English
Related papers

Related papers: Take up DNSSEC When Needed

200 papers

Machine learning models have been widely adopted in several fields. However, most recent studies have shown several vulnerabilities from attacks with a potential to jeopardize the integrity of the model, presenting a new window of research…

Cryptography and Security · Computer Science 2022-02-23 Miguel A. Ramirez , Song-Kyoo Kim , Hussam Al Hamadi , Ernesto Damiani , Young-Ji Byon , Tae-Yeon Kim , Chung-Suk Cho , Chan Yeob Yeun

In this paper, we identify that memory performance plays a crucial role in the feasibility and effectiveness for performing denial-of-service attacks on shared cache. Based on this insight, we introduce new cache DoS attacks, which can be…

Cryptography and Security · Computer Science 2021-01-18 Michael Bechtel , Heechul Yun

Blockchain technology is widely used in various fields due to its ability to provide decentralization and trustless security. This is a fundamental understanding held by many advocates, but it is misunderstood, leading participants to fail…

Cryptography and Security · Computer Science 2026-02-02 Chunyi Zhang , Fengjiao Dou , Xiaoqi Li

The DNS HTTPS resource record is a new DNS record type designed for the delivery of configuration information and parameters required to initiate connections to HTTPS network services. In addition, it is a key enabler for TLS Encrypted…

Networking and Internet Architecture · Computer Science 2024-09-13 Hongying Dong , Yizhe Zhang , Hyeonmin Lee , Shumon Huque , Yixin Sun

DDoS attacks are one of the most prevalent and harmful cybersecurity threats faced by organizations and individuals today. In recent years, the complexity and frequency of DDoS attacks have increased significantly, making it challenging to…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-08-20 Zain Ahmad , Musab Ahmad , Bilal Ahmad

Predicitions made by neural networks can be fraudulently altered by so-called poisoning attacks. A special case are backdoor poisoning attacks. We study suitable detection methods and introduce a new method called Heatmap Clustering. There,…

Machine Learning · Computer Science 2022-04-28 Lukas Schulth , Christian Berghoff , Matthias Neu

We present a certified defense to clean-label poisoning attacks under $\ell_2$-norm. These attacks work by injecting a small number of poisoning samples (e.g., 1%) that contain bounded adversarial perturbations into the training data to…

Cryptography and Security · Computer Science 2025-06-03 Sanghyun Hong , Nicholas Carlini , Alexey Kurakin

A recent paper (circa 2020) by Osterwile et al., entitled "21 Years of Distributed Denial of Service: A Call to Action", states: "We are falling behind in the war against distributed denial-of-service attacks. Unless we act now, the future…

Cryptography and Security · Computer Science 2022-02-01 Naftaly H. Minsky

This paper exposes a new vulnerability and introduces a corresponding attack, the NoneXistent Name Server Attack (NXNSAttack), that disrupts and may paralyze the DNS system, making it difficult or impossible for Internet users to access…

Cryptography and Security · Computer Science 2020-09-30 Yehuda Afek , Anat Bremler-Barr , Lior Shafir

The DNS is a key component of the Internet. Originally designed to facilitate the resolution of host names to IP addresses, its scope has continuously expanded over the years, today covering use cases such as load balancing or service…

Networking and Internet Architecture · Computer Science 2025-10-31 Mathis Engelbart , Mike Kosek , Lars Eggert , Jörg Ott

Many cache designs have been proposed to guard against contention-based side-channel attacks. One well-known type of cache is the randomized remapping cache. Many randomized remapping caches provide fixed or over protection, which leads to…

Cryptography and Security · Computer Science 2024-05-31 Xiao Liu , Mark Zwolinski , Basel Halak

Deep neural networks (DNNs) have become one of the enabling technologies in many safety-critical applications, e.g., autonomous driving and medical image analysis. DNN systems, however, suffer from various kinds of threats, such as…

Machine Learning · Computer Science 2020-10-19 Yu Li , Min Li , Bo Luo , Ye Tian , Qiang Xu

Integrity and trust on the web build on X.509 certificates. Misuse or misissuance of these certificates threaten the Web PKI security model, which led to the development of several guarding techniques. In this paper, we study the DNS/DNSSEC…

Cryptography and Security · Computer Science 2024-07-03 Pouyan Fotouhi Tehrani , Raphael Hiesgen , Teresa Lübeck , Thomas C. Schmidt , Matthias Wählisch

Most online communications rely on DNS to map domain names to their hosting IP address(es). Previous work has shown that DNS-based network interference is widespread due to the unencrypted and unauthenticated nature of the original DNS…

Networking and Internet Architecture · Computer Science 2022-02-02 Nguyen Phong Hoang , Michalis Polychronakis , Phillipa Gill

Distributed Denial of Service (DDoS) attacks remain a persistent threat to the availability of Internet services, edge networks, and cyber-physical infrastructure. Although recent AI-security work has increasingly focused on foundation…

Cryptography and Security · Computer Science 2026-05-19 Vedanth Ramanathan , Krish Mahadevan , Sejal Dua

In this paper, we shed new light on the DNS amplification ecosystem, by studying complementary data sources, bolstered by orthogonal methodologies. First, we introduce a passive attack detection method for the Internet core, i.e., at…

Cryptography and Security · Computer Science 2021-10-07 Marcin Nawrocki , Mattijs Jonker , Thomas C. Schmidt , Matthias Wählisch

Domain fronting is a network communication technique that involves leveraging (or abusing) content delivery networks (CDNs) to disguise the final destination of network packets by presenting them as if they were intended for a different…

Cryptography and Security · Computer Science 2024-09-02 Karthika Subramani , Roberto Perdisci , Pierros Skafidas

The Domain Name System (DNS) is a critical service that enables domain names to be converted to IP addresses (or vice versa); consequently, it is generally permitted through enterprise security systems (e.g., firewalls) with little…

Networking and Internet Architecture · Computer Science 2024-10-28 Minzhao Lyu , Hassan Habibi Gharakheili , Craig Russell , Vijay Sivaraman

Randomizing the address-to-set mapping and partitioning of the cache has been shown to be an effective mechanism in designing secured caches. Several designs have been proposed on a variety of rationales: (1) randomized design, (2)…

Cryptography and Security · Computer Science 2025-01-31 Anirban Chakraborty , Nimish Mishra , Sayandeep Saha , Sarani Bhattacharya , Debdeep Mukhopadhyay

Randomized, skewed caches (RSCs) such as CEASER-S have recently received much attention to defend against contention-based cache side channels. By randomizing and regularly changing the mapping(s) of addresses to cache sets, these…

Cryptography and Security · Computer Science 2022-09-30 Thomas Unterluggauer , Austin Harris , Scott Constable , Fangfei Liu , Carlos Rozas