The Complete Guide to SCION
The first SCION book, published in 2017, summarized the results of eight years of work by
over a dozen researchers. Now, five years later, we have completely rewritten the book. It …
over a dozen researchers. Now, five years later, we have completely rewritten the book. It …
Can i take your subdomain? exploring {Same-Site} attacks in the modern web
Related-domain attackers control a sibling domain of their target web application, eg, as the
result of a subdomain takeover. Despite their additional power over traditional web …
result of a subdomain takeover. Despite their additional power over traditional web …
Configuration anormaly detection and resolution risk assessment of authoritative domain name server
C Li, Y Cheng, Z Zhang, P Yu - Computers & Security, 2023 - Elsevier
Authoritative domain name servers (referred to as authoritative servers) play a critical role in
the Domain Name System (DNS) by resolving domain names to specific IP or CNAME …
the Domain Name System (DNS) by resolving domain names to specific IP or CNAME …
Retroactive identification of targeted DNS infrastructure hijacking
In 2019, the US Department of Homeland Security issued an emergency warning about
DNS infrastructure tampering. This alert, in response to a series of attacks against foreign …
DNS infrastructure tampering. This alert, in response to a series of attacks against foreign …
A comprehensive, longitudinal study of government DNS deployment at global scale
Within the Domain Name System (DNS), government domains form a particularly valuable
part of the names-pace, representing trusted sources of information, vital services, and …
part of the names-pace, representing trusted sources of information, vital services, and …
{RHINE}: Robust and High-performance Internet Naming with {E2E} Authenticity
The variety and severity of recent DNS-based attacks under-score the importance of a
secure naming system. Although DNSSEC provides data authenticity in theory, practical …
secure naming system. Although DNSSEC provides data authenticity in theory, practical …
Wolf in Sheep's Clothing: Evaluating Security Risks of the Undelegated Record on DNS Hosting Services
Leveraging DNS for covert communications is appealing since most networks allow DNS
traffic, especially the ones directed toward renowned DNS hosting services. Unfortunately …
traffic, especially the ones directed toward renowned DNS hosting services. Unfortunately …
Measuring and mitigating the risk of ip reuse on public clouds
Public clouds provide scalable and cost-efficient computing through resource sharing.
However, moving from traditional on-premises service management to clouds introduces …
However, moving from traditional on-premises service management to clouds introduces …
Out of Sight, Out of Mind: Detecting Orphaned Web Pages at Internet-Scale
Security misconfigurations and neglected updates commonly lead to systems being
vulnerable. Especially in the context of websites, we often find pages that were forgotten …
vulnerable. Especially in the context of websites, we often find pages that were forgotten …
Detecting and measuring security risks of hosting-based dangling domains
Public hosting services provide convenience for domain owners to build web applications
with better scalability and security. However, if a domain name points to released service …
with better scalability and security. However, if a domain name points to released service …