Dissertation/Thesis Abstract

Domain Name Service Trust Delegation in Cloud Computing: Exploitation, Risks, and Defense
by Laprade, Craig, M.S., The George Washington University, 2021, 73; 28156620
Abstract (Summary)

The Domain Name Service (DNS) infrastructure is a global distributed database that links human readable domain names with the Internet Protocol (IP) addresses of the resources that power the internet. With the explosion of cloud computing over the past decade, increasing proportions of organizations' computing services have moved from on-premise solutions to cloud providers. These services range from complete DNS management to singular services such as E-mail or a payroll application. Each of these outsourced services requires a trust delegation, that is, the owning organization needs to advertise to the world, often by DNS records, that another organization can act authoritatively on its behalf. What occurs when these trust delegations are misused? In this work, I explore the methods that can be used to exploit DNS trust delegation and then examine the top 1% of the most popular domains in the world for the presence of these exploitable vulnerabilities. Finally, I conclude with methods of defense against such attacks and the publishing of a novel tool to detect these vulnerabilities.

Indexing (document details)
Advisor: Huang, H. Howie
Commitee: Ok, Hurriyet, Refaei , Tamer , Norris , Matthew
School: The George Washington University
Department: Computer Science
School Location: United States -- District of Columbia
Source: MAI 82/5(E), Masters Abstracts International
Subjects: Computer science, Information Technology, Computer Engineering, Management, Web Studies
Keywords: DNS management, Domain Name System, Subdomain, Trust delegation, Cloud computing, Global distributed database, Internet Protocol , IP address
Publication Number: 28156620
ISBN: 9798691282607
Copyright © 2021 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy