{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,2]],"date-time":"2026-04-02T16:10:32Z","timestamp":1775146232350,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":60,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,11,12]],"date-time":"2021-11-12T00:00:00Z","timestamp":1636675200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-sa\/4.0\/"}],"funder":[{"name":"NSF","award":["1652954"],"award-info":[{"award-number":["1652954"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,11,12]]},"DOI":"10.1145\/3460120.3486219","type":"proceedings-article","created":{"date-parts":[[2021,11,13]],"date-time":"2021-11-13T12:05:33Z","timestamp":1636805133000},"page":"3400-3414","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":30,"title":["DNS Cache Poisoning Attack: Resurrections with Side Channels"],"prefix":"10.1145","author":[{"given":"Keyu","family":"Man","sequence":"first","affiliation":[{"name":"University of California, Riverside, Riverside, CA, USA"}]},{"given":"Xin'an","family":"Zhou","sequence":"additional","affiliation":[{"name":"University of California, Riverside, Riverside, CA, USA"}]},{"given":"Zhiyun","family":"Qian","sequence":"additional","affiliation":[{"name":"University of California, Riverside, Riverside, CA, USA"}]}],"member":"320","published-online":{"date-parts":[[2021,11,13]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"[n.d.]. SADDNS website. https:\/\/www.saddns.net\/."},{"issue":"1","key":"e_1_3_2_2_2_1","first-page":"1","volume":"1","year":"2018","unstructured":"2018. Introducing DNS Resolver, 1.1.1.1 (not a joke). https:\/\/blog.cloudflare.com\/dns-resolver-1-1-1-1\/.","journal-title":"Introducing DNS Resolver"},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"crossref","unstructured":"D. Eastlake 3rd and M. Andrews. 2016. RFC 7873: Domain Name System (DNS) Cookies. Technical Report. https:\/\/tools.ietf.org\/html\/rfc7873","DOI":"10.17487\/RFC7873"},{"key":"e_1_3_2_2_4_1","unstructured":"S. Deering A. Conta and Ed. M. Gupta. 2006. RFC 4443: Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification. Technical Report. https:\/\/tools.ietf.org\/html\/rfc4443"},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363192"},{"key":"e_1_3_2_2_6_1","unstructured":"Akamai. 2021. Configure split-DNS forwarding on Cisco routers. https:\/\/learn.akamai.com\/en-us\/webhelp\/enterprise-threat-protector\/enterprise-threat-protector\/GUID-5916F532--2D1D-4CC0-B926--9D6CC44BEF33.html ."},{"key":"e_1_3_2_2_7_1","volume-title":"2015 IEEE Conference on Computer Communications (INFOCOM) .","author":"Alexander G.","unstructured":"G. Alexander and J. R. Crandall. 2015. Off-path round trip time measurement via TCP\/IP side channels. In 2015 IEEE Conference on Computer Communications (INFOCOM) ."},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2019-0071"},{"key":"e_1_3_2_2_9_1","volume-title":"Collaborative Client-Side DNS Cache Poisoning Attack. In IEEE INFOCOM 2019-IEEE Conference on Computer Communications. IEEE, 1153--1161","author":"Alharbi Fatemah","year":"2019","unstructured":"Fatemah Alharbi, Jie Chang, Yuchen Zhou, Feng Qian, Zhiyun Qian, and Nael Abu-Ghazaleh. 2019. Collaborative Client-Side DNS Cache Poisoning Attack. In IEEE INFOCOM 2019-IEEE Conference on Computer Communications. IEEE, 1153--1161."},{"key":"e_1_3_2_2_10_1","unstructured":"Hanieh Bagheri Victor Boteanu Willem Toorop and Benno Overeinder. 2013. Making do with what we've got: Using PMTUD for a higher DNS responsiveness."},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"crossref","unstructured":"F. Baker. 1995. RFC 1812: Requirements for IP Version 4 Routers. Technical Report. https:\/\/tools.ietf.org\/html\/rfc1812","DOI":"10.17487\/rfc1812"},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"crossref","unstructured":"R. Braden. 1989. RFC 1122: Requirements for Internet Hosts -- Communication Layers. Technical Report. https:\/\/tools.ietf.org\/html\/rfc1122","DOI":"10.17487\/rfc1122"},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243790"},{"key":"e_1_3_2_2_14_1","volume-title":"Off-Path TCP Exploits: Global Rate Limit Considered Dangerous. In 25th USENIX Security Symposium (USENIX Security 16)","author":"Cao Yue","unstructured":"Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, Srikanth V. Krishnamurthy, and Lisa M. Marvel. 2016. Off-Path TCP Exploits: Global Rate Limit Considered Dangerous. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 209--225."},{"key":"e_1_3_2_2_15_1","volume-title":"Marvel","author":"Cao Yue","year":"2018","unstructured":"Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, Srikanth V. Krishnamurthy, and Lisa M. Marvel. 2018. Off-Path TCP Exploits of the Challenge ACK Global Rate Limit. IEEE\/ACM Transactions on Networking (TON)."},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354250"},{"key":"e_1_3_2_2_17_1","volume-title":"Off-Path TCP Exploit: How Wireless Routers Can Jeopardize Your Secrets. In 27th USENIX Security Symposium (USENIX Security 18)","author":"Chen Weiteng","year":"2018","unstructured":"Weiteng Chen and Zhiyun Qian. 2018. Off-Path TCP Exploit: How Wireless Routers Can Jeopardize Your Secrets. In 27th USENIX Security Symposium (USENIX Security 18). 1581--1598."},{"key":"e_1_3_2_2_18_1","volume-title":"End-to-End View of the DNSSEC Ecosystem. In 26th USENIX Security Symposium (USENIX Security 17)","author":"Chung Taejoong","year":"2017","unstructured":"Taejoong Chung, Roland van Rijswijk-Deij, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, and Christo Wilson. 2017. A Longitudinal, End-to-End View of the DNSSEC Ecosystem. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 1307--1322."},{"key":"e_1_3_2_2_19_1","unstructured":"European Commision. 2014. Quality of Broadband Services in the EU. http:\/\/ec.europa.eu\/newsroom\/dae\/document.cfm?action=display&doc_id=10816 ."},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3452296.3472933"},{"key":"e_1_3_2_2_21_1","volume-title":"A Peek into the DNS Cookie Jar","author":"Davis Jacob","unstructured":"Jacob Davis and Casey Deccio. 2021. A Peek into the DNS Cookie Jar. In Passive and Active Measurement, Oliver Hohlfeld, Andra Lutu, and Dave Levin (Eds.). Springer International Publishing, Cham, 302--316."},{"key":"e_1_3_2_2_22_1","volume-title":"22nd ACM Conference on Computer and Communications Security.","author":"Durumeric Zakir","unstructured":"Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, and J. Alex Halderman. 2015. A Search Engine Backed by Internet-Wide Scanning. In 22nd ACM Conference on Computer and Communications Security."},{"key":"e_1_3_2_2_23_1","volume-title":"Proceedings of the 19th USENIX Conference on Security","author":"Ensafi Roya","unstructured":"Roya Ensafi, Jong Chun Park, Deepak Kapur, and Jedidiah R. Crandall. 2010. Idle Port Scanning and Non-Interference Analysis of Network Protocol Stacks Using Model Checking. In Proceedings of the 19th USENIX Conference on Security (Washington, DC) (USENIX Security'10). USENIX Association, USA, 17."},{"key":"e_1_3_2_2_24_1","unstructured":"FCC. 2018. Eighth Measuring Broadband America Fixed Broadband Report. https:\/\/www.fcc.gov\/reports-research\/reports\/measuring-broadband-america\/measuring-fixed-broadband-eighth-report."},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417884"},{"key":"e_1_3_2_2_26_1","unstructured":"Linux Foundation. 2021. net\/ipv4\/icmp\/c. https:\/\/elixir.bootlin.com\/linux\/v5.11\/source\/net\/ipv4\/icmp.c#L1218."},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"crossref","unstructured":"F. Gont. 2010. RFC 5927: ICMP Attacks against TCP. Technical Report. https:\/\/tools.ietf.org\/html\/rfc5927","DOI":"10.17487\/rfc5927"},{"key":"e_1_3_2_2_28_1","unstructured":"Google. 2021. IPv6 Adoption Statistics. https:\/\/www.google.com\/intl\/en\/ipv6\/statistics.html."},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-76481-8_1"},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2018.00088"},{"key":"e_1_3_2_2_31_1","volume-title":"Computer communications","author":"Harris Brendon","year":"1999","unstructured":"Brendon Harris and Ray Hunt. 1999. TCP\/IP security threats and attack methods. Computer communications, Vol. 22, 10 (1999), 885--897."},{"key":"e_1_3_2_2_32_1","volume-title":"Security of Patched DNS. In ESORICS","author":"Herzberg Amir","year":"2012","unstructured":"Amir Herzberg and Haya Shulman. 2012. Security of Patched DNS. In ESORICS 2012, Sara Foresti, Moti Yung, and Fabio Martinelli (Eds.)."},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2013.6682711"},{"key":"e_1_3_2_2_34_1","doi-asserted-by":"crossref","unstructured":"J. Mogul J. McCann S. Deering and Ed. R. Hinden. 2017. RFC 8201: Path MTU Discovery for IP version 6. Technical Report. https:\/\/tools.ietf.org\/html\/rfc8201","DOI":"10.17487\/RFC8201"},{"key":"e_1_3_2_2_35_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Jeitner Philipp","year":"2021","unstructured":"Philipp Jeitner and Haya Shulman. 2021. Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association."},{"key":"e_1_3_2_2_36_1","volume-title":"Black ops 2008: It's the end of the cache as we know it. Black Hat USA","author":"Kaminsky Dan","year":"2008","unstructured":"Dan Kaminsky. 2008. Black ops 2008: It's the end of the cache as we know it. Black Hat USA (2008)."},{"key":"e_1_3_2_2_37_1","volume-title":"Cross Layer Attacks and How to Use Them (for DNS Cache Poisoning, Device Tracking and More). arxiv","author":"Klein Amit","year":"2012","unstructured":"Amit Klein. 2020. Cross Layer Attacks and How to Use Them (for DNS Cache Poisoning, Device Tracking and More). arxiv: 2012.07432 [cs.CR]"},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2017.8057202"},{"key":"e_1_3_2_2_39_1","volume-title":"Counting Packets Sent Between Arbitrary Internet Hosts. In 4th USENIX Workshop on Free and Open Communications on the Internet (FOCI 14)","author":"Knockel Jeffrey","unstructured":"Jeffrey Knockel and Jedidiah R. Crandall. 2014. Counting Packets Sent Between Arbitrary Internet Hosts. In 4th USENIX Workshop on Free and Open Communications on the Internet (FOCI 14). USENIX Association, San Diego, CA."},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2815675.2815683"},{"key":"e_1_3_2_2_41_1","unstructured":"R. G. Fairhurst L. Eggert and G. Shepherd. 2017. RFC 8085: UDP Usage Guidelines. Technical Report. https:\/\/tools.ietf.org\/html\/rfc8085"},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"crossref","unstructured":"M. Lepinski and S. Kent. 2012. RFC 6480: An Infrastructure to Support Secure Internet Routing. Technical Report. https:\/\/tools.ietf.org\/html\/rfc6480","DOI":"10.17487\/rfc6480"},{"key":"e_1_3_2_2_43_1","unstructured":"lkm. 2007. Blind TCP\/IP Hijacking is Still Alive. http:\/\/phrack.org\/issues\/64\/13.html."},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354232"},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417280"},{"key":"e_1_3_2_2_46_1","doi-asserted-by":"crossref","unstructured":"P. Mockapetris. 1987. RFC 1035: DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION. Technical Report. https:\/\/tools.ietf.org\/html\/rfc1035","DOI":"10.17487\/rfc1035"},{"key":"e_1_3_2_2_47_1","doi-asserted-by":"crossref","unstructured":"J. Mogul and S. Deering. 1990. RFC 1191: Path MTU Discovery. Technical Report. https:\/\/tools.ietf.org\/html\/rfc1191","DOI":"10.17487\/rfc1191"},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"crossref","unstructured":"J. Postel. 1981. RFC 792: INTERNET CONTROL MESSAGE PROTOCOL. Technical Report. https:\/\/tools.ietf.org\/html\/rfc792","DOI":"10.17487\/rfc0792"},{"key":"e_1_3_2_2_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.29"},{"key":"e_1_3_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.42"},{"key":"e_1_3_2_2_51_1","doi-asserted-by":"crossref","unstructured":"Alan Quach Zhongjie Wang and Zhiyun Qian. 2017. Investigation of the 2016 Linux TCP Stack Vulnerability at Scale. SIGMETRICS Perform. Eval. Rev. (2017).","DOI":"10.1145\/3078505.3078510"},{"key":"e_1_3_2_2_52_1","unstructured":"M. Larson D. Massey R. Arends R. Austein and S. Rose. 2005. RFC 4035: Protocol Modifications for the DNS Security Extensions. Technical Report. https:\/\/tools.ietf.org\/html\/rfc4035"},{"key":"e_1_3_2_2_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2015.7249285"},{"key":"e_1_3_2_2_54_1","unstructured":"Kyle Schomp Tom Callahan Michael Rabinovich and Mark Allman. 2014. DNS Record Injectino Vulnerabilities in Home Routers. http:\/\/www.icir.org\/mallman\/talks\/schomp-dns-security-nanog61.pdf ."},{"key":"e_1_3_2_2_55_1","doi-asserted-by":"publisher","DOI":"10.1007\/11927587_5"},{"key":"e_1_3_2_2_56_1","unstructured":"W. Simpson T. Narten E. Nordmark and H. Soliman. 2007. RFC 4861: Neighbor Discovery for IP version 6 (IPv6). Technical Report. https:\/\/tools.ietf.org\/html\/rfc4861"},{"key":"e_1_3_2_2_57_1","unstructured":"P. Vixie and D. Dagon. 2008. Use of Bit 0x20 in DNS Labels to Improve Transaction Identity. Technical Report. https:\/\/tools.ietf.org\/html\/draft-vixie-dnsext-dns0x20-00"},{"key":"e_1_3_2_2_58_1","doi-asserted-by":"publisher","DOI":"10.15394\/jdfsl.2012.1117"},{"key":"e_1_3_2_2_59_1","volume-title":"Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices. In 29th USENIX Security Symposium (USENIX Security 20)","author":"Zheng Xiaofeng","year":"2020","unstructured":"Xiaofeng Zheng, Chaoyi Lu, Jian Peng, Qiushi Yang, Dongjie Zhou, Baojun Liu, Keyu Man, Shuang Hao, Haixin Duan, and Zhiyun Qian. 2020. Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, 577--593."},{"key":"e_1_3_2_2_60_1","doi-asserted-by":"publisher","DOI":"10.1145\/3379479"}],"event":{"name":"CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security","location":"Virtual Event Republic of Korea","acronym":"CCS '21","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3486219","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3460120.3486219","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3460120.3486219","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T20:54:39Z","timestamp":1763499279000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3486219"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,11,12]]},"references-count":60,"alternative-id":["10.1145\/3460120.3486219","10.1145\/3460120"],"URL":"https:\/\/doi.org\/10.1145\/3460120.3486219","relation":{},"subject":[],"published":{"date-parts":[[2021,11,12]]},"assertion":[{"value":"2021-11-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}