Xiang Li
Ph.D. Candidate in Cyberspace Security (Tsinghua University)
Tsinghua University
Institute of Network Science and Cyberspace
Network and Information Security Lab (NISL)
Biography
Xiang Li is a 4th-year Ph.D. candidate at the Institute of Network Science and Cyberspace, Tsinghua University, advised by Professors Qi Li and Haixin Duan. He belongs to the Network and Information Security Lab (NISL). He is a visiting scholar at UC Irvine as a project specialist, working with Professor Zhou Li. He is also working as a security research intern at Qi-An-Xin Technology Company. Additionally, he is the author of the fast IPv6 network device scanner XMap, open-sourced on GitHub. His research interests include network security, protocol security, IPv6 security, DNS security, Internet measurement, and network & protocol fuzzing. As the first author, he has published many research papers at top security conferences like USENIX Security, NDSS, and DSN. As the co-author, he also published multiple papers in top conferences like USENIX Security and SIGMETRICS. He also gets his presentations accepted by top industry security conferences like Black Hat. He likes to attend talks and workshops like IDS, OARC, and VehicleSec to share his research. He has obtained over 140 CVE/CNVD vulnerability numbers for a variety of influential IPv6 and DNS vulnerabilities, which have impacted over 20 home router vendors and all DNS implementations and resolver vendors. He received acknowledgements and more than $10,600 rewards from those vendors, like Google, Microsoft, Cloudflare, and Akamai, and is working for the improvement of DNS protocols (related work has been referenced in RFC).
Recent News
- [02/2023](Presentation) Phoenix Domain attack accepted by Black Hat Asia 2023.
- [02/2023](Activity) I’ll attend OARC 40 in person. Let’s talk!
- [01/2023](Paper) One paper accepted by Security ‘23. Congrats, Run.
- [01/2023](Talk) One talk accepted by OARC 40.
- [12/2022](Prize) got rejected by ANRP ‘23 (6/65=9.2%). not that easy, keep working!
- [12/2022](Paper) One paper accepted by SIGMETRICS ‘23. Congratulations, Mingming!
- [12/2022](Competition) We got the 1st and 3rd prizes of IPv6 Technology Application Innovation Competition 2022. Congratulations, zhenrui and everyone!
- [11/2022](Activity) I presented my NDSS ‘23 paper Phoenix Domain in IDS 2022.
- [11/2022](Activity) I’ll attend CCS ‘22 in person. Let’s meet!
- [11/2022](Career) I’m working with Professor Zhou Li at UCI as a visiting scholar from this month. Find me at Engineering Hall cubicle 335.
- Network Security
- Protocol Security
- IPv6 Security
- DNS Security
- Internet Measurement
- Network & Protocol Fuzzing
- Network Vulnerability Discovery & Attack
-
Visiting Scholar
11/01/2022 -- Present, University of California, Irvine
-
Ph.D. in Cyberspace Security
2019 -- Present, Tsinghua University
-
B.E. in Information Security / LL.B. (Double Major)
2015 -- 2019, Nankai University
Publications
* Presented in OARC 40.
* Presented in OARC 39.
* Presented in ICANN DNS Symposium 2022.
* Presented in Black Hat Asia 2023.
* Referenced by RFC Draft: Delegation Revalidation by DNS Resolvers.
Projects
Projects and Codes
Activities
In OARC 40 & NANOG 87 Workshop (hybrid in-person and online workshop), I presented a novel hosting-based domain takeover detection framework DareShark to the audiences.
In the 5th ICANN DNS Symposium (IDS 2022), I presented my NDSS ‘23 paper Phoenix Domain to the audiences. Discussed with so many enthusiastic question askers.
In OARC 39 & 47th CENTR Technical Workshop (hybrid in-person and online workshop), I presented a novel Ghost Domain attack named Phoenix Domain to the audiences.
In @Pentester Academy TV, I presented the IPv6 network scanner XMap with @DamianGoh13. Watch the video at here. New features are coming.
In the 4th ICANN DNS Symposium (IDS 2021, virtually), I presented a novel DNS cache poisoning attack (introduced by Xiaofeng Zheng from our lab) to the audiences.
Misc
🏅 Awards
- The 1st Prize in IPv6 Technology Application Innovation Competition, 2022
- The 3rd Prize in IPv6 Technology Application Innovation Competition, 2022
- Tsinghua Outstanding 2rd Scholarship, 2022
- Outstanding Undergraduate, 2019
- Nankai Gongneng 1st Scholarship, 2018
- Cyber Security Scholarship of China Internet Development Foundation, 2018
- The 2nd Prize in National College Student Information Security Contest, 2018
- The 3rd Prize in National Cryptography Contest, 2017
- China National Scholarship, 2017
- China National Scholarship, 2016
🔖 Patents
🐞 CNVD/CNNVD/CVE
- 109/5/34 (total)
- Phoenix Domain Vulnerability (2022): n/n/9
- DNS Cache Poisoning Vulnerability (2022): n/n/3
- IPv6 Routing Loop Vulnerability (2021): 109/5/22
🙋♂️ Reviewers
- TDSC ‘23
- DTRP ‘23
- SCN ‘22
🙋♂️ External Reviewers
- AsiaCCS ‘23
- ESF Proposal ‘22
- NDSS ‘22
- ICDCS ‘21
- ESORICS ‘20
- ICPDAS ‘19
Contact
- x-l19 [AT] mails dot tsinghua dot edu dot cn
- FIT 4-204, Tsinghua University, Beijing, 100084
- DM Me
- Follow Me
Links
For you