{"id":"https://openalex.org/W4416549311","doi":"https://doi.org/10.1145/3719027.3744832","title":"RebirthDay Attack: Reviving DNS Cache Poisoning with the Birthday Paradox","display_name":"RebirthDay Attack: Reviving DNS Cache Poisoning with the Birthday Paradox","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4416549311","doi":"https://doi.org/10.1145/3719027.3744832"},"language":null,"primary_location":{"id":"doi:10.1145/3719027.3744832","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3719027.3744832","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5043327734","display_name":"Xiang Li","orcid":"https://orcid.org/0000-0001-7388-1329"},"institutions":[{"id":"https://openalex.org/I205237279","display_name":"Nankai University","ror":"https://ror.org/01y1kjr75","country_code":"CN","type":"education","lineage":["https://openalex.org/I205237279"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiang Li","raw_affiliation_strings":["Nankai Univeristy, Tianjin, China"],"raw_orcid":"https://orcid.org/0000-0001-7388-1329","affiliations":[{"raw_affiliation_string":"Nankai Univeristy, Tianjin, China","institution_ids":["https://openalex.org/I205237279"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018482133","display_name":"Mingming Zhang","orcid":"https://orcid.org/0000-0001-9797-6875"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Mingming Zhang","raw_affiliation_strings":["Zhongguancun Laboratory, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0001-9797-6875","affiliations":[{"raw_affiliation_string":"Zhongguancun Laboratory, Beijing, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112123585","display_name":"XU Zuyao","orcid":"https://orcid.org/0009-0005-5077-0112"},"institutions":[{"id":"https://openalex.org/I205237279","display_name":"Nankai University","ror":"https://ror.org/01y1kjr75","country_code":"CN","type":"education","lineage":["https://openalex.org/I205237279"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zuyao Xu","raw_affiliation_strings":["Nankai Univeristy, Tianjin, China"],"raw_orcid":"https://orcid.org/0009-0005-5077-0112","affiliations":[{"raw_affiliation_string":"Nankai Univeristy, Tianjin, China","institution_ids":["https://openalex.org/I205237279"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5120373715","display_name":"Fasheng Miao","orcid":"https://orcid.org/0009-0006-3542-0533"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Fasheng Miao","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"raw_orcid":"https://orcid.org/0009-0006-3542-0533","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Yuqi Qiu","orcid":"https://orcid.org/0009-0000-5717-6232"},"institutions":[{"id":"https://openalex.org/I205237279","display_name":"Nankai University","ror":"https://ror.org/01y1kjr75","country_code":"CN","type":"education","lineage":["https://openalex.org/I205237279"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuqi Qiu","raw_affiliation_strings":["Nankai Univeristy, Tianjin, China"],"raw_orcid":"https://orcid.org/0009-0000-5717-6232","affiliations":[{"raw_affiliation_string":"Nankai Univeristy, Tianjin, China","institution_ids":["https://openalex.org/I205237279"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101694986","display_name":"Baojun Liu","orcid":"https://orcid.org/0000-0002-9032-8063"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Baojun Liu","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0002-9032-8063","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018723138","display_name":"Jia Zhang","orcid":"https://orcid.org/0000-0001-7896-3382"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jia Zhang","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0001-7896-3382","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102821288","display_name":"Xiaofeng Zheng","orcid":"https://orcid.org/0000-0002-7130-6029"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaofeng Zheng","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0002-7130-6029","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067799841","display_name":"Haixin Duan","orcid":"https://orcid.org/0000-0003-0083-733X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haixin Duan","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0003-0083-733X","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060212061","display_name":"Zheli Liu","orcid":"https://orcid.org/0000-0002-2984-2661"},"institutions":[{"id":"https://openalex.org/I205237279","display_name":"Nankai University","ror":"https://ror.org/01y1kjr75","country_code":"CN","type":"education","lineage":["https://openalex.org/I205237279"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zheli Liu","raw_affiliation_strings":["Nankai University, Tianjin, China"],"raw_orcid":"https://orcid.org/0000-0002-2984-2661","affiliations":[{"raw_affiliation_string":"Nankai University, Tianjin, China","institution_ids":["https://openalex.org/I205237279"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5104051951","display_name":"Yunhai Zhang","orcid":"https://orcid.org/0009-0009-6266-2142"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yunhai Zhang","raw_affiliation_strings":["NSFOCUS Technologies Group, Beijing, China"],"raw_orcid":"https://orcid.org/0009-0009-6266-2142","affiliations":[{"raw_affiliation_string":"NSFOCUS Technologies Group, Beijing, China","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100943679","display_name":"Dunqiu Fan","orcid":"https://orcid.org/0000-0002-2199-6834"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Dunqiu Fan","raw_affiliation_strings":["NSFOCUS Technologies Group, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0002-2199-6834","affiliations":[{"raw_affiliation_string":"NSFOCUS Technologies Group, Beijing, China","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":12,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.30439745,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1619","last_page":"1633"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.41780000925064087,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.41780000925064087,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.11540000140666962,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.08529999852180481,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6355000138282776},{"id":"https://openalex.org/keywords/cache","display_name":"Cache","score":0.5636000037193298},{"id":"https://openalex.org/keywords/domain-name-system","display_name":"Domain Name System","score":0.5216000080108643},{"id":"https://openalex.org/keywords/router","display_name":"Router","score":0.335099995136261},{"id":"https://openalex.org/keywords/bus-sniffing","display_name":"Bus sniffing","score":0.3222000002861023},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.3197999894618988}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7074000239372253},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6355000138282776},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.625},{"id":"https://openalex.org/C115537543","wikidata":"https://www.wikidata.org/wiki/Q165596","display_name":"Cache","level":2,"score":0.5636000037193298},{"id":"https://openalex.org/C35026560","wikidata":"https://www.wikidata.org/wiki/Q8767","display_name":"Domain Name System","level":3,"score":0.5216000080108643},{"id":"https://openalex.org/C2775896111","wikidata":"https://www.wikidata.org/wiki/Q642560","display_name":"Router","level":2,"score":0.335099995136261},{"id":"https://openalex.org/C51185590","wikidata":"https://www.wikidata.org/wiki/Q1017228","display_name":"Bus sniffing","level":5,"score":0.3222000002861023},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.3197999894618988},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3041999936103821},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.29910001158714294},{"id":"https://openalex.org/C153180980","wikidata":"https://www.wikidata.org/wiki/Q19776675","display_name":"Commit","level":2,"score":0.28610000014305115},{"id":"https://openalex.org/C105320234","wikidata":"https://www.wikidata.org/wiki/Q41494","display_name":"Name server","level":3,"score":0.263700008392334},{"id":"https://openalex.org/C189783530","wikidata":"https://www.wikidata.org/wiki/Q352090","display_name":"CPU cache","level":3,"score":0.26109999418258667},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.25360000133514404}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3719027.3744832","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3719027.3744832","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W106237003","https://openalex.org/W1828150029","https://openalex.org/W1927311981","https://openalex.org/W2072730946","https://openalex.org/W2097981871","https://openalex.org/W2523421704","https://openalex.org/W2695177217","https://openalex.org/W2930110112","https://openalex.org/W3155942320","https://openalex.org/W4213362721","https://openalex.org/W4300559383","https://openalex.org/W4388858757","https://openalex.org/W4402265432"],"related_works":[],"abstract_inverted_index":{"DNS":[0,17,64,76,92,104,121,133,148,196,202,255],"cache":[1,35,46,65],"poisoning":[2,47,66],"is":[3],"a":[4,62,132],"persistent":[5],"game":[6],"of":[7,34,118,131,251],"attack":[8,48,67,78],"and":[9,27,71,150,169,184,198,213,232,234,254],"defense,":[10],"posing":[11],"an":[12],"enduring":[13],"challenge":[14],"for":[15,245],"the":[16,32,44,51,74,97,129,153,165,207,243,249],"community.":[18],"Significant":[19],"efforts":[20],"have":[21,186,205,222,235],"been":[22,110,236],"made":[23],"to":[24,95,102,126,156,163,210,248],"uncover,":[25],"detect,":[26],"mitigate":[28],"vulnerabilities":[29,90,209],"that":[30,79,107,115,178],"increase":[31],"risk":[33],"poisoning.":[36],"However,":[37],"no":[38,80],"work":[39],"has":[40,108],"systematically":[41],"revisited":[42],"whether":[43],"original":[45],"based":[49],"on":[50],"Birthday":[52,77,105],"Paradox":[53],"remains":[54],"effective.":[55],"In":[56],"this":[57],"work,":[58],"we":[59,176,221],"introduce":[60],"RebirthDay,":[61],"novel":[63],"targeting":[68],"recursive":[69],"resolvers":[70],"forwarders,":[72],"reviving":[73],"classic":[75],"longer":[81],"works":[82],"since":[83],"2002.":[84],"RebirthDay":[85,171,179],"exploits":[86],"newly":[87],"uncovered,":[88],"protocol-compliant":[89],"in":[91,128],"extension":[93,134,256],"implementations":[94],"bypass":[96],"query":[98,166],"aggregation":[99,167],"mechanism":[100,168],"intended":[101],"prevent":[103],"attacks":[106,180],"not":[109],"well":[111],"understood.":[112],"We":[113,204],"uncovered":[114],"18":[116],"out":[117],"22":[119],"mainstream":[120],"software":[122],"are":[123,181],"vulnerable":[124],"due":[125],"weaknesses":[127],"processing":[130],"(i.e.,":[135],"ECS":[136,143,252],"option),":[137],"specifically":[138],"lacking":[139],"or":[140],"incorrectly":[141],"implemented":[142],"coherence":[144],"checks":[145],"when":[146],"handling":[147],"queries":[149],"responses,":[151],"demonstrating":[152],"widespread":[154],"susceptibility":[155],"RebirthDay.":[157],"These":[158],"flaws":[159],"could":[160],"be":[161],"exploited":[162],"circumvent":[164],"launch":[170],"attacks.":[172],"Through":[173],"comprehensive":[174],"evaluation,":[175],"showed":[177],"highly":[182],"practical":[183],"can":[185],"significant":[187],"real-world":[188],"impact,":[189],"affecting":[190],"16":[191],"router":[192],"vendors,":[193,227],"14":[194],"public":[195],"services,":[197],"365K":[199],"(15%)":[200],"open":[201],"resolvers.":[203],"reported":[206],"identified":[208],"affected":[211],"vendors":[212],"discussed":[214],"mitigation":[215],"solutions":[216],"with":[217],"them.":[218,264],"To":[219],"date,":[220],"received":[223],"acknowledgments":[224],"from":[225],"8":[226],"including":[228],"BIND,":[229],"Unbound,":[230],"PowerDNS,":[231],"Quad9,":[233],"assigned":[237],"50":[238],"CVE-ids.":[239],"Our":[240],"study":[241],"emphasizes":[242],"need":[244],"greater":[246],"attention":[247],"importance":[250],"verification":[253],"implementations,":[257],"revealing":[258],"new":[259],"security":[260],"risks":[261],"introduced":[262],"by":[263]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-11-23T00:00:00"}