1

Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack.

In this paper, we report MaginotDNS, a powerful cache poisoning attack against DNS servers that simultaneously act as recursive resolvers and forwarders (termed as CDNS).

In this paper, we present a novel framework, HostingChecker (DareShark), for detecting domain takeovers.

Ransom attacks have attracted widespread attention from researchers, however, there have been relatively few researches on vehicles, especially for electric vehicles (EVs). Such attacks mainly accomplish their purpose by exploiting vulnerabilities of vehicle itself, but often have a narrow attack surface. In this demo with real EVs and public charging piles, we show a new approach, the Charging Pile Ransom Attack (CPRA), that can remotely ransom EVs through the charging connector between EVs and charging piles. Additionally, we design a physical plugin for charging connectors that can extend the EV models affected by the described ransom attack. In this case, the CPRA needs a preparing step to locally install the plugin on the connector.

In this paper, we propose Phoenix Domain, a general and novel attack that allows adversaries to maintain the revoked malicious domain continuously resolvable at scale, which enables an old, mitigated attack, Ghost Domain.

本工作从全新的扫描角度出发，提出了一种新型的IPv6网络扫描技术，用于发现位于网络拓扑中重要位置的IPv6网络边界设备，同时设计并实现了全新的IPv6网络扫描器：XMap，可被用来进行大规模的扫描探测工作。通过利用XMap，本工作在若干个运营商的网络环境下发现了数以千万计的IPv6网络边界设备，并对其暴露的关键网络服务进行了深入的安全分析。此外，利用XMap，本工作发现了一个普遍存在的通用型路由循环漏洞（影响数十家路由器厂商），申请到了多于109个漏洞编号，并向厂商提供了合理的披露和有效的修复方案。