{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,3]],"date-time":"2026-06-03T14:31:47Z","timestamp":1780497107235,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":51,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,11,2]],"date-time":"2021-11-02T00:00:00Z","timestamp":1635811200000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["CNS-1705050,CNS-1629973"],"award-info":[{"award-number":["CNS-1705050,CNS-1629973"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,11,2]]},"DOI":"10.1145\/3487552.3487817","type":"proceedings-article","created":{"date-parts":[[2021,11,1]],"date-time":"2021-11-01T17:35:11Z","timestamp":1635788111000},"page":"390-397","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":17,"title":["Home is where the hijacking is"],"prefix":"10.1145","author":[{"given":"Audrey","family":"Randall","sequence":"first","affiliation":[{"name":"UC San Diego"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Enze","family":"Liu","sequence":"additional","affiliation":[{"name":"UC San Diego"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ramakrishna","family":"Padmanabhan","sequence":"additional","affiliation":[{"name":"CAIDA\/UC San Diego"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Gautam","family":"Akiwate","sequence":"additional","affiliation":[{"name":"UC San Diego"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Geoffrey M.","family":"Voelker","sequence":"additional","affiliation":[{"name":"UC San Diego"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Stefan","family":"Savage","sequence":"additional","affiliation":[{"name":"UC San Diego"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Aaron","family":"Schulman","sequence":"additional","affiliation":[{"name":"UC San Diego"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2021,11,2]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879144"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-76481-8_11"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2317307.2317311"},{"key":"e_1_3_2_1_4_1","volume-title":"Proc. USENIX Workshop on Free and Open Communications on the Internet (FOCI)","author":"Anonymous","year":"2014","unstructured":"Anonymous. 2014. Towards a Comprehensive Picture of the Great Firewall's DNS Censorship. In Proc. USENIX Workshop on Free and Open Communications on the Internet (FOCI). San Diego, CA, USA."},{"key":"e_1_3_2_1_5_1","volume-title":"Proc. USENIX Workshop on Free and Open Communications on the Internet (FOCI). Washington, D.C., USA.","author":"Aryan Simurgh","unstructured":"Simurgh Aryan, Homa Aryan, and J. Alex Halderman. 2013. Internet Censorship in Iran: A First Look. In Proc. USENIX Workshop on Free and Open Communications on the Internet (FOCI). Washington, D.C., USA."},{"key":"e_1_3_2_1_6_1","unstructured":"Jeff Baumgartner. 2021. Comcast Taps Arris Technicolor for 'XB6' Gateways: Sources. https:\/\/www.nexttv.com\/news\/comcast-taps-arris-technicolor-xb6-gateways-sources-409944."},{"key":"e_1_3_2_1_7_1","unstructured":"RDK Central. 2021. CcspXDNS. https:\/\/wiki.rdkcentral.com\/display\/RDK\/CcspXDNS"},{"key":"e_1_3_2_1_8_1","unstructured":"RDK Central. 2021. RDK Surpasses 80 Million Device Deployments Across Leading Video and Broadband Service Providers. https:\/\/rdkcentral.com\/rdk-surpasses-80-million-device-deployments-across-leading-video-and-broadband-service-providers\/."},{"key":"e_1_3_2_1_9_1","unstructured":"RDK Central. 2021. Source code for RDK-B. https:\/\/code.rdkcentral.com\/r\/plugins\/gitiles\/rdkb\/components\/opensource\/ccsp\/Utopia\/+\/7afe5aba7c8e9b89a182cdcffe16159c3b431b16\/source\/firewall\/firewall.c"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2785956.2787500"},{"key":"e_1_3_2_1_11_1","unstructured":"Chuck. 2011. \"listen on 5353 too?\". https:\/\/groups.google.com\/g\/public-dns-discuss\/c\/MfpyYHcqzjI"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2987443.2987455"},{"key":"e_1_3_2_1_13_1","unstructured":"Hacker Codex. 2012. How to Stop Your ISP from Hijacking Your DNS Servers. https:\/\/hackercodex.com\/guide\/how-to-stop-isp-dns-server-hijacking\/"},{"key":"e_1_3_2_1_14_1","unstructured":"Tom Creighton Chris Griffiths Jason Livingood and Ralf Weber. 2010. DNS Redirect Use by Service Providers. Internet Draft: draft-livingood-dns-redirect-03."},{"key":"e_1_3_2_1_15_1","unstructured":"Dnsmasq. 2021. Dnsmasq - network services for small networks. https:\/\/thekelleys.org.uk\/dnsmasq\/doc.html"},{"key":"e_1_3_2_1_16_1","volume-title":"Proc. Workshop on Securing and Trusting Internet Names (SATIN)","author":"Duan Haixin","year":"2012","unstructured":"Haixin Duan, Nicholas Weaver, Zongxu Zhao, Meng Hu, Jinjin Liang, Jian Jiang, Kang Li, and Vern Paxson. 2012. Hold-On: Protecting Against On-Path DNS Poisoning. In Proc. Workshop on Securing and Trusting Internet Names (SATIN). London, United Kingdom."},{"key":"e_1_3_2_1_17_1","unstructured":"The Economist. 2013. France v Google. https:\/\/www.economist.com\/business\/2013\/01\/12\/france-v-google"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2013.6566965"},{"key":"e_1_3_2_1_19_1","unstructured":"Xfinity Community Forum. 2019. Changing the DNS on my machine didn't work... https:\/\/forums.xfinity.com\/t5\/Your-Home-Network\/Changing-the-DNS-on-my-machine-didn-t-work\/m-p\/3268054#M309013"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879174"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2013.6682711"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"Paul Hoffman and Patrick McManus. 2018. DNS Queries over HTTPS (DoH). RFC 9494. https:\/\/tools.ietf.org\/html\/rfc8484","DOI":"10.17487\/RFC8484"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"crossref","unstructured":"Zi Hu Liang Zhu John Heidemann Allison Mankin Duane Wessels and Paul Hoffman. 2016. Specification for DNS over Transport Layer Security (TLS). RFC 7858. https:\/\/tools.ietf.org\/html\/rfc7858","DOI":"10.17487\/RFC7858"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-30505-9_21"},{"key":"e_1_3_2_1_25_1","volume-title":"Proc. IEEE Conference on Computer Communications (INFOCOM).","author":"Jung Jaeyeon","year":"2003","unstructured":"Jaeyeon Jung, Arthur W. Berger, and Hari Balakrishnan. 2003. Modelling TTL-based Internet Caches. In Proc. IEEE Conference on Computer Communications (INFOCOM)."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/510726.510748"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2815675.2815683"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2017.63"},{"key":"e_1_3_2_1_29_1","unstructured":"Mario Korf and Barb Strom. 2018. Introducing a New whoami Tool for DNS Resolver Information. https:\/\/developer.akamai.com\/blog\/2018\/05\/10\/introducing-new-whoami-tool-dns-resolver-information"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879173"},{"key":"e_1_3_2_1_31_1","volume-title":"Proc. USENIX Security","author":"Lu Baojun","year":"2018","unstructured":"Liu, Baojun and Lu, Chaoyi and Duan, Haixin and Liu, Ying and Li, Zhou and Hao, Shuang and Yang, Min. 2018. Who is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path. In Proc. USENIX Security. Baltimore, MD, USA, 1113--1128."},{"key":"e_1_3_2_1_32_1","volume-title":"Proc. USENIX Annual Technical Conference","author":"Mao Zhuoqing Morley","year":"2002","unstructured":"Zhuoqing Morley Mao, Charles D. Cranor, Fred Douglis, Michael Rabinovich, Oliver Spatscheck, and Jia Wang. 2002. A Precise and Efficient Evaluation of the Proximity Between Web Clients and Their Local DNS Servers. In Proc. USENIX Annual Technical Conference. Monterey, CA, USA."},{"key":"e_1_3_2_1_33_1","volume-title":"Proc. Passive and Active Measurement Conference (PAM). Virtual, 427--443","author":"McGregor Andrew","year":"2021","unstructured":"Andrew McGregor, Phillipa Gill, and Nicholas Weaver. 2021. Cache Me Outside: A New Look at DNS Cache Probing. In Proc. Passive and Active Measurement Conference (PAM). Virtual, 427--443."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3355369.3355568"},{"key":"e_1_3_2_1_35_1","volume-title":"Ripe Atlas: A Global Internet Measurement Network. Internet Protocol Journal","author":"RIPE","year":"2015","unstructured":"RIPE NCC. 2015. Ripe Atlas: A Global Internet Measurement Network. Internet Protocol Journal (2015)."},{"key":"e_1_3_2_1_36_1","volume-title":"Proc. ACM Internet Measurement Conference (IMC)","author":"Otto John S.","unstructured":"John S. Otto, Mario A. S\u00e1nchez, John P. Rula, and Fabi\u00e1n E. Bustamante. 2012. Content Delivery and the Natural Evolution of DNS: Remote DNS Trends, Performance Issues and Alternative Solutions. In Proc. ACM Internet Measurement Conference (IMC). Boston, MA, USA, 523--536."},{"key":"e_1_3_2_1_37_1","volume-title":"Proc. USENIX Security","author":"Pearce Paul","year":"2017","unstructured":"Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Feamster, Nick Weaver, and Vern Paxson. 2017. Global Measurement of DNS Manipulation. In Proc. USENIX Security. Vancouver, BC, Canada."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-68914-0_2"},{"key":"e_1_3_2_1_39_1","volume-title":"Proc. USENIX Workshop on Hot Topics in Understanding Botnets","author":"Rajab Moheeb Abu","year":"2007","unstructured":"Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, and Andreas Terzis. 2007. My Botnet Is Bigger Than Yours (Maybe, Better Than Yours): Why Size Estimates Remain Challenging. In Proc. USENIX Workshop on Hot Topics in Understanding Botnets. Cambridge, MA, USA."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3419394.3423640"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-04918-2_21"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-16161-2_27"},{"key":"e_1_3_2_1_43_1","unstructured":"Xfinity Help & Support. 2020. Overview of Xfinity Gateways. https:\/\/www.xfinity.com\/support\/articles\/broadband-gateways-userguides"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2742647.2742675"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1610252.1610269"},{"key":"e_1_3_2_1_46_1","unstructured":"SoftEther VPN. 2021. VPNGate: Public VPN Relay Servers. https:\/\/vpngate.net"},{"key":"e_1_3_2_1_47_1","volume-title":"Proc. Workshop on Securing and Trusting Internet Names (SATIN)","author":"Weaver Nicholas","year":"2011","unstructured":"Nicholas Weaver, Christian Kreibich, Boris Nechaev, and Vern Paxson. 2011. Implications of Netalyzr's DNS Measurements. In Proc. Workshop on Securing and Trusting Internet Names (SATIN). Teddington, United Kingdom."},{"key":"e_1_3_2_1_48_1","volume-title":"Proc. USENIX Workshop on Free and Open Communications on the Internet (FOCI)","author":"Weaver Nicholas","year":"2011","unstructured":"Nicholas Weaver, Christian Kreibich, and Vern Paxson. 2011. Redirecting DNS for Ads and Profit. In Proc. USENIX Workshop on Free and Open Communications on the Internet (FOCI). San Francisco, CA, USA."},{"key":"e_1_3_2_1_49_1","volume-title":"Heidemann","author":"Wei Lan","year":"2020","unstructured":"Lan Wei and John S. Heidemann. 2020. Whac-A-Mole: Six Years of DNS Spoofing. arXiv (2020). https:\/\/arxiv.org\/abs\/2011.12978"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/948205.948216"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"crossref","unstructured":"Suzanne Woolf and David Conrad. 2007. Requirements for a Mechanism Identifying a Name Server Instance. RFC 4892. https:\/\/tools.ietf.org\/html\/rfc4892","DOI":"10.17487\/rfc4892"}],"event":{"name":"IMC '21: ACM Internet Measurement Conference","location":"Virtual Event","acronym":"IMC '21","sponsor":["SIGCOMM ACM Special Interest Group on Data Communication","SIGMETRICS ACM Special Interest Group on Measurement and Evaluation","USENIX Assoc USENIX Assoc"]},"container-title":["Proceedings of the 21st ACM Internet Measurement Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3487552.3487817","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/abs\/10.1145\/3487552.3487817","content-type":"text\/html","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3487552.3487817","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3487552.3487817","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,15]],"date-time":"2025-12-15T17:23:23Z","timestamp":1765819403000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3487552.3487817"}},"subtitle":["understanding DNS interception by residential routers"],"short-title":[],"issued":{"date-parts":[[2021,11,2]]},"references-count":51,"alternative-id":["10.1145\/3487552.3487817","10.1145\/3487552"],"URL":"https:\/\/doi.org\/10.1145\/3487552.3487817","relation":{},"subject":[],"published":{"date-parts":[[2021,11,2]]},"assertion":[{"value":"2021-11-02","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}