Coursera Plus Annual is 40% Off — Ends July 6.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Attacking with Something That Does Not Exist: Proof of Non-Existence Can Exhaust DNS Resolver CPU

USENIX via YouTube

Start learning Write review
OpenLearning Ad

Master AI and Machine Learning: From Neural Networks to Applications

Learn More → Simplilearn Ad

Build GenAI Apps from Scratch — UCSB PaCE Certificate Program

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Learn about a critical cybersecurity research presentation from WOOT '24 that examines how NSEC3, a proof of non-existence mechanism in DNSSEC, can be exploited to exhaust DNS resolver CPU resources. Explore groundbreaking research that demonstrates a 72x increase in CPU instruction count through the NSEC3-encloser attack, even when resolvers follow RFC5155 recommendations. Discover detailed findings showing how malicious NSEC3 records at 150 per second can cause packet loss rates between 2.7% and 30% for benign DNS requests across different implementations. Gain insights into the first comprehensive analysis of NSEC3 parameters' impact on resolver load during attacks, complete with access to the attack implementation code, zonefile, and evaluation data through the researchers' public GitHub repository.

Syllabus

WOOT '24 - Attacking with Something That Does Not Exist: 'Proof of Non-Existence' Can Exhaust DNS...

Taught by

USENIX

Reviews

Start your review of Attacking with Something That Does Not Exist: Proof of Non-Existence Can Exhaust DNS Resolver CPU

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.