skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

New DNS Cache Poisoning Prevention System Introduced

/ 1 min read

🛡️✨ New DNS Cache Poisoning Prevention System (POPS) offers robust protection. The POPS (DNS cache POisoning Prevention System) is a novel module designed for Intrusion Prevention Systems (IPS) that effectively mitigates statistical DNS poisoning attacks. It features a detection module with three simple rules and a mitigation module that utilizes the TC flag in DNS headers, achieving zero false positives or negatives. Historical analysis shows POPS would have thwarted all documented network-based statistical poisoning attacks, maintaining a success rate of only 0.0076% for adversaries. Additionally, POPS operates more efficiently than existing tools, requiring only 20%-50% of the time and analyzing 5%-10% of the packets, while also detecting attacks that other systems like Suricata and Snort miss.

Source
{entry.data.source.title}
Original