DNS Security

The Maginot Line: Attacking the Boundary of DNS Caching Protection
In this paper, we report MaginotDNS, a powerful cache poisoning attack against DNS servers that simultaneously act as recursive resolvers and forwarders (termed as CDNS).
Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li
Cite Code Project Source Document
The Maginot Line: Attacking the Boundary of DNS Caching Protection
The Maginot Line: Attacking the Boundary of DNS Caching Protection
In this paper, we report MaginotDNS, a powerful cache poisoning attack against DNS servers that simultaneously act as recursive resolvers and forwarders (termed as CDNS).
Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li
Aug 9, 2023 DNS
Cite Code Project Source Document
The Maginot Line: Attacking the Boundary of DNS Caching Protection
DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains
In this paper, we present a novel framework, HostingChecker (DareShark), for detecting domain takeovers.
Mingming Zhang, Xiang Li, Baojun Liu, Jianyu Lu, Jianjun Chen, Yiming Zhang, Xiaofeng Zheng, Haixin Duan, Shuang Hao
PDF Cite
DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains
DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains
In this paper, we present a novel framework, HostingChecker (DareShark), for detecting domain takeovers.
Mingming Zhang, Xiang Li, Baojun Liu, Jianyu Lu, Jianjun Chen, Yiming Zhang, Xiaofeng Zheng, Haixin Duan, Shuang Hao
Jun 19, 2023 DNS
PDF Cite
DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains
Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation
In this paper, we propose Phoenix Domain, a general and novel attack that allows adversaries to maintain the revoked malicious domain continuously resolvable at scale, which enables an old, mitigated attack, Ghost Domain.
Xiang Li, Baojun Liu, Xuesong Bai, Mingming Zhang, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li
PDF Cite Code Project Slides Source Document DOI
Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation
Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation
In this paper, we propose Phoenix Domain, a general and novel attack that allows adversaries to maintain the revoked malicious domain continuously resolvable at scale, which enables an old, mitigated attack, Ghost Domain.
Xiang Li, Baojun Liu, Xuesong Bai, Mingming Zhang, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li
Feb 27, 2023 DNS
PDF Cite Code Project Slides Source Document DOI
Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation