Chengxi Xu, Yunyi Zhang, Fan Shi, Huimin Ma, Wanmeng Ding, Hong Shan
{"title":"喷涌解析器:测量开放解析器的递归行为","authors":"Chengxi Xu, Yunyi Zhang, Fan Shi, Huimin Ma, Wanmeng Ding, Hong Shan","doi":"10.1145/3573834.3574533","DOIUrl":null,"url":null,"abstract":"Open resolvers can be easily exploited by malicious actors to launch DDoS attacks against important services on the Internet, which has aroused much concern in the Internet community. Researchers have studied extensively the population, structure, and malicious behavior of open resolvers, while little has been done to reveal how open resolvers respond to non-recursion queries. In this paper, we conduct an Internet-wide measurement on the recursive behavior of open resolvers. We discover that more than 1 million gushing resolvers in the wild are more enthusiastic than needed to respond to non-recursive queries, either triggering a new recursive resolution process or replying with cached records. Furthermore, we discuss possible security implications posed by the massive gushing resolvers. Specifically, we show that gushing resolvers are prone to be targets of ranking manipulation attacks if they happen to be the data collection points of top lists. At last, we put forward suggestions for resolver operators to improve such a situation.","PeriodicalId":345434,"journal":{"name":"Proceedings of the 4th International Conference on Advanced Information Science and System","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Gushing Resolvers: Measuring Open Resolvers’ Recursive Behavior\",\"authors\":\"Chengxi Xu, Yunyi Zhang, Fan Shi, Huimin Ma, Wanmeng Ding, Hong Shan\",\"doi\":\"10.1145/3573834.3574533\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Open resolvers can be easily exploited by malicious actors to launch DDoS attacks against important services on the Internet, which has aroused much concern in the Internet community. Researchers have studied extensively the population, structure, and malicious behavior of open resolvers, while little has been done to reveal how open resolvers respond to non-recursion queries. In this paper, we conduct an Internet-wide measurement on the recursive behavior of open resolvers. We discover that more than 1 million gushing resolvers in the wild are more enthusiastic than needed to respond to non-recursive queries, either triggering a new recursive resolution process or replying with cached records. Furthermore, we discuss possible security implications posed by the massive gushing resolvers. Specifically, we show that gushing resolvers are prone to be targets of ranking manipulation attacks if they happen to be the data collection points of top lists. At last, we put forward suggestions for resolver operators to improve such a situation.\",\"PeriodicalId\":345434,\"journal\":{\"name\":\"Proceedings of the 4th International Conference on Advanced Information Science and System\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-11-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 4th International Conference on Advanced Information Science and System\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3573834.3574533\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 4th International Conference on Advanced Information Science and System","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3573834.3574533","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Gushing Resolvers: Measuring Open Resolvers’ Recursive Behavior
Open resolvers can be easily exploited by malicious actors to launch DDoS attacks against important services on the Internet, which has aroused much concern in the Internet community. Researchers have studied extensively the population, structure, and malicious behavior of open resolvers, while little has been done to reveal how open resolvers respond to non-recursion queries. In this paper, we conduct an Internet-wide measurement on the recursive behavior of open resolvers. We discover that more than 1 million gushing resolvers in the wild are more enthusiastic than needed to respond to non-recursive queries, either triggering a new recursive resolution process or replying with cached records. Furthermore, we discuss possible security implications posed by the massive gushing resolvers. Specifically, we show that gushing resolvers are prone to be targets of ranking manipulation attacks if they happen to be the data collection points of top lists. At last, we put forward suggestions for resolver operators to improve such a situation.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
