Xiang Li | 李想
Xiang Li | 李想
Home
Publications
Projects
Activities
Misc
Contact
Links
Light
Dark
Automatic
English
中文 (简体)
1
ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
In this paper, we propose
ResolverFuzz
to fuzz the resolver.
Qifan Zhang
,
Xuesong Bai
,
Xiang Li
,
Haixin Duan
,
Qi Li
,
Zhou Li
PDF
Cite
Code
Project
ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
在本文中,我们提出了一个全新的工具
ResolverFuzz
用来模糊测试解析器。
Qifan Zhang
,
Xuesong Bai
,
Xiang Li
,
Haixin Duan
,
Qi Li
,
Zhou Li
Aug 14, 2024
DNS
PDF
Cite
Code
Project
Rethinking the Security Threats of Stale DNS Glue Records
In this paper, we rethink the security threats of stale DNS glue records.
Yunyi Zhang
,
Baojun Liu
,
Haixin Duan
,
Min Zhang
,
Xiang Li
,
Fan Shi
,
Chengxi Xu
,
Eihal Alowaisheq
PDF
Cite
Code
Project
Rethinking the Security Threats of Stale DNS Glue Records
在本文中,我们深入分析了DNS glue records的安全性。
Yunyi Zhang
,
Baojun Liu
,
Haixin Duan
,
Min Zhang
,
Xiang Li
,
Fan Shi
,
Chengxi Xu
,
Eihal Alowaisheq
Aug 14, 2024
DNS
PDF
Cite
Code
Project
DNSBomb: A New Practical-and-Powerful Pulsing DoS Attack Exploiting DNS Queries-and-Responses
DNSBomb is a new practical and powerful pulsing DoS attack exploiting DNS queries and responses.
Xiang Li
,
Dashuai Wu
,
Haixin Duan
,
Qi Li
PDF
Cite
Code
Project
Poster
Slides
DNSBomb: A New Practical-and-Powerful Pulsing DoS Attack Exploiting DNS Queries-and-Responses
DNSBomb is a new practical and powerful pulsing DoS attack exploiting DNS queries and responses.
Xiang Li
,
Dashuai Wu
,
Haixin Duan
,
Qi Li
May 20, 2024
DNS
PDF
Cite
Code
Project
Poster
Slides
TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets
This paper proposes the TuDoor Attack, by systematically exploring and exploiting logic vulnerabilities in DNS response pre-processing with malformed packets, leading to DNS cache poisoning (1s), denial-of-service, and resource consuming attacks.
Xiang Li
,
Wei Xu
,
Baojun Liu
,
Mingming Zhang
,
Zhou Li
,
Jia Zhang
,
Deliang Chang
,
Xiaofeng Zheng
,
Chuhan Wang
,
Jianjun Chen
,
Haixin Duan
,
Qi Li
PDF
Cite
Code
Project
Poster
Slides
TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets
本论文提出了“突门攻击”,通过系统地探索并利用畸形数据包中DNS响应预处理的逻辑漏洞,导致DNS缓存投毒(1秒)、拒绝服务和资源消耗攻击。
Xiang Li
,
Wei Xu
,
Baojun Liu
,
Mingming Zhang
,
Zhou Li
,
Jia Zhang
,
Deliang Chang
,
Xiaofeng Zheng
,
Chuhan Wang
,
Jianjun Chen
,
Haixin Duan
,
Qi Li
May 20, 2024
DNS
PDF
Cite
Code
Project
Poster
Slides
BreakSPF: How Shared Infrastructures Magnify SPF Vulnerabilities Across the Internet
This paper proposes a BreakSPF attack framework, a newly discovered method for attackers to bypass the SPF protocol and launch email spoofing attacks.
Chuhan Wang
,
YASUHIRO KURANAGA
,
Yihang Wang
,
Mingming Zhang
,
Linkai Zheng
,
Xiang Li
,
Jianjun Chen
,
Haixin Duan
,
Yanzhong Lin
,
Qingfeng Pan
PDF
Cite
Code
Project
BreakSPF: How Shared Infrastructures Magnify SPF Vulnerabilities Across the Internet
本论文提出了一个名为BreakSPF的攻击框架:攻击者新发现的一种绕过SPF协议并发起电子邮件欺骗攻击的方法。
Chuhan Wang
,
YASUHIRO KURANAGA
,
Yihang Wang
,
Mingming Zhang
,
Linkai Zheng
,
Xiang Li
,
Jianjun Chen
,
Haixin Duan
,
Yanzhong Lin
,
Qingfeng Pan
Feb 26, 2024
Email
PDF
Cite
Code
Project
»
Cite
×