{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:17:49Z","timestamp":1766441869717,"version":"3.48.0"},"publisher-location":"New York, NY, USA","reference-count":73,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,11,19]]},"DOI":"10.1145\/3719027.3744832","type":"proceedings-article","created":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T23:32:38Z","timestamp":1763854358000},"page":"1619-1633","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["RebirthDay Attack: Reviving DNS Cache Poisoning with the Birthday Paradox"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7388-1329","authenticated-orcid":false,"given":"Xiang","family":"Li","sequence":"first","affiliation":[{"name":"Nankai Univeristy, Tianjin, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9797-6875","authenticated-orcid":false,"given":"Mingming","family":"Zhang","sequence":"additional","affiliation":[{"name":"Zhongguancun Laboratory, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-5077-0112","authenticated-orcid":false,"given":"Zuyao","family":"Xu","sequence":"additional","affiliation":[{"name":"Nankai Univeristy, Tianjin, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-3542-0533","authenticated-orcid":false,"given":"Fasheng","family":"Miao","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-5717-6232","authenticated-orcid":false,"given":"Yuqi","family":"Qiu","sequence":"additional","affiliation":[{"name":"Nankai Univeristy, Tianjin, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9032-8063","authenticated-orcid":false,"given":"Baojun","family":"Liu","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7896-3382","authenticated-orcid":false,"given":"Jia","family":"Zhang","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7130-6029","authenticated-orcid":false,"given":"Xiaofeng","family":"Zheng","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0083-733X","authenticated-orcid":false,"given":"Haixin","family":"Duan","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2984-2661","authenticated-orcid":false,"given":"Zheli","family":"Liu","sequence":"additional","affiliation":[{"name":"Nankai University, Tianjin, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-6266-2142","authenticated-orcid":false,"given":"Yunhai","family":"Zhang","sequence":"additional","affiliation":[{"name":"NSFOCUS Technologies Group, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2199-6834","authenticated-orcid":false,"given":"Dunqiu","family":"Fan","sequence":"additional","affiliation":[{"name":"NSFOCUS Technologies Group, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2025,11,22]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proceedings of 2019 IEEE Conference on Computer Communications (INFOCOM '19)","author":"Alharbi Fatemah","year":"2019","unstructured":"Fatemah Alharbi, Jie Chang, Yuchen Zhou, Feng Qian, Zhiyun Qian, and Nael B. Abu-Ghazaleh. Collaborative Client-Side DNS Cache Poisoning Attack. In Proceedings of 2019 IEEE Conference on Computer Communications (INFOCOM '19), 2019."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.32"},{"key":"e_1_3_2_1_3_1","volume-title":"DNS Resolvers Use. https:\/\/stats.labs.apnic.net\/rvrs","author":"APNIC.","year":"2023","unstructured":"APNIC. DNS Resolvers Use. https:\/\/stats.labs.apnic.net\/rvrs, 2023."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.17487\/rfc4033"},{"key":"e_1_3_2_1_5_1","volume-title":"Bellovin. Using the Domain Name System for System Break-ins. In Proceedings of the 5th USENIX Security Symposium (USENIX Security '95)","author":"Steven","year":"1995","unstructured":"Steven M. Bellovin. Using the Domain Name System for System Break-ins. In Proceedings of the 5th USENIX Security Symposium (USENIX Security '95), 1995."},{"key":"e_1_3_2_1_6_1","volume-title":"Michael Waidner. Domain Validation For MitM-Resilient PKI. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS '18)","author":"Brandt Markus","year":"2018","unstructured":"Markus Brandt, Tianxiang Dai, Amit Klein, Haya Shulman, and Michael Waidner. Domain Validation For MitM-Resilient PKI. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS '18), 2018."},{"key":"e_1_3_2_1_7_1","volume-title":"State of IP Spoofing. https:\/\/spoofer.caida.org\/summary.php","author":"CAIDA.","year":"2025","unstructured":"CAIDA. State of IP Spoofing. https:\/\/spoofer.caida.org\/summary.php, 2025."},{"key":"e_1_3_2_1_8_1","volume-title":"https:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?assetid=496170","author":"Advisories CC.","year":"1996","unstructured":"CERT\/CC. 1996 CERT Advisories. https:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?assetid=496170, 1996."},{"key":"e_1_3_2_1_9_1","volume-title":"https:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?assetid=496174","author":"Advisories CC.","year":"1997","unstructured":"CERT\/CC. 1997 CERT Advisories. https:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?assetid=496174, 1997."},{"key":"e_1_3_2_1_10_1","volume-title":"https:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?assetid=496190","author":"Advisories CC.","year":"2001","unstructured":"CERT\/CC. 2001 CERT Advisories. https:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?assetid=496190, 2001."},{"key":"e_1_3_2_1_11_1","volume-title":"Thorsten Holz. Going Wild: Large-Scale Classification of Open DNS Resolvers. In Proceedings of the 2015 ACM Internet Measurement Conference (IMC '15)","author":"Cho Kenjiro","year":"2015","unstructured":"Kenjiro Cho, Kensuke Fukuda, Vivek Pai, Neil Spring, Marc K\u00fchrer, Thomas Hupperich, Jonas Bushart, Christian Rossow, and Thorsten Holz. Going Wild: Large-Scale Classification of Open DNS Resolvers. In Proceedings of the 2015 ACM Internet Measurement Conference (IMC '15), 2015."},{"volume-title":"What is DNS cache poisoning? | DNS spoofing. https:\/\/www.cloudflare.com\/learning\/dns\/dns-cache-poisoning\/","year":"2025","key":"e_1_3_2_1_12_1","unstructured":"Cloudflare. What is DNS cache poisoning? | DNS spoofing. https:\/\/www.cloudflare.com\/learning\/dns\/dns-cache-poisoning\/, 2025."},{"key":"e_1_3_2_1_13_1","volume-title":"AlterNIC Takes over InterNIC Traffic. https:\/\/www.cnet.com\/tech\/mobile\/alternic-takes-over-internic-traffic\/","author":"CNET.","year":"1997","unstructured":"CNET. AlterNIC Takes over InterNIC Traffic. https:\/\/www.cnet.com\/tech\/mobile\/alternic-takes-over-internic-traffic\/, 1997."},{"key":"e_1_3_2_1_14_1","volume-title":"RFC Informational","author":"Contavalli Carlo","year":"2016","unstructured":"Carlo Contavalli, Wilmer van der Gaast, David C Lawrence, and Warren Kumari. RFC 7871: Client Subnet in DNS Queries. RFC Informational, 2016."},{"key":"e_1_3_2_1_15_1","volume-title":"Wenke Lee. Recursive DNS Architectures and Vulnerability Implications. In Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS '09)","author":"Dagon David","year":"2009","unstructured":"David Dagon, Manos Antonakakis, Kevin Day, Xiapu Luo, Christopher P. Lee, and Wenke Lee. Recursive DNS Architectures and Vulnerability Implications. In Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS '09), 2009."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455798"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.17487\/rfc6891"},{"key":"e_1_3_2_1_18_1","volume-title":"Proceedings of the 32nd USENIX Security Symposium (USENIX Security '23)","author":"Heftrig Elias","year":"2023","unstructured":"Elias Heftrig, Haya Shulman, and Michael Waidner. Downgrading DNSSEC: How to Exploit Crypto Agility for Hijacking Signed Zones. In Proceedings of the 32nd USENIX Security Symposium (USENIX Security '23), 2023."},{"key":"e_1_3_2_1_19_1","volume-title":"Herzberg and Haya Shulman. Security of Patched DNS. In Proceedings of the 17th European Symposium on Research in Computer Security (ESORICS '12)","author":"Amir","year":"2012","unstructured":"Amir Herzberg and Haya Shulman. Security of Patched DNS. In Proceedings of the 17th European Symposium on Research in Computer Security (ESORICS '12), 2012."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2013.6682711"},{"key":"e_1_3_2_1_21_1","volume-title":"Herzberg and Haya Shulman. Socket Overloading for Fun and Cache-Poisoning. In Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC '13)","author":"Amir","year":"2013","unstructured":"Amir Herzberg and Haya Shulman. Socket Overloading for Fun and Cache-Poisoning. In Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC '13), 2013."},{"key":"e_1_3_2_1_22_1","volume-title":"Herzberg and Haya Shulman. Vulnerable Delegation of DNS Resolution. In Proceedings of the 18th European Symposium on Research in Computer Security (ESORICS '13)","author":"Amir","year":"2013","unstructured":"Amir Herzberg and Haya Shulman. Vulnerable Delegation of DNS Resolution. In Proceedings of the 18th European Symposium on Research in Computer Security (ESORICS '13), 2013."},{"key":"e_1_3_2_1_23_1","volume-title":"Various DNS Service Implementations Generate Multiple Simultaneous Queries for the Same Resource Record. https:\/\/www.kb.cert.org\/vuls\/id\/457875","author":"Householder Allen","year":"2002","unstructured":"Allen Householder and Ian A Finlay. Various DNS Service Implementations Generate Multiple Simultaneous Queries for the Same Resource Record. https:\/\/www.kb.cert.org\/vuls\/id\/457875, 2002."},{"key":"e_1_3_2_1_24_1","volume-title":"RFC Draft","author":"Huque Shumon","year":"2022","unstructured":"Shumon Huque, Paul Vixie, and Ralph Dolmans. Draft: Delegation Revalidation by DNS Resolvers. RFC Draft, 2022."},{"key":"e_1_3_2_1_25_1","volume-title":"Centralized Zone Data Service. https:\/\/czds.icann.org\/","author":"ICANN.","year":"2023","unstructured":"ICANN. Centralized Zone Data Service. https:\/\/czds.icann.org\/, 2023."},{"key":"e_1_3_2_1_26_1","volume-title":"Proceedings of the 30th USENIX Security Symposium (USENIX Security '21)","author":"Jeitner Philipp","year":"2021","unstructured":"Philipp Jeitner and Haya Shulman. Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS. In Proceedings of the 30th USENIX Security Symposium (USENIX Security '21), 2021."},{"key":"e_1_3_2_1_27_1","volume-title":"Enhance Resilience of Residential Routers. In Proceedings of the 31st USENIX Security Symposium (USENIX Security '22)","author":"Jeitner Philipp","year":"2022","unstructured":"Philipp Jeitner, Haya Shulman, Lucas Teichmann, and Michael Waidner. XDRI Attacks - and - How to Enhance Resilience of Residential Routers. In Proceedings of the 31st USENIX Security Symposium (USENIX Security '22), 2022."},{"key":"e_1_3_2_1_28_1","volume-title":"Black Ops of TCP\/IP","author":"Kaminsky Dan","year":"2005","unstructured":"Dan Kaminsky. Black Ops of TCP\/IP 2005. https:\/\/www.blackhat.com\/presentations\/bh-jp-05\/bh-jp-05-kaminsky\/bh-jp-05-kaminsky.pdf, 2005."},{"key":"e_1_3_2_1_29_1","volume-title":"It's the End of the Cache as We Know It. https:\/\/www.blackhat.com\/presentations\/bh-jp-08\/bh-jp-08-Kaminsky\/BlackHat-Japan-08-Kaminsky-DNS08-BlackOps.pdf","author":"Kaminsky Dan","year":"2008","unstructured":"Dan Kaminsky. It's the End of the Cache as We Know It. https:\/\/www.blackhat.com\/presentations\/bh-jp-08\/bh-jp-08-Kaminsky\/BlackHat-Japan-08-Kaminsky-DNS08-BlackOps.pdf, 2008."},{"key":"e_1_3_2_1_30_1","volume":"201","author":"Kenneally Erin","unstructured":"Erin Kenneally and David Dittrich. The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research. SSRN Electronic Journal, 2012.","journal-title":"Communication Technology Research. SSRN Electronic Journal"},{"key":"e_1_3_2_1_31_1","volume-title":"Trusteer","author":"Klein Amit","year":"2007","unstructured":"Amit Klein. BIND 8 DNS Cache Poisoning. Trusteer, 2007."},{"key":"e_1_3_2_1_32_1","volume-title":"Trusteer","author":"Klein Amit","year":"2007","unstructured":"Amit Klein. BIND 9 DNS Cache Poisoning. Trusteer, 2007."},{"key":"e_1_3_2_1_33_1","volume-title":"Trusteer","author":"Klein Amit","year":"2007","unstructured":"Amit Klein. OpenBSD DNS Cache Poisoning and Multiple O\/S Predictable IP ID Vulnerability. Trusteer, 2007."},{"key":"e_1_3_2_1_34_1","volume-title":"Trusteer","author":"Klein Amit","year":"2007","unstructured":"Amit Klein. Windows DNS Server Cache Poisoning. Trusteer, 2007."},{"key":"e_1_3_2_1_35_1","volume-title":"Trusteer","author":"Klein Amit","year":"2008","unstructured":"Amit Klein. PowerDNS Recursor DNS Cache Poisoning. Trusteer, 2008."},{"key":"e_1_3_2_1_36_1","unstructured":"Amit Klein. DNS Record Injection Vulnerabilities in Home Routers. http:\/\/www.icir.org\/mallman\/talks\/schomp-dns-security-nanog61.pdf 2014."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00054"},{"key":"e_1_3_2_1_38_1","volume-title":"Qi Li. Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation. In Proceedings of the 30th Annual Network and Distributed System Security Symposium (NDSS '23)","author":"Li Xiang","year":"2023","unstructured":"Xiang Li, Baojun Liu, Xuesong Bai, Mingming Zhang, Qifan Zhang, Zhou Li, Haixin Duan, and Qi Li. Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation. In Proceedings of the 30th Annual Network and Distributed System Security Symposium (NDSS '23), 2023."},{"key":"e_1_3_2_1_39_1","volume-title":"Network Periphery Discovery and Security Implications. In Proceedings of the 2021 IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN '21)","author":"Li Xiang","year":"2021","unstructured":"Xiang Li, Baojun Liu, Xiaofeng Zheng, Haixin Duan, Qi Li, and Youjun Huang. Fast IPv6 Network Periphery Discovery and Security Implications. In Proceedings of the 2021 IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN '21), 2021."},{"key":"e_1_3_2_1_40_1","volume-title":"Qi Li. The Maginot Line: Attacking the Boundary of DNS Caching Protection. In Proceedings of the 32nd USENIX Security Symposium (USENIX Security '23)","author":"Li Xiang","year":"2023","unstructured":"Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan, and Qi Li. The Maginot Line: Attacking the Boundary of DNS Caching Protection. In Proceedings of the 32nd USENIX Security Symposium (USENIX Security '23), 2023."},{"key":"e_1_3_2_1_41_1","volume-title":"Qi Li. DNSBomb: A New Practical-and-Powerful Pulsing DoS Attack Exploiting DNS Queries-and-Responses. In Proceedings of 2025 IEEE Symposium on Security and Privacy (S&P '24)","author":"Li Xiang","year":"2024","unstructured":"Xiang Li, Dashuai Wu, Haixin Duan, and Qi Li. DNSBomb: A New Practical-and-Powerful Pulsing DoS Attack Exploiting DNS Queries-and-Responses. In Proceedings of 2025 IEEE Symposium on Security and Privacy (S&P '24), 2024."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00172"},{"key":"e_1_3_2_1_43_1","volume-title":"Min Yang. Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path. In Proceedings of the 27th USENIX Security Symposium (USENIX Security '18)","author":"Liu Baojun","year":"2018","unstructured":"Baojun Liu, Chaoyi Lu, Hai-Xin Duan, Ying Liu, Zhou Li, Shuang Hao, and Min Yang. Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path. In Proceedings of the 27th USENIX Security Symposium (USENIX Security '18), 2018."},{"key":"e_1_3_2_1_44_1","volume-title":"Haixin Duan. DNS Cache Poisoning Attack Reloaded: Revolutions with Side Channels. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS '20)","author":"Man Keyu","year":"2020","unstructured":"Keyu Man, Zhiyun Qian, Zhongjie Wang, Xiaofeng Zheng, Youjun Huang, and Haixin Duan. DNS Cache Poisoning Attack Reloaded: Revolutions with Side Channels. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS '20), 2020."},{"key":"e_1_3_2_1_45_1","volume-title":"Zhiyun Qian. DNS Cache Poisoning Attack: Resurrections with Side Channels. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS '21)","author":"Man Keyu","year":"2021","unstructured":"Keyu Man, Xin'an Zhou, and Zhiyun Qian. DNS Cache Poisoning Attack: Resurrections with Side Channels. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS '21), 2021."},{"key":"e_1_3_2_1_46_1","volume-title":"https:\/\/mathworld.wolfram.com\/BirthdayAttack.html","author":"Attack Birthday","year":"2025","unstructured":"MathWorld. Birthday Attack. https:\/\/mathworld.wolfram.com\/BirthdayAttack.html, 2025."},{"key":"e_1_3_2_1_47_1","volume-title":"https:\/\/mathworld.wolfram.com\/BirthdayProblem.html","author":"Problem Birthday","year":"2025","unstructured":"MathWorld. Birthday Problem. https:\/\/mathworld.wolfram.com\/BirthdayProblem.html, 2025."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00011"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.17487\/rfc1034"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.17487\/rfc1035"},{"key":"e_1_3_2_1_51_1","volume-title":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-1999-0024","author":"NIST.","year":"1997","unstructured":"NIST. CVE-1999-0024. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-1999-0024, 1997."},{"key":"e_1_3_2_1_52_1","volume-title":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2000-0335","author":"NIST.","year":"2000","unstructured":"NIST. CVE-2000-0335. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2000-0335, 2000."},{"key":"e_1_3_2_1_53_1","volume-title":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2002-2211","author":"NIST.","year":"2002","unstructured":"NIST. CVE-2002-2211. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2002-2211, 2002."},{"key":"e_1_3_2_1_54_1","volume-title":"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2008-1447","author":"NIST.","year":"2008","unstructured":"NIST. CVE-2008-1447. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2008-1447, 2008."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/2896816"},{"key":"e_1_3_2_1_56_1","volume-title":"spoof-nearmiss-max. https:\/\/docs.powerdns.com\/recursor\/settings.html#spoof-nearmiss-max","author":"DNS.","year":"2025","unstructured":"PowerDNS. spoof-nearmiss-max. https:\/\/docs.powerdns.com\/recursor\/settings.html#spoof-nearmiss-max, 2025."},{"key":"e_1_3_2_1_57_1","volume-title":"https:\/\/atlas.ripe.net\/","author":"Atlas RIPE. RIPE","year":"2025","unstructured":"RIPE. RIPE Atlas. https:\/\/atlas.ripe.net\/, 2025."},{"key":"e_1_3_2_1_58_1","volume-title":"https:\/\/routerchart.com\/brands","author":"Routers Popular","year":"2023","unstructured":"RouterChart. Popular Routers. https:\/\/routerchart.com\/brands, 2023."},{"key":"e_1_3_2_1_59_1","volume-title":"Vulnerability in Requests Control of BIND Versions 4 and 8 Allows DNS Spoofing. https:\/\/lists.isc.org\/pipermail\/bind-users\/2002-November\/043141.html","author":"Sacramento Vagner","year":"2002","unstructured":"Vagner Sacramento. Vulnerability in Requests Control of BIND Versions 4 and 8 Allows DNS Spoofing. https:\/\/lists.isc.org\/pipermail\/bind-users\/2002-November\/043141.html, 2002."},{"key":"e_1_3_2_1_60_1","volume-title":"Mark Allman. On Measuring the Client-side DNS Infrastructure. In Proceedings of the 2013 Internet Measurement Conference (IMC '13)","author":"Schomp Kyle","year":"2013","unstructured":"Kyle Schomp, Tom Callahan, Michael Rabinovich, and Mark Allman. On Measuring the Client-side DNS Infrastructure. In Proceedings of the 2013 Internet Measurement Conference (IMC '13), 2013."},{"key":"e_1_3_2_1_61_1","volume-title":"Addressing Weaknesses in the Domain Name System Protocol. Master's thesis","author":"Schuba Christoph","year":"1993","unstructured":"Christoph Schuba and Eugene H Spafford. Addressing Weaknesses in the Domain Name System Protocol. Master's thesis, Purdue University, 1993."},{"volume-title":"Massive DNS Poisoning Attacks in Brazil. https:\/\/securelist.com\/massive-dns-poisoning-attacks-in-brazil\/31628\/","year":"2011","key":"e_1_3_2_1_62_1","unstructured":"SecureList. Massive DNS Poisoning Attacks in Brazil. https:\/\/securelist.com\/massive-dns-poisoning-attacks-in-brazil\/31628\/, 2011."},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-07536-5_31"},{"key":"e_1_3_2_1_64_1","volume-title":"DNS Cache Poisoning. In Proceedings of the 6th International ICST Conference on Security and Privacy in Communication Systems (SecureComm '10)","author":"Son Sooel","year":"2010","unstructured":"Sooel Son and Vitaly Shmatikov. The Hitchhiker's Guide to DNS Cache Poisoning. In Proceedings of the 6th International ICST Conference on Security and Privacy in Communication Systems (SecureComm '10), 2010."},{"volume-title":"systemd-resolved.service and VPNs. https:\/\/systemd.io\/RESOLVED-VPNS\/","year":"2025","key":"e_1_3_2_1_65_1","unstructured":"systemd. systemd-resolved.service and VPNs. https:\/\/systemd.io\/RESOLVED-VPNS\/, 2025."},{"key":"e_1_3_2_1_66_1","volume-title":"Vixie. DNS and BIND Security Issues. In Proceedings of the 5th USENIX Security Symposium (USENIX Security '95)","author":"Paul","year":"1995","unstructured":"Paul Vixie. DNS and BIND Security Issues. In Proceedings of the 5th USENIX Security Symposium (USENIX Security '95), 1995."},{"key":"e_1_3_2_1_67_1","volume-title":"RFC Proposed Standard","author":"Vixie Paul","year":"1999","unstructured":"Paul Vixie. RFC 2671: Extension Mechanisms for DNS (EDNS(0)). RFC Proposed Standard, 1999."},{"volume-title":"List of Router Firmware Projects. https:\/\/en.wikipedia.org\/wiki\/List_of_router_firmware_projects","year":"2023","key":"e_1_3_2_1_68_1","unstructured":"Wikipedia. List of Router Firmware Projects. https:\/\/en.wikipedia.org\/wiki\/List_of_router_firmware_projects, 2023."},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616668"},{"key":"e_1_3_2_1_70_1","volume-title":"Strange Attractors and TCP\/IP Sequence Number Analysis","author":"Zalewski Michal","year":"2001","unstructured":"Michal Zalewski. Strange Attractors and TCP\/IP Sequence Number Analysis. RAZOR\/BindView Corporation, 2001."},{"key":"e_1_3_2_1_71_1","volume-title":"Shuang Hao. DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains. In Proceedings of the 2023 ACM Special Interest Group on Measurement and Evaluation (SIGMETRICS '23)","author":"Zhang Mingming","year":"2023","unstructured":"Mingming Zhang, Xiang Li, Baojun Liu, Jianyu Lu, Jianjun Chen, Yiming Zhang, Xiaofeng Zheng, Haixin Duan, and Shuang Hao. DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains. In Proceedings of the 2023 ACM Special Interest Group on Measurement and Evaluation (SIGMETRICS '23), 2023."},{"key":"e_1_3_2_1_72_1","volume-title":"Zhou Li. ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing. In Proceedings of the 33rd USENIX Security Symposium (USENIX Security '24)","author":"Zhang Qifan","year":"2024","unstructured":"Qifan Zhang, Xuesong Bai, Xiang Li, Haixin Duan, Qi Li, and Zhou Li. ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing. In Proceedings of the 33rd USENIX Security Symposium (USENIX Security '24), 2024."},{"key":"e_1_3_2_1_73_1","volume-title":"Zhiyun Qian. Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices. In Proceedings of the 29th USENIX Security Symposium (USENIX Security '20)","author":"Zheng Xiaofeng","year":"2020","unstructured":"Xiaofeng Zheng, Chaoyi Lu, Jian Peng, Qiushi Yang, Dongjie Zhou, Baojun Liu, Keyu Man, Shuang Hao, Haixin Duan, and Zhiyun Qian. Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices. In Proceedings of the 29th USENIX Security Symposium (USENIX Security '20), 2020."}],"event":{"name":"CCS '25: ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Taipei Taiwan","acronym":"CCS '25"},"container-title":["Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3719027.3744832","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:11:48Z","timestamp":1766441508000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3719027.3744832"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,19]]},"references-count":73,"alternative-id":["10.1145\/3719027.3744832","10.1145\/3719027"],"URL":"https:\/\/doi.org\/10.1145\/3719027.3744832","relation":{},"subject":[],"published":{"date-parts":[[2025,11,19]]},"assertion":[{"value":"2025-11-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}