https://creativecommons.org/licenses/by/4.0/
DC FieldValueLanguage
dc.contributor.authorKoch, Maynard-
dc.contributor.authorDolzmann, Florian-
dc.contributor.authorSchmidt, Thomas C.-
dc.contributor.authorWählisch, Matthias-
dc.date.accessioned2026-03-19T08:53:11Z-
dc.date.available2026-03-19T08:53:11Z-
dc.date.issued2025-11-22-
dc.identifier.isbn979-8-4007-1525-9en_US
dc.identifier.urihttps://hdl.handle.net/20.500.12738/19093-
dc.description.abstractThe DNS service infrastructure is infamous for facilitating reflective amplification attacks. Various countermeasures including server shielding, access control, rate limiting, and protocol restrictions have been implemented. Still, the threat remains throughout the deployment of DNS servers. In this paper, we report on and evaluate the widely unnoticed threat that derives from transparent DNS forwarders, a widely deployed incompletely functional set of DNS components. DNS transparent forwarders guide DNS requests non-recursively, i.e., without rebuilding packets with correct source addresses. As such, transparent forwarders feed arbitrary DNS requests into (mainly powerful and anycasted) open recursive resolvers, which in the case of misuse participate unwillingly in distributed reflective amplification attacks. We show that transparent forwarders raise severe threats to the Internet infrastructure. They easily circumvent rate limiting, and achieve an additional, scalable impact via the DNS anycast infrastructure, which we empirically verified up to a factor of 14. Transparent forwarders can also bridge access to shielded recursive resolvers, making these protected infrastructure entities part of the global DNS attack infrastructure.en
dc.language.isoenen_US
dc.publisherAssociation for Computing Machineryen_US
dc.subjectDNS Securityen_US
dc.subjectDNS Transparent Forwardersen_US
dc.subjectDDoSen_US
dc.subject.ddc004: Informatiken_US
dc.titleForward to hell? On the potentials of misusing transparent DNS forwarders in reflective amplification attacksen
dc.typeinProceedingsen_US
dc.relation.conferenceACM SIGSAC Conference on Computer and Communications Security 2025en_US
dc.description.versionPeerRevieweden_US
local.contributorPerson.editorTu, Guan-Hua-
local.contributorPerson.editorTan, Zhaowei-
tuhh.container.endpage3929en_US
tuhh.container.startpage3915en_US
tuhh.oai.showtrueen_US
tuhh.publication.instituteFakultät Informatik und Digitale Gesellschaften_US
tuhh.publisher.doi10.1145/3719027.3765096-
tuhh.relation.ispartofseriesProceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Securityen_US
tuhh.type.opusInProceedings (Aufsatz / Paper einer Konferenz etc.)-
dc.rights.cchttps://creativecommons.org/licenses/by/4.0/en_US
dc.type.casraiConference Paper-
dc.type.dinicontributionToPeriodical-
dc.type.drivercontributionToPeriodical-
dc.type.statusinfo:eu-repo/semantics/publishedVersionen_US
dcterms.DCMITypeText-
item.creatorOrcidKoch, Maynard-
item.creatorOrcidDolzmann, Florian-
item.creatorOrcidSchmidt, Thomas C.-
item.creatorOrcidWählisch, Matthias-
item.seriesrefProceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security-
item.tuhhseriesidProceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security-
item.grantfulltextnone-
item.creatorGNDKoch, Maynard-
item.creatorGNDDolzmann, Florian-
item.creatorGNDSchmidt, Thomas C.-
item.creatorGNDWählisch, Matthias-
item.openairetypeinProceedings-
item.openairecristypehttp://purl.org/coar/resource_type/c_5794-
item.languageiso639-1en-
item.fulltextNo Fulltext-
item.cerifentitytypePublications-
crisitem.author.deptDepartment Informatik (ehemalig, aufgelöst 10.2025)-
crisitem.author.orcid0000-0002-0956-7885-
crisitem.author.parentorgFakultät Technik und Informatik (ehemalig, aufgelöst 10.2025)-
Appears in Collections:Publications without full text
Show simple item record

Google ScholarTM

Check

HAW Katalog

Check

Add Files to Item

Note about this record

Export

This item is licensed under a Creative Commons License Creative Commons