Annual Computer Security Applications Conference (ACSAC) 2013

Full Program »

Socket Overloading for Fun and Cache-Poisoning

We present a new technique: {\em socket overloading}, which allows to circumvent source port randomisation, implemented in transport layer protocols. Our attacks are launched with an off-path adversary. We show how to apply socket overloading for: (1) UDP port derandomisation against popular and standard port randomisation algorithms~\cite{rfc6056}, and (2) for cache poisoning and degradation/denial of service attacks against DNS.
Our socket overloading technique may be of independent interest, and can be of use in other attacks, and applied against other protocols.


Amir Herzberg    
Computer Science Department, Bar Ilan University

Haya Shulman    
Computer Science Department, Bar Ilan University


Powered by OpenConf®
Copyright©2002-2014 Zakon Group LLC