Next-Generation Technologies & Secure Development , Video
The TsuKing Threat: New DNS Vulnerability Explained
Tsinghua University Professor Haixin Duan on the New Wave of DNS AttacksDomain name system or DNS attacks have persisted as a popular method for carrying out distributed denial-of-service attacks. DNS plays a crucial role in cybersecurity, mapping domain names and IP addresses and ensuring that the internet remains reliable and accessible. But DNS is susceptible to attacks.
See Also: Corelight's Brian Dye on NDR's Role in Defeating Ransomware
Haixin Duan, professor at Tsinghua University's Institute for Network Sciences and Cyberspace, described TsuKing - a new form of DNS attack that involves DNS resolvers amplifying DNS queries into a massive amount of traffic, coordinated with thousands of resolvers to cascade layers and multiply the amplification.
Unlike traditional DNS amplification attacks, TsuKing attacks don't require IP address spoofing, Duan said.
In this video interview with Information Security Media Group at Black Hat Europe 2023, Duan also discussed:
- The issues concerning open-source DNS software;
- Compliance with DNS standards, particularly the deployment of negative caching;
- The evolving nature of DNS protocols, such as DNS over HTTPS and DNS over QUIC.
Duan has been working on network security for nearly 30 years. His recent research interests include network protocol security, intrusion detection, underground economy detection and internet governance.