English
Related papers

Related papers: Data Retrieval over DNS in SQL Injection Attacks

200 papers

The Domain Name System (DNS) plays a critical role in the functioning of the Internet. It provides a hierarchical name space for locating resources. Data is typically stored in plain text files, possibly spanning gigabytes. Frequent parsing…

Data Structures and Algorithms · Computer Science 2024-12-13 Jeroen Koekkoek , Daniel Lemire

Neural networks are often trained on proprietary datasets, making them attractive attack targets. We present a novel dataset extraction method leveraging an innovative training time backdoor attack, allowing a malicious federated learning…

Cryptography and Security · Computer Science 2025-12-19 Eden Luzon , Guy Amit , Roy Weiss , Torsten Kraub , Alexandra Dmitrienko , Yisroel Mirsky

Software Defined Networking (SDN) is a network paradigm shift that facilitates comprehensive network programmability to cope with emerging new technologies such as cloud computing and big data. SDN facilitates simplified and centralized…

Cryptography and Security · Computer Science 2020-02-04 Sarwan Ali , Maria Khalid Alvi , Safi Faizullah , Muhammad Asad Khan , Abdullah Alshanqiti , Imdadullah Khan

Everyone is concerned about the Internet security, yet most traffic is not cryptographically protected. The usual justification is that most attackers are only off-path and cannot intercept traffic; hence, challenge-response mechanisms…

Cryptography and Security · Computer Science 2013-05-07 Yossi Gilad , Amir Herzberg , Haya Shulman

In this paper, we propose a formalization of the process of exploitation of SQL injection vulnerabilities. We consider a simplification of the dynamics of SQL injection attacks by casting this problem as a security capture-the-flag…

Cryptography and Security · Computer Science 2021-05-25 Laszlo Erdodi , Åvald Åslaugson Sommervoll , Fabio Massimo Zennaro

As the use of technology increases and data analysis becomes integral in many businesses, the ability to quickly access and interpret data has become more important than ever. Information retrieval technologies are being utilized by…

Computation and Language · Computer Science 2018-07-03 Aliaksei Vertsel , Mikhail Rumiantsau

The DNS is a key component of the Internet. Originally designed to facilitate the resolution of host names to IP addresses, its scope has continuously expanded over the years, today covering use cases such as load balancing or service…

Networking and Internet Architecture · Computer Science 2025-10-31 Mathis Engelbart , Mike Kosek , Lars Eggert , Jörg Ott

Emerging protocols such as DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) improve the privacy of DNS queries and responses. While this trend towards encryption is positive, deployment of these protocols has in some cases resulted in further…

Networking and Internet Architecture · Computer Science 2021-09-23 Austin Hounsel , Paul Schmitt , Kevin Borgolte , Nick Feamster

Searchable encryption (SE) is one of the key enablers for building encrypted databases. It allows a cloud server to search over encrypted data without decryption. Dynamic SE additionally includes data addition and deletion operations to…

Cryptography and Security · Computer Science 2020-04-13 Viet Vo , Shangqi Lai , Xingliang Yuan , Shi-Feng Sun , Surya Nepal , Joseph K. Liu

In this paper we present three attacks on private internal networks behind a NAT and a corresponding new protection mechanism, Internal Network Policy, to mitigate a wide range of attacks that penetrate internal networks behind a NAT. In…

Cryptography and Security · Computer Science 2019-10-04 Yehuda Afek , Anat Bremler-Barr , Alon Noy

Data Distribution Service (DDS) is an innovative approach towards communication in ICS/IoT infrastructure and robotics. Being based on the cross-platform and cross-language API to be applicable in any computerised device, it offers the…

Machine Learning · Computer Science 2021-06-15 Stanislav Abaimov

While storing documents on the cloud can be attractive, the question remains whether cloud providers can be trusted with storing private documents. Even if trusted, data breaches are ubiquitous. To prevent information leakage one can store…

Cryptography and Security · Computer Science 2023-07-04 Marco Dijkslag , Marc Damie , Florian Hahn , Andreas Peter

Domain Name System (DNS), one of the important infrastructure in the Internet, was vulnerable to attacks, for the DNS designer didn't take security issues into consideration at the beginning. The defects of DNS may lead to users' failure of…

Networking and Internet Architecture · Computer Science 2017-04-24 Caiyun Huang , Peng Zhang , Junpeng Liu , Yong Sun , Xueqiang Zou

Privacy leaks are an unfortunate and an integral part of the current Internet domain name resolution. Each DNS query generated by a user reveals -- to one or more DNS servers -- the origin and target of that query. Over time, a user's…

Cryptography and Security · Computer Science 2015-03-13 Yanbin Lu , Gene Tsudik

High-bandwidth covert channels pose significant risks to sensitive and proprietary information inside company networks. Domain Name System (DNS) tunnels provide a means to covertly infiltrate and exfiltrate large amounts of information…

Cryptography and Security · Computer Science 2010-04-27 Kenton Born , David Gustafson

The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of…

Cryptography and Security · Computer Science 2021-04-16 Pedro Manso , Jose Moura , Carlos Serrao

Dense retrieval systems have been widely used in various NLP applications. However, their vulnerabilities to potential attacks have been underexplored. This paper investigates a novel attack scenario where the attackers aim to mislead the…

Computation and Language · Computer Science 2025-08-26 Quanyu Long , Yue Deng , LeiLei Gan , Wenya Wang , Sinno Jialin Pan

In this paper, we shed new light on the DNS amplification ecosystem, by studying complementary data sources, bolstered by orthogonal methodologies. First, we introduce a passive attack detection method for the Internet core, i.e., at…

Cryptography and Security · Computer Science 2021-10-07 Marcin Nawrocki , Mattijs Jonker , Thomas C. Schmidt , Matthias Wählisch

Improperly configured domain name system (DNS) servers are sometimes used as packet reflectors as part of a DoS or DDoS attack. Detecting packets created as a result of this activity is logically possible by monitoring the DNS request and…

Networking and Internet Architecture · Computer Science 2021-11-10 Keiichi Shima , Ryo Nakamura , Kazuya Okada , Tomohiro Ishihara , Daisuke Miyamoto , Yuji Sekiya

Data leakage and theft from databases is a dangerous threat to organizations. Data Security and Data Privacy protection systems (DSDP) monitor data access and usage to identify leakage or suspicious activities that should be investigated.…

Cryptography and Security · Computer Science 2017-08-16 Hagit Grushka-Cohen , Oded Sofer , Ofer Biller , Michael Dymshits , Lior Rokach , Bracha Shapira