{"id":"https://openalex.org/W4387881045","doi":"https://doi.org/10.1145/3618257.3624839","title":"Wolf in Sheep's Clothing: Evaluating Security Risks of the Undelegated Record on DNS Hosting Services","display_name":"Wolf in Sheep's Clothing: Evaluating Security Risks of the Undelegated Record on DNS Hosting Services","publication_year":2023,"publication_date":"2023-10-23","ids":{"openalex":"https://openalex.org/W4387881045","doi":"https://doi.org/10.1145/3618257.3624839"},"language":"en","primary_location":{"id":"doi:10.1145/3618257.3624839","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3618257.3624839","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3618257.3624839","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 ACM on Internet Measurement Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3618257.3624839","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5077342874","display_name":"Fenglu Zhang","orcid":"https://orcid.org/0000-0001-5325-175X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Fenglu Zhang","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067329628","display_name":"Yunyi Zhang","orcid":"https://orcid.org/0000-0003-0878-7656"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yunyi Zhang","raw_affiliation_strings":["National University of Defense Technology, Changsha, China"],"affiliations":[{"raw_affiliation_string":"National University of Defense Technology, Changsha, China","institution_ids":["https://openalex.org/I170215575"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101694986","display_name":"Baojun Liu","orcid":"https://orcid.org/0000-0002-9032-8063"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Baojun Liu","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5061700215","display_name":"Eihal Alowaisheq","orcid":"https://orcid.org/0009-0008-1189-0164"},"institutions":[{"id":"https://openalex.org/I28022161","display_name":"King Saud University","ror":"https://ror.org/02f81g417","country_code":"SA","type":"education","lineage":["https://openalex.org/I28022161"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Eihal Alowaisheq","raw_affiliation_strings":["King Saud University, Riyadh, Saudi Arabia"],"affiliations":[{"raw_affiliation_string":"King Saud University, Riyadh, Saudi Arabia","institution_ids":["https://openalex.org/I28022161"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100414046","display_name":"Lingyun Ying","orcid":"https://orcid.org/0000-0001-7445-9103"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Lingyun Ying","raw_affiliation_strings":["QI-ANXIN Technology Research Institute, Beijing, China"],"affiliations":[{"raw_affiliation_string":"QI-ANXIN Technology Research Institute, Beijing, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043327734","display_name":"Xiang Li","orcid":"https://orcid.org/0000-0001-7388-1329"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiang Li","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Zaifeng Zhang","orcid":"https://orcid.org/0009-0004-4127-876X"},"institutions":[{"id":"https://openalex.org/I4210160629","display_name":"China Information Technology Security Evaluation Center","ror":"https://ror.org/053cexp66","country_code":"CN","type":"government","lineage":["https://openalex.org/I4210160629"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zaifeng Zhang","raw_affiliation_strings":["360 Security Technology Inc., Beijing, China"],"affiliations":[{"raw_affiliation_string":"360 Security Technology Inc., Beijing, China","institution_ids":["https://openalex.org/I4210160629"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100414241","display_name":"Ying Liu","orcid":"https://orcid.org/0000-0002-4919-1130"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ying Liu","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067799841","display_name":"Haixin Duan","orcid":"https://orcid.org/0000-0003-0083-733X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haixin Duan","raw_affiliation_strings":["Tsinghua University; Quancheng Laboratory, Beijing, China","Tsinghua University"],"affiliations":[{"raw_affiliation_string":"Tsinghua University; Quancheng Laboratory, Beijing, China","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"Tsinghua University","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101484484","display_name":"Min Zhang","orcid":"https://orcid.org/0000-0002-6654-7610"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Min Zhang","raw_affiliation_strings":["National University of Defense Technology, Changsha, China"],"affiliations":[{"raw_affiliation_string":"National University of Defense Technology, Changsha, China","institution_ids":["https://openalex.org/I170215575"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":10,"corresponding_author_ids":["https://openalex.org/A5077342874"],"corresponding_institution_ids":["https://openalex.org/I99065089"],"apc_list":null,"apc_paid":null,"fwci":0.5185,"has_fulltext":true,"cited_by_count":3,"citation_normalized_percentile":{"value":0.72383579,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"188","last_page":"197"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7320401668548584},{"id":"https://openalex.org/keywords/domain-name-system","display_name":"Domain Name System","score":0.7124563455581665},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6628968715667725},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.5372720956802368},{"id":"https://openalex.org/keywords/covert","display_name":"Covert","score":0.5288553833961487},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2117990255355835},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.15549051761627197}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7320401668548584},{"id":"https://openalex.org/C35026560","wikidata":"https://www.wikidata.org/wiki/Q8767","display_name":"Domain Name System","level":3,"score":0.7124563455581665},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6628968715667725},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.5372720956802368},{"id":"https://openalex.org/C2779338814","wikidata":"https://www.wikidata.org/wiki/Q5179285","display_name":"Covert","level":2,"score":0.5288553833961487},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2117990255355835},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.15549051761627197},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3618257.3624839","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3618257.3624839","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3618257.3624839","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 ACM on Internet Measurement Conference","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3618257.3624839","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3618257.3624839","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3618257.3624839","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 ACM on Internet Measurement Conference","raw_type":"proceedings-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.5099999904632568}],"awards":[{"id":"https://openalex.org/G1121271761","display_name":null,"funder_award_id":"Program","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2087396116","display_name":null,"funder_award_id":"China","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2802911279","display_name":null,"funder_award_id":"Young","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3317480652","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G391238517","display_name":null,"funder_award_id":", and","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G4259928007","display_name":null,"funder_award_id":"62102218","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5939423041","display_name":null,"funder_award_id":"Technology","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5994120800","display_name":null,"funder_award_id":"Natural","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320316083","display_name":"Tencent","ror":"https://ror.org/00hhjss72"},{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320322392","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4387881045.pdf","grobid_xml":"https://content.openalex.org/works/W4387881045.grobid-xml"},"referenced_works_count":30,"referenced_works":["https://openalex.org/W1774758602","https://openalex.org/W1954903228","https://openalex.org/W2016669115","https://openalex.org/W2028060714","https://openalex.org/W2186028149","https://openalex.org/W2209711601","https://openalex.org/W2261444101","https://openalex.org/W2290364176","https://openalex.org/W2523421704","https://openalex.org/W2528956961","https://openalex.org/W2535407856","https://openalex.org/W2766805006","https://openalex.org/W2791815824","https://openalex.org/W2805407300","https://openalex.org/W2933056782","https://openalex.org/W3015767612","https://openalex.org/W3093525904","https://openalex.org/W3094423012","https://openalex.org/W3094480867","https://openalex.org/W3110237032","https://openalex.org/W3110509121","https://openalex.org/W3138595089","https://openalex.org/W3155996479","https://openalex.org/W3161297440","https://openalex.org/W3187211683","https://openalex.org/W3211708465","https://openalex.org/W4287882994","https://openalex.org/W4307020294","https://openalex.org/W4307020407","https://openalex.org/W4320716610"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2523525694","https://openalex.org/W2183899684","https://openalex.org/W3004039032","https://openalex.org/W2012920909","https://openalex.org/W2073523380","https://openalex.org/W2998642566","https://openalex.org/W2392682561","https://openalex.org/W57793151"],"abstract_inverted_index":{"Leveraging":[0],"DNS":[1,11,19,24,36],"for":[2,55],"covert":[3,49],"communications":[4],"is":[5],"appealing":[6],"since":[7],"most":[8,23],"networks":[9],"allow":[10],"traffic,":[12],"especially":[13],"the":[14,69,81,84],"ones":[15],"directed":[16],"toward":[17],"renowned":[18],"hosting":[20,25,60],"services.":[21],"Unfortunately,":[22],"services":[26],"overlook":[27],"domain":[28,40],"ownership":[29],"verification,":[30],"enabling":[31],"miscreants":[32,46],"to":[33],"host":[34],"undelegated":[35,53,74],"records":[37,54,75],"of":[38,86],"a":[39],"they":[41],"do":[42],"not":[43,93],"own.":[44],"Consequently,":[45],"can":[47],"conduct":[48],"communication":[50],"through":[51],"such":[52],"whitelisted":[56],"domains":[57],"on":[58,68],"reputable":[59],"providers.":[61],"In":[62],"this":[63,89],"paper,":[64],"we":[65],"shed":[66],"light":[67],"emerging":[70],"threat":[71],"posed":[72],"by":[73],"and":[76],"demonstrate":[77],"their":[78],"exploitation":[79],"in":[80],"wild.":[82],"To":[83],"best":[85],"our":[87],"knowledge,":[88],"security":[90],"risk":[91],"has":[92],"been":[94],"studied":[95],"before.":[96]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":2}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}