{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,3]],"date-time":"2026-06-03T14:26:38Z","timestamp":1780496798183,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":59,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,15]],"date-time":"2023-11-15T00:00:00Z","timestamp":1700006400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Alibaba Innovative Research Program (AIR)"},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62102218;62272265"],"award-info":[{"award-number":["62102218;62272265"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"CCF-Tencent Rhino-Bird Young Faculty Open Research Fund"},{"name":"Tsinghua University-China Telecom Corp., Ltd. Joint Research Center for Next Generation Internet Technology"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,15]]},"DOI":"10.1145\/3576915.3616668","type":"proceedings-article","created":{"date-parts":[[2023,11,21]],"date-time":"2023-11-21T12:35:13Z","timestamp":1700570113000},"page":"311-325","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":16,"title":["TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-6886-9786","authenticated-orcid":false,"given":"Wei","family":"Xu","sequence":"first","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7388-1329","authenticated-orcid":false,"given":"Xiang","family":"Li","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-3512-7612","authenticated-orcid":false,"given":"Chaoyi","family":"Lu","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9032-8063","authenticated-orcid":false,"given":"Baojun","family":"Liu","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0083-733X","authenticated-orcid":false,"given":"Haixin","family":"Duan","sequence":"additional","affiliation":[{"name":"Tsinghua University & Quancheng Laboratory; Zhongguancun Laboratory, Beijing, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7896-3382","authenticated-orcid":false,"given":"Jia","family":"Zhang","sequence":"additional","affiliation":[{"name":"Tsinghua University & Zhongguancun Laboratory, Beijing, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7511-1117","authenticated-orcid":false,"given":"Jianjun","family":"Chen","sequence":"additional","affiliation":[{"name":"Tsinghua University & Zhongguancun Laboratory, Beijing, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7732-8774","authenticated-orcid":false,"given":"Tao","family":"Wan","sequence":"additional","affiliation":[{"name":"CableLabs, Louisville, CO, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2023,11,21]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"1987. Domain names - concepts and facilities. RFC 1034. https:\/\/doi.org\/10. 17487\/RFC1034"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","unstructured":"1987. Domain names - implementation and specification. RFC 1035. https: \/\/doi.org\/10.17487\/RFC1035","DOI":"10.17487\/RFC1035"},{"key":"e_1_3_2_1_3_1","unstructured":"114DNS. 2023. 114DNS. http:\/\/www.114dns.com\/about.html"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC7873"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"crossref","unstructured":"Donald E. Eastlake 3rd Eric Brunner-Williams and Bill Manning. 2000. Domain Name System (DNS) IANA Considerations.","DOI":"10.17487\/rfc2929"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"crossref","unstructured":"Joe Abley \u00d3lafur Gu\u00f0mundsson Marek Majkowski and Evan Hunt. 2019. Providing Minimal-Sized Responses to DNS Queries That Have QTYPE=ANY.","DOI":"10.17487\/RFC8482"},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of USENIX Security '20","author":"Afek Yehuda","year":"2020","unstructured":"Yehuda Afek, Anat Bremler-Barr, and Lior Shafir. 2020. NXNSAttack: Recursive DNS Inefficiencies and Vulnerabilities. In Proceedings of USENIX Security '20."},{"key":"e_1_3_2_1_8_1","unstructured":"Akamai. 2023. Edge DNS. https:\/\/www.akamai.com\/products\/edge-dns"},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of ICTC '16","author":"Alieyan Kamal","unstructured":"Kamal Alieyan, Mohammed M. Kadhum, Mohammed Anbar, Shafiq Ul Rehman, and Naser K. A. Alajmi. 2016. An Overview of DDoS Attacks based on DNS. In Proceedings of ICTC '16."},{"key":"e_1_3_2_1_10_1","volume-title":"Yau","author":"Anagnostopoulos Marios","year":"2018","unstructured":"Marios Anagnostopoulos, Georgios Kambourakis, Stefanos Gritzalis, and David K. Y. Yau. 2018. Never Say Never: Authoritative TLD Nameserver-powered DNS Amplification. In Proceedings of IFIP '19."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"crossref","unstructured":"Mark P. Andrews. 1998. Negative Caching of DNS Queries (DNS NCACHE).","DOI":"10.17487\/rfc2308"},{"key":"e_1_3_2_1_12_1","unstructured":"APNIC. 2023. Use of DNS Resolvers for World (XA). https:\/\/stats.labs.apnic.net\/rvrs."},{"key":"e_1_3_2_1_13_1","unstructured":"Roy Arends and Jakob Schlyter. 2020. fpdns. https:\/\/github.com\/kirei\/fpdns"},{"key":"e_1_3_2_1_14_1","unstructured":"BIND. 2020. CVE-2020-8616. https:\/\/kb.isc.org\/docs\/cve-2020-8616."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_7"},{"key":"e_1_3_2_1_16_1","unstructured":"Cloudflare. 2023. Cloudflare DNS. https:\/\/developers.cloudflare.com\/dns\/"},{"key":"e_1_3_2_1_17_1","unstructured":"Internet Systems Consortium. 2023. BIND 9. https:\/\/bind9.readthedocs.io\/en\/v9_18_10\/"},{"key":"e_1_3_2_1_18_1","unstructured":"CZ.NIC. 2023 a. Knot Resolver. https:\/\/gitlab.nic.cz\/knot\/knot-resolver\/activity"},{"key":"e_1_3_2_1_19_1","unstructured":"CZ.NIC. 2023 b. Knot Resolver: policy.REFUSE. https:\/\/knot-resolver.readthedocs.io\/en\/stable\/modules-policy.html?#policy.REFUSE."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC6891"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","unstructured":"Robert Elz and Randy Bush. 1997. Clarifications to the DNS Specification. RFC 2181. https:\/\/doi.org\/10.17487\/RFC2181","DOI":"10.17487\/RFC2181"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2013.6566965"},{"key":"e_1_3_2_1_23_1","unstructured":"Google. 2023. Google Public DNS. https:\/\/developers.google.com\/speed\/public-dns\/."},{"key":"e_1_3_2_1_24_1","volume-title":"Gribble","author":"Gummadi P. Krishna","year":"2002","unstructured":"P. Krishna Gummadi, Stefan Saroiu, and Steven D. Gribble. 2002. King: Estimating Latency between Arbitrary Internet End Hosts. In Proceedings of IMC '02."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","unstructured":"Paul E. Hoffman. 2023. DNS Security Extensions (DNSSEC). RFC 9364. https:\/\/doi.org\/10.17487\/RFC9364","DOI":"10.17487\/RFC9364"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC8484"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC7858"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-72582-2_17"},{"key":"e_1_3_2_1_29_1","unstructured":"NLnet Labs. 2023. Unbound. https:\/\/www.nlnetlabs.nl\/projects\/unbound\/about\/"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2023.23005"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN48987.2021.00025"},{"key":"e_1_3_2_1_32_1","volume-title":"Proceedings of USENIX Security '23","author":"Li Xiang","year":"2023","unstructured":"Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan, and Qi Li. 2023 b. The Maginot Line: Attacking the Boundary of DNS Caching Protection. In Proceedings of USENIX Security '23."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00172"},{"key":"e_1_3_2_1_34_1","unstructured":"Florian Maury. 2015. The iDNS Attack (Resolver Loop). https:\/\/indico.dns-oarc.net\/event\/21\/contributions\/301\/"},{"key":"e_1_3_2_1_35_1","unstructured":"maxmind. 2023. GeoLite2 Free Geolocation Data. https:\/\/dev.maxmind.com\/geoip\/geolite2-free-geolocation-data"},{"key":"e_1_3_2_1_36_1","unstructured":"Mikrotik. 2023 a. About Mikrotik. https:\/\/mikrotik.com\/aboutus"},{"key":"e_1_3_2_1_37_1","unstructured":"Mikrotik. 2023 b. RouterOS FAQ. https:\/\/wiki.mikrotik.com\/wiki\/Manual:RouterOS_FAQ"},{"key":"e_1_3_2_1_38_1","volume-title":"Proceedings of USENIX Security '21","author":"Moon Soo-Jin","year":"2021","unstructured":"Soo-Jin Moon, Yucheng Yin, Rahul Anand Sharma, Yifei Yuan, Jonathan M. Spring, and Vyas Sekar. 2021. Accurately Measuring Global Risk of Amplification Attacks using AmpMap. In Proceedings of USENIX Security '21."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487824"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487835"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-98785-5_28"},{"key":"e_1_3_2_1_42_1","unstructured":"PowerDNS. 2023 a. Change the way RD=0 forwarded queries are handled. https:\/\/github.com\/PowerDNS\/pdns\/pull\/12425"},{"key":"e_1_3_2_1_43_1","unstructured":"PowerDNS. 2023 b. PowerDNS Recursor. https:\/\/doc.powerdns.com\/recursor\/index.html"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3419394.3423640"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23233"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2504730.2504734"},{"key":"e_1_3_2_1_47_1","unstructured":"Ben Schoon. 2021. Google's 8.8.8.8 DNS Service Slows down Amid Massive Facebook Outage. https:\/\/9to5google.com\/2021\/10\/04\/google-dns-service-facebook-outage-slowdown\/"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3517745.3561458"},{"key":"e_1_3_2_1_49_1","unstructured":"J. Stewart. 2003. Dns Cache Poisoning - The Next Generation. (2003)."},{"key":"e_1_3_2_1_50_1","unstructured":"Unbound. 2023. Fix not following cleared RD flags potentially enables amplification. https:\/\/github.com\/NLnetLabs\/unbound\/commit\/b12ab31ae36ae2b124748d37835d74dca15b161f"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663731"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2024.23113"},{"key":"e_1_3_2_1_53_1","volume-title":"Proceedings of USENIX ATC '20","author":"Yang Donghui","year":"2020","unstructured":"Donghui Yang, Zhenyu Li, and Gareth Tyson. 2020. A Deep Dive into {DNS} Query Failures. In Proceedings of USENIX ATC '20."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-98785-5_13"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/3603165.3607438"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/3618257.3624839"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3578338.3593534"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484768"},{"key":"e_1_3_2_1_59_1","volume-title":"Proceedings of USENIX Security '20","author":"Zheng Xiaofeng","year":"2020","unstructured":"Xiaofeng Zheng, Chaoyi Lu, Jian Peng, Qiushi Yang, Dongjie Zhou, Baojun Liu, Keyu Man, Shuang Hao, Haixin Duan, and Zhiyun Qian. 2020. Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices. In Proceedings of USENIX Security '20."}],"event":{"name":"CCS '23: ACM SIGSAC Conference on Computer and Communications Security","location":"Copenhagen Denmark","acronym":"CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3576915.3616668","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3576915.3616668","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,21]],"date-time":"2025-08-21T01:44:57Z","timestamp":1755740697000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3576915.3616668"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,15]]},"references-count":59,"alternative-id":["10.1145\/3576915.3616668","10.1145\/3576915"],"URL":"https:\/\/doi.org\/10.1145\/3576915.3616668","relation":{},"subject":[],"published":{"date-parts":[[2023,11,15]]},"assertion":[{"value":"2023-11-21","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}