DNS Security

ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
In this paper, we propose ResolverFuzz to fuzz the resolver.
Qifan Zhang, Xuesong Bai, Xiang Li, Haixin Duan, Qi Li, Zhou Li
PDF Cite Code Project
ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
在本文中,我们提出了一个全新的工具ResolverFuzz用来模糊测试解析器。
Qifan Zhang, Xuesong Bai, Xiang Li, Haixin Duan, Qi Li, Zhou Li
Aug 14, 2024 DNS
PDF Cite Code Project
ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
Rethinking the Security Threats of Stale DNS Glue Records
In this paper, we rethink the security threats of stale DNS glue records.
Yunyi Zhang, Baojun Liu, Haixin Duan, Min Zhang, Xiang Li, Fan Shi, Chengxi Xu, Eihal Alowaisheq
Cite Code Project
Rethinking the Security Threats of Stale DNS Glue Records
Rethinking the Security Threats of Stale DNS Glue Records
在本文中,我们深入分析了DNS glue records的安全性。
Yunyi Zhang, Baojun Liu, Haixin Duan, Min Zhang, Xiang Li, Fan Shi, Chengxi Xu, Eihal Alowaisheq
Aug 14, 2024 DNS
Cite Code Project
Rethinking the Security Threats of Stale DNS Glue Records
DNSBomb: A New Practical-and-Powerful Pulsing DoS Attack Exploiting DNS Queries-and-Responses
DNSBomb is a new practical and powerful pulsing DoS attack exploiting DNS queries and responses.
Xiang Li, Dashuai Wu, Haixin Duan, Qi Li
PDF Cite Code Project Poster Slides
DNSBomb: A New Practical-and-Powerful Pulsing DoS Attack Exploiting DNS Queries-and-Responses
DNSBomb: A New Practical-and-Powerful Pulsing DoS Attack Exploiting DNS Queries-and-Responses
DNSBomb is a new practical and powerful pulsing DoS attack exploiting DNS queries and responses.
Xiang Li, Dashuai Wu, Haixin Duan, Qi Li
May 20, 2024 DNS
PDF Cite Code Project Poster Slides
DNSBomb: A New Practical-and-Powerful Pulsing DoS Attack Exploiting DNS Queries-and-Responses
TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets
This paper proposes the TuDoor Attack, by systematically exploring and exploiting logic vulnerabilities in DNS response pre-processing with malformed packets, leading to DNS cache poisoning (1s), denial-of-service, and resource consuming attacks.
Xiang Li, Wei Xu, Baojun Liu, Mingming Zhang, Zhou Li, Jia Zhang, Deliang Chang, Xiaofeng Zheng, Chuhan Wang, Jianjun Chen, Haixin Duan, Qi Li
PDF Cite Code Project Poster Slides
TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets
Poster: ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
在本文中,我们提出了一个全新的工具ResolverFuzz用来模糊测试解析器。
Qifan Zhang, Xuesong Bai, Xiang Li, Haixin Duan, Qi Li, Zhou Li
PDF Cite Code Project
Poster: ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
Poster: ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
In this paper, we propose ResolverFuzz to fuzz the resolver.
Qifan Zhang, Xuesong Bai, Xiang Li, Haixin Duan, Qi Li, Zhou Li
Feb 26, 2024 DNS
PDF Cite Code Project
Poster: ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
Understanding the Implementation and Security Implications of Protective DNS Services
This paper analyzes the ecosystem of protective DNS and its security issues.
Mingxuan Liu, Yiming Zhang, Xiang Li, Chaoyi Lu, Baojun Liu, Haixin Duan, Xiaofeng Zheng
Cite Project
Understanding the Implementation and Security Implications of Protective DNS Services