DNS Security

ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
In this paper, we propose ResolverFuzz to fuzz the resolver.
Qifan Zhang, Xuesong Bai, Xiang Li, Haixin Duan, Qi Li, Zhou Li
Cite Code Project
ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
在本文中,我们提出了一个全新的工具ResolverFuzz用来模糊测试解析器。
Qifan Zhang, Xuesong Bai, Xiang Li, Haixin Duan, Qi Li, Zhou Li, ✉ Corresponding authors
Aug 14, 2024 DNS
Cite Code Project
ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets
This paper proposes the TuDoor Attack, by systematically exploring and exploiting logic vulnerabilities in DNS response pre-processing with malformed packets, leading to DNS cache poisoning (1s), denial-of-service, and resource consuming attacks.
Xiang Li, Wei Xu, Baojun Liu, Mingming Zhang, Zhou Li, Jia Zhang, Deliang Chang, Xiaofeng Zheng, Chuhan Wang, Jianjun Chen, Haixin Duan, Qi Li
Cite Project
TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets
TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers
In this paper, we present the TsuKing attack.
Wei Xu, Xiang Li, Chaoyi Lu, Baojun Liu, Jia Zhang, Jianjun Chen, Tao Wan, Haixin Duan
Cite Project
TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers
TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers
In this paper, we present the TsuKing attack.
Wei Xu, Xiang Li, Chaoyi Lu, Baojun Liu, Jia Zhang, Jianjun Chen, Tao Wan, Haixin Duan
Nov 26, 2023 DNS
Cite Project
TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers
Wolf in Sheep's Clothing: Evaluating the Security Risks of the Undelegated Record on DNS Hosting Services
This paper conducted a comprehensive measurement to reveal the prevalence of undelegated DNS records.
Fenglu Zhang, Yunyi Zhang, Baojun Liu, Eihal Alowaisheq, Lingyun Ying, Xiang Li, Zaifeng Zhang, Ying Liu, Haixin Duan, Min Zhang
Cite
Wolf in Sheep's Clothing: Evaluating the Security Risks of the Undelegated Record on DNS Hosting Services
The Maginot Line: Attacking the Boundary of DNS Caching Protection
In this paper, we report MaginotDNS, a powerful cache poisoning attack against DNS servers that simultaneously act as recursive resolvers and forwarders (termed as CDNS).
Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li
PDF Cite Code Project Slides Source Document
The Maginot Line: Attacking the Boundary of DNS Caching Protection
The Maginot Line: Attacking the Boundary of DNS Caching Protection
在本文中,我们报告了MaginotDNS,这是针对同时充当递归解析器和转发器(称为CDNS)的DNS服务器的强大缓存投毒攻击。
Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li
Aug 9, 2023 DNS
PDF Cite Code Project Slides Source Document
The Maginot Line: Attacking the Boundary of DNS Caching Protection
DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains
In this paper, we present a novel framework, HostingChecker (DareShark), for detecting domain takeovers.
Mingming Zhang, Xiang Li, Baojun Liu, Jianyu Lu, Jianjun Chen, Yiming Zhang, Xiaofeng Zheng, Haixin Duan, Shuang Hao
PDF Cite Slides
DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains
DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains
In this paper, we present a novel framework, HostingChecker (DareShark), for detecting domain takeovers.
Mingming Zhang, Xiang Li, Baojun Liu, Jianyu Lu, Jianjun Chen, Yiming Zhang, Xiaofeng Zheng, Haixin Duan, Shuang Hao
Jun 19, 2023 DNS
PDF Cite Slides
DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains