Censorship Detector: using X.509 certificates to detect censorship implemented via DNS manipulation
Riccardo Fiorilla
Censorship Detector: using X.509 certificates to detect censorship implemented via DNS manipulation.
Rel. Diana Gratiela Berbecaru. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2024
|
Preview |
PDF (Tesi_di_laurea)
- Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (3MB) | Preview |
![[thumbnail of Documenti_allegati]](https://webthesis.biblio.polito.it/style/images/fileicons/application_zip.png "Documenti_allegati")
|
Archive (ZIP) (Documenti_allegati)
- Altro
Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (7MB) |
Abstract
DNS manipulation attacks can be implemented by different kinds of malicious actors, with the purpose of luring the victim into a different webpage compared to the one that was originally meant to be visited. However, the content of the malicious page can vary depending on the attacker’s reasons, which span from credentials theft to censorship. During the years, different kinds of methodologies have been proposed to identify when such attacks happen. One of the latest heuristics consist in exploiting information obtained by X.509 certificates, which can indicate if a manipulation attack has been put into place. This work focuses on DNS manipulation attacks implemented with the purpose of hiding domains and censoring them, typically implemented by malicious DNS resolvers.
The aforementioned methodology, based on certificates analysis, is proven to be a valid one to effectively identify such attacks
Tipo di pubblicazione
URI
 |
Modifica (riservato agli operatori) |
