On the Vulnerability of Ghost Domain Names

Abstract

We study the vulnerability in domain name system, so called as "Ghost domain names", which is discovered by Jiang, Liang, Li, Li, Duan and Wu in NDSS 2012. The ghost domain vulnerability allows a malicious domain name to stay resolvable long after it has been removed form the upper level server. Our study examines the feasibility of the ghost domain vulnerability still active and clarifies the latest status of the attack based on the experimental results on open DNS servers.