{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:32:22Z","timestamp":1766442742923,"version":"3.48.0"},"publisher-location":"New York, NY, USA","reference-count":41,"publisher":"ACM","funder":[{"DOI":"10.13039\/501100002347","name":"Bundesministerium f\u00fcr Bildung und Forschung","doi-asserted-by":"publisher","award":["16KIS2332K"],"award-info":[{"award-number":["16KIS2332K"]}],"id":[{"id":"10.13039\/501100002347","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002347","name":"Bundesministerium f\u00fcr Bildung und Forschung","doi-asserted-by":"publisher","award":["16KIS1815"],"award-info":[{"award-number":["16KIS1815"]}],"id":[{"id":"10.13039\/501100002347","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002347","name":"Bundesministerium f\u00fcr Bildung und Forschung","doi-asserted-by":"publisher","award":["16KIS2333"],"award-info":[{"award-number":["16KIS2333"]}],"id":[{"id":"10.13039\/501100002347","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,11,19]]},"DOI":"10.1145\/3719027.3765096","type":"proceedings-article","created":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T23:42:02Z","timestamp":1763854922000},"page":"3915-3929","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Forward to Hell? On the Potentials of Misusing Transparent DNS Forwarders in Reflective Amplification Attacks"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-3698-1342","authenticated-orcid":false,"given":"Maynard","family":"Koch","sequence":"first","affiliation":[{"name":"TU Dresden, Dresden, Saxony, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-2591-7264","authenticated-orcid":false,"given":"Florian","family":"Dolzmann","sequence":"additional","affiliation":[{"name":"TU Dresden, Dresden, Saxony, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0956-7885","authenticated-orcid":false,"given":"Thomas C.","family":"Schmidt","sequence":"additional","affiliation":[{"name":"HAW Hamburg, Hamburg, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3825-2807","authenticated-orcid":false,"given":"Matthias","family":"W\u00e4hlisch","sequence":"additional","affiliation":[{"name":"TU Dresden, Dresden, Saxony, Germany"}]}],"member":"320","published-online":{"date-parts":[[2025,11,22]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.fraope.2023.100010"},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2013.10.001"},{"key":"e_1_3_2_2_3_1","volume-title":"USENIX Workshop on Free and Open Communications on the Internet (FOCI)","author":"Anonymous","year":"2014","unstructured":"Anonymous. 2014. Towards a Comprehensive Picture of the Great Firewall's DNS Censorship. In USENIX Workshop on Free and Open Communications on the Internet (FOCI) (San Diego, CA, USA). USENIX Association, Berkeley, CA, USA. https:\/\/www.usenix.org\/conference\/foci14\/workshop-program\/presentation\/anonymous"},{"volume-title":"Censys IO Search 2.0. Website. https:\/\/search.censys.io\/ Retrieved","year":"2021","key":"e_1_3_2_2_4_1","unstructured":"Censys. 2017. Censys IO Search 2.0. Website. https:\/\/search.censys.io\/ Retrieved: May, 2021."},{"key":"e_1_3_2_2_5_1","volume-title":"CAIDA Spoofer Project. Website. https:\/\/www.caida.org\/projects\/spoofer\/ Retrieved","author":"Center for Applied Internet Data Analysis. 2021.","year":"2021","unstructured":"Center for Applied Internet Data Analysis. 2021. CAIDA Spoofer Project. Website. https:\/\/www.caida.org\/projects\/spoofer\/ Retrieved: May, 2021."},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813703"},{"key":"e_1_3_2_2_7_1","first-page":"605","volume-title":"Proc. of the 22nd USENIX Security Symposium (Washington, D.C., USA). USENIX Association","author":"Durumeric Zakir","unstructured":"Zakir Durumeric, Eric Wustrow, and J. Halderman. 2013. ZMap: Fast Internet-Wide Scanning and its Security Applications. In Proc. of the 22nd USENIX Security Symposium (Washington, D.C., USA). USENIX Association, Berkeley, CA, USA, 605-620. https:\/\/www.usenix.org\/conference\/usenixsecurity13\/technical-sessions\/paper\/durumeric"},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2994620.2994636"},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","unstructured":"P. Ferguson and D. Senie. 2000. Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing. RFC 2827. IETF. https:\/\/doi.org\/10.17487\/RFC2827","DOI":"10.17487\/RFC2827"},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3646547.3688451"},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2815675.2815683"},{"key":"e_1_3_2_2_12_1","first-page":"111","volume-title":"Proc. of 23rd USENIX Security Symposium","author":"K\u00fchrer Marc","year":"2014","unstructured":"Marc K\u00fchrer, Thomas Hupperich, Christian Rossow, and Thorsten Holz. 2014. Exit from Hell? Reducing the Impact of Amplification DDoS Attacks. In Proc. of 23rd USENIX Security Symposium (San Diego, CA). USENIX Association, Berkeley, CA, USA, 111-125. https:\/\/www.usenix.org\/conference\/usenixsecurity14\/technical-sessions\/presentation\/kuhrer"},{"key":"e_1_3_2_2_13_1","first-page":"1113","volume-title":"Proc. of the 27th USENIX Security Symposium","author":"Liu Baojun","year":"2018","unstructured":"Baojun Liu, Chaoyi Lu, Hai-Xin Duan, Ying Liu, Zhou Li, Shuang Hao, and Min Yang. 2018. Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path. In Proc. of the 27th USENIX Security Symposium (Baltimore, MD, USA.). USENIX Association, Berkeley, CA, USA, 1113-1128. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/liu-baojun"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2017.02.007"},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417280"},{"key":"e_1_3_2_2_16_1","unstructured":"Jared Mauch. 2013. Spoofing ASNs. NANOG mailing list. http:\/\/seclists.org\/nanog\/2013\/Aug\/132 Retrieved: May 2021."},{"key":"e_1_3_2_2_17_1","unstructured":"MaxMind Inc. 2025. MaxMind - GeoLite Country. https:\/\/dev.maxmind.com\/geoip\/geolite2-free-geolocation-data"},{"volume-title":"n.d a. CCR1036-8G-2S. Website. https:\/\/mikrotik.com\/product\/CCR1036-8G-2Splus#fndtn-specifications Retrieved","year":"2025","key":"e_1_3_2_2_18_1","unstructured":"MikroTik. n.d a. CCR1036-8G-2S. Website. https:\/\/mikrotik.com\/product\/CCR1036-8G-2Splus#fndtn-specifications Retrieved: April, 2025."},{"volume-title":"n.d b. hEX. Website. https:\/\/mikrotik.com\/product\/RB750Gr3#fndtn-testresults Retrieved","year":"2025","key":"e_1_3_2_2_19_1","unstructured":"MikroTik. n.d b. hEX. Website. https:\/\/mikrotik.com\/product\/RB750Gr3#fndtn-testresults Retrieved: January, 2025."},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","unstructured":"J.C. Mogul. 1984. Broadcasting Internet Datagrams. RFC 919. IETF. https:\/\/doi.org\/10.17487\/RFC0919","DOI":"10.17487\/RFC0919"},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487835"},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485983.3494872"},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-98785-5_28"},{"volume-title":"Speedtest Global Index. Website. https:\/\/www.speedtest.net\/global-index Retrieved","year":"2025","key":"e_1_3_2_2_24_1","unstructured":"Ookla. 2025. Speedtest Global Index. Website. https:\/\/www.speedtest.net\/global-index Retrieved: April, 2025."},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","unstructured":"C. Partridge T. Mendez and W. Milliken. 1993. Host Anycasting Service. RFC 1546. IETF. https:\/\/doi.org\/10.17487\/RFC1546","DOI":"10.17487\/RFC1546"},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487817"},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23233"},{"key":"e_1_3_2_2_28_1","volume-title":"Schmidt","author":"Ryba Fabrice J.","year":"2015","unstructured":"Fabrice J. Ryba, Matthew Orlinski, Matthias W\u00e4hlisch, Christian Rossow, and Thomas C. Schmidt. 2015. Amplification and DRDoS Attack Defense - A Survey and New Perspectives. Technical Report arXiv:1505.07892. Open Archive: arXiv.org. http:\/\/arxiv.org\/abs\/1505.07892"},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/2504730.2504734"},{"key":"e_1_3_2_2_30_1","unstructured":"Secnow! 2021. Open DNS Infrastructure. Website. http:\/\/odns.secnow.net\/data Retrieved: Sep 2024."},{"key":"e_1_3_2_2_31_1","volume-title":"onesixtyone - Fast SNMP Scanner. Code repository. https:\/\/github.com\/trailofbits\/onesixtyone Retrieved","author":"Sotirov Alex","year":"2025","unstructured":"Alex Sotirov. 2014. onesixtyone - Fast SNMP Scanner. Code repository. https:\/\/github.com\/trailofbits\/onesixtyone Retrieved: Apr, 2025."},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","unstructured":"K. Sriram D. Montgomery and J. Haas. 2020. Enhanced Feasible-Path Unicast Reverse Path Forwarding. RFC 8704. IETF. https:\/\/doi.org\/10.17487\/RFC8704","DOI":"10.17487\/RFC8704"},{"key":"e_1_3_2_2_33_1","volume-title":"Open Resolver Scanning Project. Website. https:\/\/scan.shadowserver.org\/dns\/ Retrieved","author":"Foundation The Shadowserver","year":"2021","unstructured":"The Shadowserver Foundation. 2021. Open Resolver Scanning Project. Website. https:\/\/scan.shadowserver.org\/dns\/ Retrieved: May, 2021."},{"key":"e_1_3_2_2_34_1","unstructured":"University of Oregon. 2017. Route Views Project. http:\/\/www.routeviews.org\/."},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3696410.3714834"},{"key":"e_1_3_2_2_36_1","first-page":"263","article-title":"Mirrors in the Sky: On the Potential of Clouds in DNS Reflection-based Denial-of-Service Attacks. In Proc. of 25th","author":"Yazdani Ramin","year":"2022","unstructured":"Ramin Yazdani, Alden Hilton, Jeroen van der Ham, Roland van Rijswijk-Deij, Casey T. Deccio, Anna Sperotto, and Mattijs Jonker. 2022a. Mirrors in the Sky: On the Potential of Clouds in DNS Reflection-based Denial-of-Service Attacks. In Proc. of 25th Int. Symp. RAID. ACM, New York, NY, USA, 263-275.","journal-title":"Int. Symp. RAID. ACM, New York, NY, USA"},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-56252-5_1"},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.23919\/TMA58422.2023.10198955"},{"key":"e_1_3_2_2_39_1","volume-title":"Glossy Mirrors: On the Role of Open Resolvers in Reflection and Amplification DDoS Attacks. In 2024 20th International Conference on Network and Service Management (CNSM)","author":"Yazdani Ramin","year":"2024","unstructured":"Ramin Yazdani, Max Resing, and Anna Sperotto. 2024b. Glossy Mirrors: On the Role of Open Resolvers in Reflection and Amplification DDoS Attacks. In 2024 20th International Conference on Network and Service Management (CNSM). International Federation for Information Processing (IFIP), Laxenburg, MD, Austria, 1-9."},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-98785-5_13"},{"key":"e_1_3_2_2_41_1","first-page":"577","volume-title":"Proc. of 29th USENIX Security Symposium (Virtual conference). USENIX Association","author":"Zheng Xiaofeng","year":"2020","unstructured":"Xiaofeng Zheng, Chaoyi Lu, Jian Peng, Qiushi Yang, Dongjie Zhou, Baojun Liu, Keyu Man, Shuang Hao, Haixin Duan, and Zhiyun Qian. 2020. Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices. In Proc. of 29th USENIX Security Symposium (Virtual conference). USENIX Association, Berkeley, CA, USA, 577-593. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/zheng"}],"event":{"name":"CCS '25: ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Taipei Taiwan","acronym":"CCS '25"},"container-title":["Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3719027.3765096","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:29:45Z","timestamp":1766442585000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3719027.3765096"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,19]]},"references-count":41,"alternative-id":["10.1145\/3719027.3765096","10.1145\/3719027"],"URL":"https:\/\/doi.org\/10.1145\/3719027.3765096","relation":{},"subject":[],"published":{"date-parts":[[2025,11,19]]},"assertion":[{"value":"2025-11-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}