{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T15:18:14Z","timestamp":1773155894266,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":31,"publisher":"ACM","license":[{"start":{"date-parts":[[2016,10,24]],"date-time":"2016-10-24T00:00:00Z","timestamp":1477267200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"US National Science Foundation","award":["CNS-1237265"],"award-info":[{"award-number":["CNS-1237265"]}]},{"name":"Natural Science Foundation of China","award":["61472215"],"award-info":[{"award-number":["61472215"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,10,24]]},"DOI":"10.1145\/2976749.2978394","type":"proceedings-article","created":{"date-parts":[[2016,10,25]],"date-time":"2016-10-25T12:46:35Z","timestamp":1477399595000},"page":"1516-1527","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":29,"title":["Host of Troubles"],"prefix":"10.1145","author":[{"given":"Jianjun","family":"Chen","sequence":"first","affiliation":[{"name":"Tsinghua University & Tsingua National Laboratory for Information Science and Technology, Beijing, China"}]},{"given":"Jian","family":"Jiang","sequence":"additional","affiliation":[{"name":"UC Berkeley, Berkeley, CA, USA"}]},{"given":"Haixin","family":"Duan","sequence":"additional","affiliation":[{"name":"Tsinghua University & Tsingua National Laboratory for Information Science and Technology, Beijing, China"}]},{"given":"Nicholas","family":"Weaver","sequence":"additional","affiliation":[{"name":"UC Berkeley & ICSI, Berkeley, CA, USA"}]},{"given":"Tao","family":"Wan","sequence":"additional","affiliation":[{"name":"Huawei Canada, Ottawa, Canada"}]},{"given":"Vern","family":"Paxson","sequence":"additional","affiliation":[{"name":"UC Berkeley & ICSI, Berkeley, CA, USA"}]}],"member":"320","published-online":{"date-parts":[[2016,10,24]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Bueno C. HTTP Cache Poisoning via Host Header Injection. http:\/\/carlos.bueno.org\/2008\/06\/host-header-injection.html June 2008.  Bueno C. HTTP Cache Poisoning via Host Header Injection. http:\/\/carlos.bueno.org\/2008\/06\/host-header-injection.html June 2008."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23442"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2736277.2741089"},{"key":"e_1_3_2_1_4_1","first-page":"605","volume-title":"USENIX","author":"Durumeric Z.","unstructured":"Durumeric , Z. , Wustrow , E. , and Halderman , J. A . ZMap: Fast Internet-wide Scanning and Its Security Applications. In Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13) (Washington, D.C., 2013) , USENIX , pp. 605 -- 620 . Durumeric, Z., Wustrow, E., and Halderman, J. A. ZMap: Fast Internet-wide Scanning and Its Security Applications. In Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13) (Washington, D.C., 2013), USENIX, pp. 605--620."},{"key":"e_1_3_2_1_5_1","volume-title":"June","author":"Fielding R.","year":"1999","unstructured":"Fielding , R. , Gettys , J. , Mogul , J. , Frystyk , H. , Masinter , L. , Leach , P. , and Berners-Lee , T. Hypertext Transfer Protocol -- HTTP\/1.1. RFC 2616 (Draft Standard) , June 1999 . Obsoleted by RFCs 7230, 7231, 7232, 7233, 7234, 7235, updated by RFCs 2817, 5785, 6266, 6585. Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and Berners-Lee, T. Hypertext Transfer Protocol -- HTTP\/1.1. RFC 2616 (Draft Standard), June 1999. Obsoleted by RFCs 7230, 7231, 7232, 7233, 7234, 7235, updated by RFCs 2817, 5785, 6266, 6585."},{"key":"e_1_3_2_1_6_1","volume-title":"June","author":"Fielding R.","year":"2014","unstructured":"Fielding , R. , and Reschke , J . Hypertext Transfer Protocol (HTTP\/1.1): Message Syntax and Routing. RFC 7230 (Proposed Standard) , June 2014 . Fielding, R., and Reschke, J. Hypertext Transfer Protocol (HTTP\/1.1): Message Syntax and Routing. RFC 7230 (Proposed Standard), June 2014."},{"key":"e_1_3_2_1_7_1","unstructured":"Giobbi R. Vulnerability Note VU#435052: Intercepting Proxy Servers may Incorrectly Rely on HTTP Headers to Make Connections. http:\/\/www.kb.cert.org\/vuls\/id\/435052 February 2009.  Giobbi R. Vulnerability Note VU#435052: Intercepting Proxy Servers may Incorrectly Rely on HTTP Headers to Make Connections. http:\/\/www.kb.cert.org\/vuls\/id\/435052 February 2009."},{"key":"e_1_3_2_1_8_1","volume-title":"Traffic Normalization, and End-to-End Protocol Semantics. In USENIX Security","author":"Handley M.","year":"2001","unstructured":"Handley , M. , Paxson , V. , and Kreibich , C . Network Intrusion Detection: Evasion , Traffic Normalization, and End-to-End Protocol Semantics. In USENIX Security ( 2001 ). Handley, M., Paxson, V., and Kreibich, C. Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics. In USENIX Security (2001)."},{"key":"e_1_3_2_1_9_1","volume-title":"Nov.","author":"Hodges J.","year":"2012","unstructured":"Hodges , J. , Jackson , C. , and Barth , A . HTTP Strict Transport Security (HSTS). RFC 6797 (Proposed Standard) , Nov. 2012 . Hodges, J., Jackson, C., and Barth, A. HTTP Strict Transport Security (HSTS). RFC 6797 (Proposed Standard), Nov. 2012."},{"key":"e_1_3_2_1_10_1","volume-title":"Proceedings of W2SP","author":"Huang L.-S.","year":"2011","unstructured":"Huang , L.-S. , Chen , E. Y. , Barth , A. , Rescorla , E. , and Jackson , C . Talking to Yourself for Fun and Profit . Proceedings of W2SP ( 2011 ), 1--11. Huang, L.-S., Chen, E. Y., Barth, A., Rescorla, E., and Jackson, C. Talking to Yourself for Fun and Profit. Proceedings of W2SP (2011), 1--11."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.15"},{"key":"e_1_3_2_1_12_1","unstructured":"Kettle J. Practical HTTP Host Header Attacks. http:\/\/www.skeletonscribe.net\/2013\/05\/practical-http-host-header-attacks.html May 2013.  Kettle J. Practical HTTP Host Header Attacks. http:\/\/www.skeletonscribe.net\/2013\/05\/practical-http-host-header-attacks.html May 2013."},{"key":"e_1_3_2_1_13_1","volume-title":"Advanced Evasion Techniques - Measuring the Threat Detection Capabilities of Up-to-Date Network Security Devices. Master's Thesis (08","author":"Korhonen E.","year":"2012","unstructured":"Korhonen , E. Advanced Evasion Techniques - Measuring the Threat Detection Capabilities of Up-to-Date Network Security Devices. Master's Thesis (08 2012 ). Korhonen, E. Advanced Evasion Techniques - Measuring the Threat Detection Capabilities of Up-to-Date Network Security Devices. Master's Thesis (08 2012)."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879173"},{"key":"e_1_3_2_1_15_1","first-page":"1","volume":"22","author":"Linhart C.","year":"2006","unstructured":"Linhart , C. , Klein , A. , Heled , R. , and Orrin , S. HTTP Request Smuggling. Computer Security Journal 22 , 1 ( 2006 ), 13. Linhart, C., Klein, A., Heled, R., and Orrin, S. HTTP Request Smuggling. Computer Security Journal 22, 1 (2006), 13.","journal-title":"HTTP Request Smuggling. Computer Security Journal"},{"key":"e_1_3_2_1_16_1","volume-title":"Evading Deep Inspection for Fun and Shell. Black Hat USA","author":"Niemi O.-P.","year":"2013","unstructured":"Niemi , O.-P. , and Levomaki , A . Evading Deep Inspection for Fun and Shell. Black Hat USA ( 2013 ). Niemi, O.-P., and Levomaki, A. Evading Deep Inspection for Fun and Shell. Black Hat USA (2013)."},{"key":"e_1_3_2_1_17_1","first-page":"9","volume-title":"Proceedings of the 3rd USENIX conference on Offensive technologies","author":"Oberheide J.","year":"2009","unstructured":"Oberheide , J. , Bailey , M. , and Jahanian , F . PolyPack: an Automated Online Packing Service for Optimal Antivirus Evasion . In Proceedings of the 3rd USENIX conference on Offensive technologies ( 2009 ), USENIX Association , pp. 9 -- 9 . Oberheide, J., Bailey, M., and Jahanian, F. PolyPack: an Automated Online Packing Service for Optimal Antivirus Evasion. In Proceedings of the 3rd USENIX conference on Offensive technologies (2009), USENIX Association, pp. 9--9."},{"key":"e_1_3_2_1_18_1","volume-title":"RECON","author":"Porst S.","year":"2010","unstructured":"Porst , S. How to Really Obfuscate your PDF Malware . RECON , July ( 2010 ). Porst, S. How to Really Obfuscate your PDF Malware. RECON, July (2010)."},{"key":"e_1_3_2_1_19_1","volume":"793","author":"Postel","unstructured":"Postel , J. Transmission Control Protocol. RFC 793 (INTERNET STANDARD), Sept. 1981. Updated by RFCs 1122, 3168, 6093, 6528. Postel, J. Transmission Control Protocol. RFC 793 (INTERNET STANDARD), Sept. 1981. Updated by RFCs 1122, 3168, 6093, 6528.","journal-title":"J. Transmission Control Protocol. RFC"},{"key":"e_1_3_2_1_20_1","volume-title":"DTIC Document","author":"Ptacek T. H.","year":"1998","unstructured":"Ptacek , T. H. , and Newsham , T. N . Insertion, Evasion, and Denial of service: Eluding Network Intrusion Detection. Tech. rep ., DTIC Document , 1998 . Ptacek, T. H., and Newsham, T. N. Insertion, Evasion, and Denial of service: Eluding Network Intrusion Detection. Tech. rep., DTIC Document, 1998."},{"key":"e_1_3_2_1_21_1","volume-title":"A Look at Whisker's Anti-IDS Tactics. Online (12","author":"Puppy R. F.","year":"1999","unstructured":"Puppy , R. F. A Look at Whisker's Anti-IDS Tactics. Online (12 1999 ). Puppy, R. F. A Look at Whisker's Anti-IDS Tactics. Online (12 1999)."},{"key":"e_1_3_2_1_22_1","volume-title":"Protocol-level evasion of web application firewalls. Black Hat USA","author":"Ristic I.","year":"2012","unstructured":"Ristic , I. Protocol-level evasion of web application firewalls. Black Hat USA ( 2012 ). Ristic, I. Protocol-level evasion of web application firewalls. Black Hat USA (2012)."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1111320.1111070"},{"key":"e_1_3_2_1_24_1","unstructured":"Team S. Squid Proxy Cache Security Update Advisory SQUID-2016:7. http:\/\/www.squid-cache.org\/Advisories\/SQUID-2016_7.txt May 2016.  Team S. Squid Proxy Cache Security Update Advisory SQUID-2016:7. http:\/\/www.squid-cache.org\/Advisories\/SQUID-2016_7.txt May 2016."},{"key":"e_1_3_2_1_25_1","unstructured":"Team S. Squid Proxy Cache Security Update Advisory SQUID-2016:8. http:\/\/www.squid-cache.org\/Advisories\/SQUID-2016_8.txt May 2016.  Team S. Squid Proxy Cache Security Update Advisory SQUID-2016:8. http:\/\/www.squid-cache.org\/Advisories\/SQUID-2016_8.txt May 2016."},{"key":"e_1_3_2_1_26_1","volume-title":"March","author":"Thomson M.","year":"2015","unstructured":"Thomson , M. The Harmful Consequences of Postel's Maxim. https:\/\/tools.ietf.org\/html\/draft-thomson-postel-was-wrong-00 , March 2015 . Thomson, M. The Harmful Consequences of Postel's Maxim. https:\/\/tools.ietf.org\/html\/draft-thomson-postel-was-wrong-00, March 2015."},{"key":"e_1_3_2_1_27_1","unstructured":"Ullrich S. HTTP Evader - Automate Firewall Evasion Tests. http:\/\/noxxi.de\/research\/http-evader.html.  Ullrich S. HTTP Evader - Automate Firewall Evasion Tests. http:\/\/noxxi.de\/research\/http-evader.html."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813633"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.27"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-04918-2_18"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-15509-8_20"}],"event":{"name":"CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security","location":"Vienna Austria","acronym":"CCS'16","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978394","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978394","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:40:15Z","timestamp":1750218015000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978394"}},"subtitle":["Multiple Host Ambiguities in HTTP Implementations"],"short-title":[],"issued":{"date-parts":[[2016,10,24]]},"references-count":31,"alternative-id":["10.1145\/2976749.2978394","10.1145\/2976749"],"URL":"https:\/\/doi.org\/10.1145\/2976749.2978394","relation":{},"subject":[],"published":{"date-parts":[[2016,10,24]]},"assertion":[{"value":"2016-10-24","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}