1

Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack.

Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack.

In this paper, we report MaginotDNS, a powerful cache poisoning attack against DNS servers that simultaneously act as recursive resolvers and forwarders (termed as CDNS).

In this paper, we report MaginotDNS, a powerful cache poisoning attack against DNS servers that simultaneously act as recursive resolvers and forwarders (termed as CDNS).

In this paper, we present a novel framework, HostingChecker (DareShark), for detecting domain takeovers.

In this paper, we present a novel framework, HostingChecker (DareShark), for detecting domain takeovers.

Ransom attacks have attracted widespread attention from researchers, however, there have been relatively few researches on vehicles, especially for electric vehicles (EVs). Such attacks mainly accomplish their purpose by exploiting vulnerabilities of vehicle itself, but often have a narrow attack surface. In this demo with real EVs and public charging piles, we show a new approach, the Charging Pile Ransom Attack (CPRA), that can remotely ransom EVs through the charging connector between EVs and charging piles. Additionally, we design a physical plugin for charging connectors that can extend the EV models affected by the described ransom attack. In this case, the CPRA needs a preparing step to locally install the plugin on the connector.

Ransom attacks have attracted widespread attention from researchers, however, there have been relatively few researches on vehicles, especially for electric vehicles (EVs). Such attacks mainly accomplish their purpose by exploiting vulnerabilities of vehicle itself, but often have a narrow attack surface. In this demo with real EVs and public charging piles, we show a new approach, the Charging Pile Ransom Attack (CPRA), that can remotely ransom EVs through the charging connector between EVs and charging piles. Additionally, we design a physical plugin for charging connectors that can extend the EV models affected by the described ransom attack. In this case, the CPRA needs a preparing step to locally install the plugin on the connector.

In this paper, we propose Phoenix Domain, a general and novel attack that allows adversaries to maintain the revoked malicious domain continuously resolvable at scale, which enables an old, mitigated attack, Ghost Domain.

In this paper, we propose Phoenix Domain, a general and novel attack that allows adversaries to maintain the revoked malicious domain continuously resolvable at scale, which enables an old, mitigated attack, Ghost Domain.