all InfoSec news
CERTainty: Detecting DNS Manipulation at Scale using TLS Certificates. (arXiv:2305.08189v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
DNS manipulation is an increasingly common technique used by censors and
other network adversaries to prevent users from accessing restricted Internet
resources and hijack their connections. Prior work in detecting DNS
manipulation relies largely on comparing DNS resolutions with trusted control
results to identify inconsistencies. However, the emergence of CDNs and other
cloud providers practicing content localization and load balancing leads to
these heuristics being inaccurate, paving the need for more verifiable signals
of DNS manipulation. In this paper, we …
adversaries certificates connections control dns hijack identify internet manipulation network resolutions resources restricted results scale tls tls certificates work