{"id":"https://openalex.org/W4416549166","doi":"https://doi.org/10.1145/3719027.3744878","title":"Exploring and Analyzing Cross Layer DoS Attack Against UDP-based Services on Linux","display_name":"Exploring and Analyzing Cross Layer DoS Attack Against UDP-based Services on Linux","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4416549166","doi":"https://doi.org/10.1145/3719027.3744878"},"language":null,"primary_location":{"id":"doi:10.1145/3719027.3744878","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3744878","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3744878","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3744878","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5111316209","display_name":"Dashuai Wu","orcid":"https://orcid.org/0009-0009-4663-7334"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Dashuai Wu","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"raw_orcid":"https://orcid.org/0009-0009-4663-7334","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067329628","display_name":"Yunyi Zhang","orcid":"https://orcid.org/0000-0003-0878-7656"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yunyi Zhang","raw_affiliation_strings":["Tsinghua University, Beijing, China and National University of Defense Technology, Changsha, China"],"raw_orcid":"https://orcid.org/0000-0003-0878-7656","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China and National University of Defense Technology, Changsha, China","institution_ids":["https://openalex.org/I170215575"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101694986","display_name":"Baojun Liu","orcid":"https://orcid.org/0000-0002-9032-8063"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Baojun Liu","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0002-9032-8063","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043327734","display_name":"Xiang Li","orcid":"https://orcid.org/0000-0001-7388-1329"},"institutions":[{"id":"https://openalex.org/I205237279","display_name":"Nankai University","ror":"https://ror.org/01y1kjr75","country_code":"CN","type":"education","lineage":["https://openalex.org/I205237279"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiang Li","raw_affiliation_strings":["Nankai Univeristy, Tianjin, China"],"raw_orcid":"https://orcid.org/0000-0001-7388-1329","affiliations":[{"raw_affiliation_string":"Nankai Univeristy, Tianjin, China","institution_ids":["https://openalex.org/I205237279"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5061700215","display_name":"Eihal Alowaisheq","orcid":"https://orcid.org/0009-0008-1189-0164"},"institutions":[{"id":"https://openalex.org/I28022161","display_name":"King Saud University","ror":"https://ror.org/02f81g417","country_code":"SA","type":"education","lineage":["https://openalex.org/I28022161"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Eihal Alowaisheq","raw_affiliation_strings":["King Saud University, Riyadh, Saudi Arabia"],"raw_orcid":"https://orcid.org/0009-0008-1189-0164","affiliations":[{"raw_affiliation_string":"King Saud University, Riyadh, Saudi Arabia","institution_ids":["https://openalex.org/I28022161"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5067799841","display_name":"Haixin Duan","orcid":"https://orcid.org/0000-0003-0083-733X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haixin Duan","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0003-0083-733X","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5111316209"],"corresponding_institution_ids":["https://openalex.org/I99065089"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.18429896,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"4559","last_page":"4573"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.36820000410079956,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.36820000410079956,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.17910000681877136,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.10090000182390213,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/protocol-stack","display_name":"Protocol stack","score":0.7498999834060669},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.6615999937057495},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5945000052452087},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5498999953269958},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5472999811172485},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.5385000109672546},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.5372999906539917},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.49549999833106995},{"id":"https://openalex.org/keywords/transport-layer-security","display_name":"Transport Layer Security","score":0.4726000130176544}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7839000225067139},{"id":"https://openalex.org/C38601921","wikidata":"https://www.wikidata.org/wiki/Q1757693","display_name":"Protocol stack","level":3,"score":0.7498999834060669},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.6615999937057495},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.6018999814987183},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5945000052452087},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5498999953269958},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5472999811172485},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.5385000109672546},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.5372999906539917},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5101000070571899},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.49549999833106995},{"id":"https://openalex.org/C148176105","wikidata":"https://www.wikidata.org/wiki/Q206494","display_name":"Transport Layer Security","level":3,"score":0.4726000130176544},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.43549999594688416},{"id":"https://openalex.org/C190793597","wikidata":"https://www.wikidata.org/wiki/Q189768","display_name":"Application layer","level":3,"score":0.41830000281333923},{"id":"https://openalex.org/C65567647","wikidata":"https://www.wikidata.org/wiki/Q81414","display_name":"Internet protocol suite","level":3,"score":0.4074999988079071},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.39800000190734863},{"id":"https://openalex.org/C33588617","wikidata":"https://www.wikidata.org/wiki/Q8803","display_name":"Transmission Control Protocol","level":3,"score":0.38670000433921814},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.3813999891281128},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.36480000615119934},{"id":"https://openalex.org/C40842320","wikidata":"https://www.wikidata.org/wiki/Q19423","display_name":"Buffer overflow","level":2,"score":0.33980000019073486},{"id":"https://openalex.org/C7345512","wikidata":"https://www.wikidata.org/wiki/Q209372","display_name":"Transport layer","level":3,"score":0.3391000032424927},{"id":"https://openalex.org/C206345919","wikidata":"https://www.wikidata.org/wiki/Q20380951","display_name":"Resource (disambiguation)","level":2,"score":0.3312999904155731},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.30820000171661377},{"id":"https://openalex.org/C11392498","wikidata":"https://www.wikidata.org/wiki/Q11288","display_name":"Web server","level":3,"score":0.2971000075340271},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.29429998993873596},{"id":"https://openalex.org/C174839445","wikidata":"https://www.wikidata.org/wiki/Q1134386","display_name":"Lock (firearm)","level":2,"score":0.2799000144004822},{"id":"https://openalex.org/C553261973","wikidata":"https://www.wikidata.org/wiki/Q14579","display_name":"Linux kernel","level":2,"score":0.27889999747276306}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3719027.3744878","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3744878","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3744878","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3719027.3744878","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3744878","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3744878","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G4259928007","display_name":null,"funder_award_id":"62102218","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320335777","display_name":"National Key Research and Development Program of China","ror":null}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4416549166.pdf","grobid_xml":"https://content.openalex.org/works/W4416549166.grobid-xml"},"referenced_works_count":26,"referenced_works":["https://openalex.org/W1590810061","https://openalex.org/W2269025640","https://openalex.org/W2292723020","https://openalex.org/W2523421704","https://openalex.org/W2794568842","https://openalex.org/W2892081886","https://openalex.org/W2904027722","https://openalex.org/W2987467625","https://openalex.org/W3046851126","https://openalex.org/W3082884087","https://openalex.org/W3095660977","https://openalex.org/W3155942320","https://openalex.org/W3209722324","https://openalex.org/W3212224036","https://openalex.org/W3212980631","https://openalex.org/W3213192819","https://openalex.org/W4200063541","https://openalex.org/W4230634801","https://openalex.org/W4292117754","https://openalex.org/W4300747978","https://openalex.org/W4361018052","https://openalex.org/W4385080273","https://openalex.org/W4388858757","https://openalex.org/W4402264523","https://openalex.org/W4402265432","https://openalex.org/W4405182288"],"related_works":[],"abstract_inverted_index":{"The":[0,134],"layered":[1,19,245],"architecture":[2],"of":[3,51,68,81,89,100,119,142,170,179,182,185,193,211,232,247],"the":[4,48,52,57,61,66,72,78,87,90,97,105,139,167,173,186,209,221,224,230,244,252],"TCP/IP":[5,91],"protocol":[6,9,92,98,248],"stack":[7,249],"enables":[8],"layers":[10],"to":[11,223,243],"be":[12],"implemented":[13],"independently":[14],"and":[15,103,125,127,132,144,151,159,175,191,205,238],"flexibly.":[16],"However,":[17],"this":[18],"design":[20],"introduces":[21],"potential":[22],"security":[23,253],"risks":[24],"when":[25],"shared":[26,41],"resources":[27],"are":[28,153,199],"not":[29],"properly":[30],"managed":[31],"between":[32],"different":[33],"layers.":[34],"This":[35],"paper":[36],"investigates":[37],"a":[38,115],"neglected":[39],"cross-layer":[40,82,233],"resource":[42],"risk,":[43],"termed":[44],"SocketFilled,":[45],"which":[46],"exploits":[47],"insecure":[49],"usage":[50],"UDP":[53,128,145],"send":[54],"buffer":[55],"at":[56],"transport":[58],"layer":[59],"by":[60,219],"link":[62],"layer,":[63],"resulting":[64,85],"in":[65,107,172,235],"interruption":[67],"response":[69],"packets":[70],"from":[71,86],"upper":[73],"application":[74],"layer.":[75],"To":[76],"explore":[77],"root":[79],"causes":[80],"DoS":[83,236],"vulnerabilities":[84],"implementation":[88,106],"stack,":[93],"we":[94,113,165],"systematically":[95],"analyzed":[96],"standards":[99],"address":[101],"resolution":[102],"reviewed":[104],"mainstream":[108,120],"open-source":[109],"operating":[110,121],"systems.":[111],"Moreover,":[112],"conducted":[114,216],"comprehensive":[116],"experimental":[117,135],"evaluation":[118],"systems":[122],"(e.g.,":[123,130,148],"Linux":[124,143,225],"FreeBSD)":[126],"services":[129],"DNS":[131],"QUIC).":[133],"results":[136],"show":[137],"that":[138,177],"latest":[140],"version":[141],"service":[146,162],"software":[147],"BIND9,":[149],"PowerDNS,":[150],"Nginx)":[152],"affected,":[154,201],"causing":[155],"significant":[156],"packet":[157],"loss":[158],"even":[160],"complete":[161],"interruption.":[163],"Then,":[164],"estimated":[166],"impact":[168],"range":[169],"SocketFilled":[171],"wild":[174],"demonstrated":[176],"17.3%":[178],"open":[180],"resolvers,54.3%":[181],"authoritative":[183],"servers":[184,198],"Tranco":[187],"Top":[188],"100K":[189],"domains,":[190],"3.8%":[192],"these":[194],"well-known":[195],"domains'":[196],"HTTP/3":[197],"potentially":[200],"including":[202],"Bing,":[203],"Amazon,":[204],"Shopee,":[206],"after":[207],"excluding":[208],"influence":[210],"cloud":[212],"servers.":[213],"We":[214],"have":[215],"responsible":[217],"disclosure":[218],"reporting":[220],"vulnerability":[222],"community.":[226,254],"Our":[227],"research":[228],"highlights":[229],"effectiveness":[231],"mechanisms":[234],"attacks":[237],"calls":[239],"for":[240],"heightened":[241],"attention":[242],"complexity":[246],"implementations":[250],"within":[251]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-11-23T00:00:00"}