Communications of the ACM

Home/News/CPDoS Attack Can Poison CDNs to Deliver Error Pages.../Full Text

ACM TechNews

CPDoS Attack Can Poison CDNs to Deliver Error Pages Instead of Legitimate Sites

By ZDNet
October 24, 2019
Comments

View as: Print Mobile App Share:

A representation of the CPDOS Web attack. — Researchers at the Technical University of Cologne in Germany discovered a new type of Web attack that can compromise content delivery networks into caching and then serving error pages instead of legitimate websites.

Credit: ZDnet

Researchers at the Technical University of Cologne (TH Koln) in Germany discovered a new type of Web attack that can compromise content delivery networks (CDNs) into caching and then serving error pages instead of legitimate websites.

The new attack, called CPDoS (Cache-Poisoned Denial-of-Service), has three variants, and has been described as practical in the real world.

CPDoS attacks are aimed to two aspects of the modern Internet: Web servers and content delivery networks.

First, an attacker connects to a website, which generates a new CDN entry. The attacker's request contains a malformed or oversized HTTP header, which the CDN allows to pass through to the legitimate site so it can be processed and generate a Web page for the CDN to cache. The oversized header causes a "400 Bad Request" error on the server, which is then cached on the CDN.

Other users accessing the site get the error page rather than the actual websites, and the cached errors spread to other nodes of the CDN's network.

From ZDNet
View Full Article

No entries found

CPDoS Attack Can Poison CDNs to Deliver Error Pages Instead of Legitimate Sites

Bengio Urges Canada to Build Public Supercomputer

Toward a Solid Acceptance of the Decentralized Web of Personal Data: Societal and Technological Convergence

The Interdisciplinarity of Data Science from the People Analytics Perspective: Part Two