{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,5]],"date-time":"2026-06-05T04:36:43Z","timestamp":1780634203568,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":47,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,30]],"date-time":"2017-10-30T00:00:00Z","timestamp":1509321600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1617902,CNS-1617593,CNS-1735396"],"award-info":[{"award-number":["CNS-1617902,CNS-1617593,CNS-1735396"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-16-1-2264"],"award-info":[{"award-number":["N00014-16-1-2264"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,10,30]]},"DOI":"10.1145\/3133956.3133988","type":"proceedings-article","created":{"date-parts":[[2017,10,27]],"date-time":"2017-10-27T12:48:18Z","timestamp":1509108498000},"page":"957-970","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":28,"title":["The Wolf of Name Street"],"prefix":"10.1145","author":[{"given":"Thomas","family":"Vissers","sequence":"first","affiliation":[{"name":"imec-DistriNet, KU Leuven, Leuven, Belgium"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Timothy","family":"Barron","sequence":"additional","affiliation":[{"name":"Stony Brook University, Stony Brook, NY, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Tom","family":"Van Goethem","sequence":"additional","affiliation":[{"name":"imec-DistriNet, KU Leuven, Leuven, Belgium"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Wouter","family":"Joosen","sequence":"additional","affiliation":[{"name":"imec-DistriNet, KU Leuven, Leuven, Belgium"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Nick","family":"Nikiforakis","sequence":"additional","affiliation":[{"name":"Stony Brook University, Stony Brook, NY, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2017,10,30]]},"reference":[{"key":"e_1_3_2_2_1_1","volume-title":"https:\/\/www.101domain.com\/ne.htm","author":"Limited GRS","year":"2017","unstructured":"101domain GRS Limited. 2017. .ne Domain Registration. (2017). https:\/\/www.101domain.com\/ne.htm"},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"crossref","unstructured":"A Hubert R van Mook. 2009. Measures for Making DNS More Resilient against Forged Answers. (2009). https:\/\/tools.ietf.org\/html\/rfc5452","DOI":"10.17487\/rfc5452"},{"key":"e_1_3_2_2_3_1","volume-title":"https:\/\/www.afnic.fr\/en\/your-domain-name\/manage-your-domain-name\/changing-registrars-3.html","author":"Changing Registrars AFNIC","year":"2017","unstructured":"AFNIC 2017. Changing Registrars. (2017). https:\/\/www.afnic.fr\/en\/your-domain-name\/manage-your-domain-name\/changing-registrars-3.html"},{"key":"e_1_3_2_2_4_1","volume-title":"Seven months' worth of mistakes: A longitudinal study of typosquatting abuse Proceedings of the 22nd Network and Distributed System Security Symposium (NDSS","author":"Agten Pieter","year":"2015","unstructured":"Pieter Agten, Wouter Joosen, Frank Piessens, and Nick Nikiforakis 2015. Seven months' worth of mistakes: A longitudinal study of typosquatting abuse Proceedings of the 22nd Network and Distributed System Security Symposium (NDSS 2015). Internet Society."},{"key":"e_1_3_2_2_5_1","unstructured":"Matt Bryant. 2015. Fishing the AWS IP Pool for Dangling Domains. http:\/\/www.bishopfox.com\/blog\/2015\/10\/fishing-the-aws-ip-pool-for-dangling-domains\/. (2015)."},{"key":"e_1_3_2_2_6_1","unstructured":"Matt Bryant. 2016. The Orphaned Internet: Taking Over 120K Domains via a DNS Vulnerability in AWS Google Cloud Rackspace and Digital Ocean. hrefhttps:\/\/thehackerblog.com\/the-orphaned-internet-taking-over-120k-domains-via-a-dns-vulnerability-in-aws-google-cloud-rackspace-and-digital-ocean\/nolinkurlhttps:\/\/thehackerblog.com\/ hrefhttps:\/\/thehackerblog.com\/the-orphaned-internet-taking-over-120k-domains-via-a-dns-vulnerability-in-aws-google-cloud-rackspace-and-digital-ocean\/nolinkurlthe-orphaned-internet-taking-over-120k-domains- hrefhttps:\/\/thehackerblog.com\/the-orphaned-internet-taking-over-120k-domains-via-a-dns-vulnerability-in-aws-google-cloud-rackspace-and-digital-ocean\/nolinkurlvia-a-dns-vulnerability-in-aws-google-cloud- hrefhttps:\/\/thehackerblog.com\/the-orphaned-internet-taking-over-120k-domains-via-a-dns-vulnerability-in-aws-google-cloud-rackspace-and-digital-ocean\/nolinkurlrackspace-and-digital-ocean\/. (2016)."},{"key":"e_1_3_2_2_7_1","unstructured":"CIRA 2017. Register your .CA. (2017). https:\/\/cira.ca\/ca-domains\/register-your-ca"},{"key":"e_1_3_2_2_8_1","unstructured":"Cloudflare. 2017. How DNSSEC Works. (2017). https:\/\/www.cloudflare.com\/dns\/dnssec\/how-dnssec-works\/"},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"crossref","unstructured":"Carlo Contavalli Warren Kumari and Wilmer van der Gaast. 2016. RFC7871: Client Subnet in DNS Queries. (2016). https:\/\/tools.ietf.org\/html\/rfc7871","DOI":"10.17487\/RFC7871"},{"key":"e_1_3_2_2_10_1","unstructured":"Nik Cubrilovic. 2009. The Anatomy Of The Twitter Attack. https:\/\/techcrunch.com\/2009\/07\/19\/the-anatomy-of-the-twitter-attack\/. (2009)."},{"key":"e_1_3_2_2_11_1","unstructured":"Dan York. 2011. DNSSEC Statistics. (2011). http:\/\/www.internetsociety.org\/deploy360\/dnssec\/statistics\/"},{"key":"e_1_3_2_2_12_1","volume-title":"Bitsquatting: DNS Hijacking without exploitation.","author":"Dinaburg Artem","year":"2011","unstructured":"Artem Dinaburg. 2011. Bitsquatting: DNS Hijacking without exploitation. (2011)."},{"key":"e_1_3_2_2_13_1","unstructured":"Domainr. 2017. Domainr Developer API. (2017). https:\/\/domainr.build\/"},{"key":"e_1_3_2_2_14_1","unstructured":"DomainTools. 2016. Domain Count Statistics for TLDs. (2016). http:\/\/research.domaintools.com\/statistics\/tld-counts\/"},{"key":"e_1_3_2_2_15_1","unstructured":"Email-Hippo. 2017. Email Validation Online Service. (2017). https:\/\/www.emailhippo.com\/en-US"},{"key":"e_1_3_2_2_16_1","volume-title":"Few Owners Ever Get It Back.","author":"Smith Gerry","year":"2014","unstructured":"Gerry Smith. 2014. When Hackers Steal A Web Address, Few Owners Ever Get It Back. (2014). http:\/\/www.huffingtonpost.com\/2014\/09\/29\/domain-theft_n_5877510.html"},{"key":"e_1_3_2_2_17_1","volume-title":"Where are your servers currently located?","author":"Google Public DNS.","year":"2017","unstructured":"Google Public DNS. 2017. Where are your servers currently located? (2017). https:\/\/developers.google.com\/speed\/public-dns\/faq#locations"},{"key":"e_1_3_2_2_18_1","unstructured":"ICANN 2016. Transfer Policy. (2016). https:\/\/www.icann.org\/resources\/pages\/transfer-policy-2016-06-01-en"},{"key":"e_1_3_2_2_19_1","unstructured":"ICANN 2017. Whois Inaccuracy Complaint Form. (2017). https:\/\/forms.icann.org\/en\/resources\/compliance\/complaints\/whois\/inaccuracy-form"},{"key":"e_1_3_2_2_20_1","volume-title":"Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting Proceedings of the 36th IEEE Symposium on Security and Privacy","author":"Khan Mohammad Taha","unstructured":"Mohammad Taha Khan, Xiang Huo, Zhou Li, and Chris Kanich. 2015. Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting Proceedings of the 36th IEEE Symposium on Security and Privacy."},{"key":"e_1_3_2_2_21_1","unstructured":"Let's Encrypt. 2017. How It Works. (2017). https:\/\/letsencrypt.org\/how-it-works\/"},{"key":"e_1_3_2_2_22_1","volume-title":"Proceedings of the 37th IEEE Symposium on Security and Privacy.","author":"Lever Chaz","year":"2016","unstructured":"Chaz Lever, Robert Walls, Yacin Nadji, David Dagon, Patrick McDaniel, and Manos Antonakakis 2016. Domain-Z: 28 Registrations Later. In Proceedings of the 37th IEEE Symposium on Security and Privacy."},{"key":"e_1_3_2_2_23_1","volume-title":"Security and Privacy (SP), 2013 IEEE Symposium on. IEEE, 112--126","author":"Li Zhou","year":"2013","unstructured":"Zhou Li, Sumayah Alrwais, Yinglian Xie, Fang Yu, and XiaoFeng Wang 2013. Finding the linchpins of the dark web: a study on topologically dedicated hosts on malicious web infrastructures. In Security and Privacy (SP), 2013 IEEE Symposium on. IEEE, 112--126."},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"crossref","unstructured":"Daiping Liu Shuai Hao and Haining Wang 2016. All Your DNS Records Point to Us: Understanding the Security Threats of Dangling DNS Records Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM 1414--1425.","DOI":"10.1145\/2976749.2978387"},{"key":"e_1_3_2_2_25_1","volume-title":"The Ghosts of Banking Past: Empirical Analysis of Closed Bank Websites. Financial Cryptography and Data Security","author":"Moore Tyler","unstructured":"Tyler Moore and Richard Clayton 2014. The Ghosts of Banking Past: Empirical Analysis of Closed Bank Websites. Financial Cryptography and Data Security. Springer, 33--48."},{"key":"e_1_3_2_2_26_1","volume-title":"Measuring the perpetrators and funders of typosquatting International Conference on Financial Cryptography and Data Security","author":"Moore Tyler","unstructured":"Tyler Moore and Benjamin Edelman 2010. Measuring the perpetrators and funders of typosquatting International Conference on Financial Cryptography and Data Security. Springer, 175--191."},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382274"},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2488388.2488474"},{"key":"e_1_3_2_2_29_1","volume-title":"Perils of transitive trust in the domain name system Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement","author":"Ramasubramanian Venugopalan","unstructured":"Venugopalan Ramasubramanian and Emin G\u00fcn Sirer 2005. Perils of transitive trust in the domain name system Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement. USENIX Association, 35--35."},{"key":"e_1_3_2_2_30_1","unstructured":"RAPID7 2015. Vulnerability and Exploit Database: BIND TKEY Query Denial of Service. https:\/\/www.rapid7.com\/db\/modules\/auxiliary\/dos\/dns\/bind_tkey. (2015)."},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2479957.2479959"},{"key":"e_1_3_2_2_32_1","volume-title":"The abandoned side of the Internet: Hijacking Internet resources when domain names expire International Workshop on Traffic Monitoring and Analysis","author":"Schlamp Johann","unstructured":"Johann Schlamp, Josef Gustafsson, Matthias W\"ahlisch, Thomas C Schmidt, and Georg Carle. 2015. The abandoned side of the Internet: Hijacking Internet resources when domain names expire International Workshop on Traffic Monitoring and Analysis. Springer, 188--201."},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1555349.1555372"},{"key":"e_1_3_2_2_34_1","volume-title":"How is DNS lookup order determined?","year":"2012","unstructured":"Serverfault. 2012. How is DNS lookup order determined? (2012). http:\/\/serverfault.com\/questions\/355414\/how-is-dns-lookup-order-determined"},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2872427.2882992"},{"key":"e_1_3_2_2_36_1","unstructured":"StartCom. 2017. StartCom Certificate Policy And Practice Statements. (2017). https:\/\/www.startcomca.com\/policy.pdf"},{"key":"e_1_3_2_2_37_1","unstructured":"Janos Szurdi Balazs Kocso Gabor Cseh Jonathan Spring Mark Felegyhazi and Chris Kanich. 2014. The Long\" Taile\" of Typosquatting Domain Names.. USENIX Security. 191--206."},{"key":"e_1_3_2_2_38_1","unstructured":"Martin Tartarelli. 2016. A Tale of a DNS Packet (CVE-2016--2776). http:\/\/blog.infobytesec.com\/2016\/10\/a-tale-of-dns-packet-cve-2016--2776.html. (Oct 2016)."},{"key":"e_1_3_2_2_39_1","unstructured":"Tezzaron Semiconductor. 2004. Soft Errors in Electronic Memory -- A White Paper. https:\/\/tezzaron.com\/media\/soft_errors_1_1_secure.pdf. (2004)."},{"key":"e_1_3_2_2_40_1","volume-title":"Parking Sensors: Analyzing and Detecting Parked Domains.","author":"Vissers Thomas","year":"2015","unstructured":"Thomas Vissers, Wouter Joosen, and Nick Nikiforakis. 2015. Parking Sensors: Analyzing and Detecting Parked Domains."},{"key":"e_1_3_2_2_41_1","first-page":"31","volume":"6","author":"Wang Yi-Min","year":"2006","unstructured":"Yi-Min Wang, Doug Beck, Jeffrey Wang, Chad Verbowski, and Brad Daniels 2006. Strider Typo-Patrol: Discovery and Analysis of Systematic Typo-Squatting. Vol. 6 (2006), 31--36.","journal-title":"Strider Typo-Patrol: Discovery and Analysis of Systematic Typo-Squatting."},{"key":"e_1_3_2_2_42_1","unstructured":"Duane Wessels. 2012. Evidence of Bitsquatting in COM\/NET Queries. https:\/\/www.nanog.org\/meetings\/nanog54\/presentations\/Tuesday\/Wessels.pdf. (2012)."},{"key":"e_1_3_2_2_43_1","unstructured":"D Wessels. 2016. (2016). http:\/\/serverfault.com\/a\/819858"},{"key":"e_1_3_2_2_44_1","unstructured":"Whoxy 2017. Whois Lookup API. (2017). https:\/\/www.whoxy.com\/#api"},{"key":"e_1_3_2_2_45_1","unstructured":"Ben Woods. 2013. 15 of the most expensive domains of all time. https:\/\/thenextweb.com\/shareables\/2013\/08\/13\/15-of-the-most-expensive-domains-of-all-time\/. (2013)."},{"key":"e_1_3_2_2_46_1","unstructured":"Nicky Woolf. 2016. DDoS attack that disrupted internet was largest of its kind in history experts say. (2016). https:\/\/www.theguardian.com\/technology\/2016\/oct\/26\/ddos-attack-dyn-mirai-botnet"},{"key":"e_1_3_2_2_47_1","unstructured":"ZyTrax Inc. 2015. DNS BIND Operations Statements: max-cache-ttl. (2015). http:\/\/www.zytrax.com\/books\/dns\/ch7\/hkpng.html#max-cache-ttlendthebibliography"}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","location":"Dallas Texas USA","acronym":"CCS '17","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3133988","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3133988","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3133988","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,26]],"date-time":"2025-06-26T19:34:08Z","timestamp":1750966448000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3133988"}},"subtitle":["Hijacking Domains Through Their Nameservers"],"short-title":[],"issued":{"date-parts":[[2017,10,30]]},"references-count":47,"alternative-id":["10.1145\/3133956.3133988","10.1145\/3133956"],"URL":"https:\/\/doi.org\/10.1145\/3133956.3133988","relation":{},"subject":[],"published":{"date-parts":[[2017,10,30]]},"assertion":[{"value":"2017-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}