English
Related papers

Related papers: NXNSAttack: Recursive DNS Inefficiencies and Vulne…

200 papers

Enterprise Networks are growing in scale and complexity, with heterogeneous connected assets needing to be secured in different ways. Nevertheless, virtually all connected assets use the Domain Name System (DNS) for address resolution, and…

Cryptography and Security · Computer Science 2022-05-19 Jawad Ahmed

We introduce a novel concept, called Name Confusion, and demonstrate how it can be employed to thwart multiple classes of code-reuse attacks. By building upon Name Confusion, we derive Phantom Name System (PNS): a security protocol that…

Cryptography and Security · Computer Science 2020-08-28 Mohamed Tarek Ibn Ziad , Miguel A. Arroyo , Evgeny Manzhosov , Vasileios P. Kemerlis , Simha Sethumadhavan

This paper summarizes selected results of the dissertation "Beobachtungsm\"oglichkeiten im Domain Name System: Angriffe auf die Privatsph\"are und Techniken zum Selbstdatenschutz". The dissertation provides new technical insights to answer…

Cryptography and Security · Computer Science 2017-03-20 Dominik Herrmann

Everyone is concerned about the Internet security, yet most traffic is not cryptographically protected. The usual justification is that most attackers are only off-path and cannot intercept traffic; hence, challenge-response mechanisms…

Cryptography and Security · Computer Science 2013-05-07 Yossi Gilad , Amir Herzberg , Haya Shulman

DNS dynamic updates represent an inherently vulnerable mechanism deliberately granting the potential for any host to dynamically modify DNS zone files. Consequently, this feature exposes domains to various security risks such as domain…

Cryptography and Security · Computer Science 2024-06-06 Yevheniya Nosyk , Maciej Korczyński , Carlos H. Gañán , Michał Król , Qasim Lone , Andrzej Duda

Content Delivery Networks (CDNs) are designed to enhance network performance and protect against web attack traffic for their hosting websites. And the HTTP compression request mechanism primarily aims to reduce unnecessary network…

Cryptography and Security · Computer Science 2024-09-04 Ziyu Lin , Zhiwei Lin , Ximeng Liu , Zuobing Ying , Cheng Chen

We demonstrate the first practical off-path time shifting attacks against NTP as well as against Man-in-the-Middle (MitM) secure Chronos-enhanced NTP. Our attacks exploit the insecurity of DNS allowing us to redirect the NTP clients to…

Cryptography and Security · Computer Science 2020-10-20 Philipp Jeitner , Haya Shulman , Michael Waidner

Cross-site scripting (XSS) poses a significant threat to web application security. While Deep Learning (DL) has shown remarkable success in detecting XSS attacks, it remains vulnerable to adversarial attacks due to the discontinuous nature…

Software Engineering · Computer Science 2026-03-23 Samuele Pasini , Gianluca Maragliano , Jinhan Kim , Paolo Tonella

Smart DNS (SDNS) services advertise access to "geofenced" content (typically, video streaming sites such as Netflix or Hulu) that is normally inaccessible unless the client is within a prescribed geographic region. SDNS is simple to use and…

Cryptography and Security · Computer Science 2020-12-16 Rahel A. Fainchtein , Adam J. Aviv , Micah Sherr , Stephen Ribaudo , Armaan Khullar

Existing DNS configuration verification tools face significant issues (e.g., inefficient and lacking support for incremental verification). Inspired by the advancements in recent work of distributed data plane verification and the…

Networking and Internet Architecture · Computer Science 2025-11-05 Yao Wang , Kexin Yu , Wenyun Xu , Kaiqiang Hu , Ziyi Wang , Lizhao You , Qiang Su , Dong Guo , Haizhou Du , Wanjian Feng , Qingyu Song , Linghe Kong , Qiao Xiang , Jiwu Shu

In this paper we investigate the feasibility of denial-of-service (DoS) attacks on shared caches in multicore platforms. With carefully engineered attacker tasks, we are able to cause more than 300X execution time increases on a victim task…

Hardware Architecture · Computer Science 2019-03-05 Michael G Bechtel , Heechul Yun

Since its introduction in 1987, the DNS has become one of the core components of the Internet. While it was designed to work with both TCP and UDP, DNS-over-UDP (DoUDP) has become the default option due to its low overhead. As new Resource…

Networking and Internet Architecture · Computer Science 2023-07-13 Pratyush Dikshit , Mike Kosek , Nils Faulhaber , Jayasree Sengupta , Vaibhav Bajpai

Today, Internet offers many critical applications. So, it becomes very crucial for Internet service providers to ensure traceability of operations and to secure data exchange. Since all these communications are based on the use of the…

Cryptography and Security · Computer Science 2012-08-01 Kaouthar Chetioui , Ghizlane Orhanou , Said El Hajji , Abdelmajid Lakbabi

Trusted timestamping consists in proving that certain data existed at a particular point in time. Existing timestamping methods require either a centralized and dedicated trusted service or the collaboration of other participants using the…

Networking and Internet Architecture · Computer Science 2014-03-12 Christoph Neumann , Olivier Heen , Stéphane Onno

Due to their proven efficiency, machine-learning systems are deployed in a wide range of complex real-life problems. More specifically, Spiking Neural Networks (SNNs) emerged as a promising solution to the accuracy, resource-utilization,…

Cryptography and Security · Computer Science 2021-01-26 Valerio Venceslai , Alberto Marchisio , Ihsen Alouani , Maurizio Martina , Muhammad Shafique

Improperly configured domain name system (DNS) servers are sometimes used as packet reflectors as part of a DoS or DDoS attack. Detecting packets created as a result of this activity is logically possible by monitoring the DNS request and…

Networking and Internet Architecture · Computer Science 2021-11-10 Keiichi Shima , Ryo Nakamura , Kazuya Okada , Tomohiro Ishihara , Daisuke Miyamoto , Yuji Sekiya

Privacy leaks are an unfortunate and an integral part of the current Internet domain name resolution. Each DNS query generated by a user reveals -- to one or more DNS servers -- the origin and target of that query. Over time, a user's…

Cryptography and Security · Computer Science 2015-03-13 Yanbin Lu , Gene Tsudik

Distributed Denial of Service (DDoS) attacks have plagued the Internet for decades, but the basic defense approaches have not fundamentally changed. Rather, the size and rate of growth in attacks have actually outpaced carriers' and DDoS…

Cryptography and Security · Computer Science 2021-04-14 Zhiyi Zhang , Vishrant Vasavada , Siva Kesava Reddy Kakarla , Angelos Stavrou , Eric Osterweil , Lixia Zhang

We present XSnare, a fully client-side XSS solution, implemented as a Firefox extension. Our approach takes advantage of available previous knowledge of a web application's HTML template content, as well as the rich context available in the…

Cryptography and Security · Computer Science 2020-05-19 Jose Carlos Pazos , Jean-Sebastien Legare , Ivan Beschastnikh , William Aiello

Nearly every service on the Internet relies on the Domain Name System (DNS), which translates a human-readable name to an IP address before two endpoints can communicate. Today, DNS traffic is unencrypted, leaving users vulnerable to…

Networking and Internet Architecture · Computer Science 2020-02-25 Austin Hounsel , Kevin Borgolte , Paul Schmitt , Jordan Holland , Nick Feamster