Socket Overloading for Fun and Cache-Poisoning

We present a new technique: {\em socket overloading}, which allows to circumvent source port randomisation, implemented in transport layer protocols. Our attacks are launched with an off-path adversary. We show how to apply socket overloading for: (1) UDP port derandomisation against popular and standard port randomisation algorithms~\cite{rfc6056}, and (2) for cache poisoning and degradation/denial of service attacks against DNS.
Our socket overloading technique may be of independent interest, and can be of use in other attacks, and applied against other protocols.

Author(s):

Amir Herzberg    
Computer Science Department, Bar Ilan University
Israel

Haya Shulman    
Computer Science Department, Bar Ilan University
Israel