU - Hazhirpasand M.
AU - Ale Ebrahim A.
AU - Nierstrasz O.
PY - 2021
SP - 596
EP - 603
DO - 10.5220/0010310705960603