TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets

This paper proposes the TuDoor Attack, by systematically exploring and exploiting logic vulnerabilities in DNS response pre-processing with malformed packets, leading to DNS cache poisoning (1s), denial-of-service, and resource consuming attacks.

Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation

In this paper, we propose **Phoenix Domain**, a general and novel attack that allows adversaries to maintain the revoked malicious domain continuously resolvable at scale, which enables an old, mitigated attack, Ghost Domain.

Detecting and Measuring Security Risks of Hosting-Based Dangling Domains

In this paper, we present a novel framework, **HostingChecker** (**DareShark**), for detecting domain takeovers.

An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come?

DNS packets are designed to travel in unencrypted form through the Internet based on its initial standard. Recent discoveries show that real-world adversaries are actively exploiting this design vulnerability to compromise Internet users' security …