This paper proposes the TuDoor Attack, by systematically exploring and exploiting logic vulnerabilities in DNS response pre-processing with malformed packets, leading to DNS cache poisoning (1s), denial-of-service, and resource consuming attacks.
Paper title:**Detecting and Measuring Security Risks of Hosting-Based Dangling Domains (published by ACM SIGMETRICS 2023)
Domain names, vital for tasks like digital certificate authentication, face growing vulnerabilities in our evolving digital landscape.
In this paper, we propose **Phoenix Domain**, a general and novel attack that allows adversaries to maintain the revoked malicious domain continuously resolvable at scale, which enables an old, mitigated attack, Ghost Domain.