Explore a critical cybersecurity vulnerability in this 20-minute IEEE conference talk on MitM attacks through name collisions in the new gTLD era. Delve into the causes, vulnerability assessment, and potential remediation strategies for this emerging threat that exploits the Web Proxy Auto-Discovery (WPAD) protocol. Gain insights into how internal namespace query leakage can lead to automatic traffic redirection to malicious proxies. Examine the role of end-user device settings in exacerbating the problem and learn about the concept of "highly-vulnerable domains." Understand the urgent need for proactive protection measures and evaluate potential solutions at the registry, Autonomous System, and end-user levels.
MitM Attack by Name Collision - Cause Analysis and Vulnerability Assessment in the New gTLD Era
Overview
Syllabus
Introduction
High Level Picture
Background
Fundamental Problem
Source of Leakage
Domain Suffix
Cause Analysis
Attack Surface Characterization
Current Registration Status
Remediation Strategies
Summary
Taught by
IEEE Symposium on Security and Privacy
