Stopping DNS Rebinding Attacks in the Browser

Mohammadreza Hazhirpasand, Arash Ale Ebrahim, and Oscar Nierstrasz. Stopping DNS Rebinding Attacks in the Browser. In Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP, 2021. Details.


DNS rebinding attacks circumvent the same-origin policy of browsers and severely jeopardize user privacy. Although recent studies have shown that DNS rebinding attacks pose severe security threats to users, up to now little effort has been spent to assess the effectiveness of known solutions to prevent such attacks. We have carried out such a study to assess the protective measures proposed in prior studies. We found that none of the recommended techniques can entirely halt this attack due to various factors, e.g., network layer encryption renders packet inspection infeasible. Examining the previous problematic factors, we realize that a protective measure must be implemented at the browser-level. Therefore, we propose a defensive measure, a browser plug-in called Fail-rebind, that can detect, inform, and protect users in the event of an attack. Afterwards, we discuss the merits and limitations of our method compared to prior methods. Our findings suggest that Fail-rebind does not nec essitate expert knowledge, works on different OSes and smart devices, and is independent of networks and location.

Posted by scg at 23 February 2021, 3:34 pm link
Last changed by admin on 21 April 2009