University of Twente Student Theses

Login

The security impact of DNS and TLS on the websites reconnaissance process

Andrei, Vlad-Cristian (2023) The security impact of DNS and TLS on the websites reconnaissance process.

[img] PDF
1MB
Abstract:The widespread usage of the internet brings benefits to the general population, but it is also becoming an increasingly attractive target for malicious actors. They are exploiting internet technologies in order to gather knowledge about a network, which helps them initiate an attack on it. Domain Name System (DNS) is a mechanism that stores and translates domain names into IP addresses that can be used by the routing protocols. While facilitating the translations, DNS can be misused by the attackers to aid them in the reconnaissance process. There are reasons to believe that the scanning procedure is influenced by the domain name registration zone. Also, websites can have Transport Layer Security (TLS) certificates generated, which can also alter the attacker’s behavior through certificate transparency principles. This paper is going to study the security impact of DNS in real world by creating a website and registering it under different domain zones. Then, it will be checked if the attackers’ patterns have variations because of the domain change. Afterwards, the attack methods will be studied to see if generating a TLS certificate for the website will have any security impact. This study will conclude which domain name is more likely to be found by attackers as a target and will also tell if generating TLS certificates has any (further) impact on the reconnaissance process.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:02 science and culture in general, 30 exact sciences in general, 54 computer science
Programme:Computer Science MSc (60300)
Link to this item:https://purl.utwente.nl/essays/96846
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page