{"id":"https://openalex.org/W7091365410","doi":"https://doi.org/10.5281/zenodo.17354993","title":"Artifacts of Forward to Hell? On the Potentials of Misusing Transparent DNS Forwarders in Reflective Amplification Attacks","display_name":"Artifacts of Forward to Hell? On the Potentials of Misusing Transparent DNS Forwarders in Reflective Amplification Attacks","publication_year":2025,"publication_date":"2025-10-15","ids":{"openalex":"https://openalex.org/W7091365410","doi":"https://doi.org/10.5281/zenodo.17354993"},"language":"en","primary_location":{"id":"doi:10.5281/zenodo.17354993","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.17354993","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"other","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.5281/zenodo.17354993","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Koch, Maynard","orcid":"https://orcid.org/0009-0009-3698-1342"},"institutions":[{"id":"https://openalex.org/I78650965","display_name":"TU Dresden","ror":"https://ror.org/042aqky30","country_code":"DE","type":"education","lineage":["https://openalex.org/I78650965"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Koch, Maynard","raw_affiliation_strings":["TU Dresden"],"affiliations":[{"raw_affiliation_string":"TU Dresden","institution_ids":["https://openalex.org/I78650965"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Dolzmann, Florian","orcid":"https://orcid.org/0009-0002-2591-7264"},"institutions":[{"id":"https://openalex.org/I78650965","display_name":"TU Dresden","ror":"https://ror.org/042aqky30","country_code":"DE","type":"education","lineage":["https://openalex.org/I78650965"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Dolzmann, Florian","raw_affiliation_strings":["TU Dresden"],"affiliations":[{"raw_affiliation_string":"TU Dresden","institution_ids":["https://openalex.org/I78650965"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Schmidt, Thomas C.","orcid":"https://orcid.org/0000-0002-0956-7885"},"institutions":[{"id":"https://openalex.org/I70451448","display_name":"HAW Hamburg","ror":"https://ror.org/00fkqwx76","country_code":"DE","type":"education","lineage":["https://openalex.org/I70451448"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Schmidt, Thomas C.","raw_affiliation_strings":["HAW Hamburg"],"affiliations":[{"raw_affiliation_string":"HAW Hamburg","institution_ids":["https://openalex.org/I70451448"]}]},{"author_position":"last","author":{"id":null,"display_name":"W\u00e4hlisch, Matthias","orcid":"https://orcid.org/0000-0002-3825-2807"},"institutions":[{"id":"https://openalex.org/I78650965","display_name":"TU Dresden","ror":"https://ror.org/042aqky30","country_code":"DE","type":"education","lineage":["https://openalex.org/I78650965"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"W\u00e4hlisch, Matthias","raw_affiliation_strings":["TU Dresden"],"affiliations":[{"raw_affiliation_string":"TU Dresden","institution_ids":["https://openalex.org/I78650965"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I78650965"],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":true,"primary_topic":{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.6168000102043152,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.6168000102043152,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.12809999287128448,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.02800000086426735,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/domain-name-system","display_name":"Domain Name System","score":0.8187999725341797},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.555400013923645},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.545799970626831},{"id":"https://openalex.org/keywords/anycast","display_name":"Anycast","score":0.5281000137329102},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.46230000257492065},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.4115000069141388},{"id":"https://openalex.org/keywords/name-server","display_name":"Name server","score":0.41100001335144043},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.38280001282691956}],"concepts":[{"id":"https://openalex.org/C35026560","wikidata":"https://www.wikidata.org/wiki/Q8767","display_name":"Domain Name System","level":3,"score":0.8187999725341797},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7576000094413757},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.6995999813079834},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.555400013923645},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.545799970626831},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5386000275611877},{"id":"https://openalex.org/C122005561","wikidata":"https://www.wikidata.org/wiki/Q613897","display_name":"Anycast","level":3,"score":0.5281000137329102},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.46230000257492065},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.4115000069141388},{"id":"https://openalex.org/C105320234","wikidata":"https://www.wikidata.org/wiki/Q41494","display_name":"Name server","level":3,"score":0.41100001335144043},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.38280001282691956},{"id":"https://openalex.org/C102359118","wikidata":"https://www.wikidata.org/wiki/Q178163","display_name":"Round-robin DNS","level":4,"score":0.3783999979496002},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.36230000853538513},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.31139999628067017},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.3027999997138977},{"id":"https://openalex.org/C17881449","wikidata":"https://www.wikidata.org/wiki/Q189620","display_name":"SOAP","level":2,"score":0.2903999984264374},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.28700000047683716},{"id":"https://openalex.org/C2776257435","wikidata":"https://www.wikidata.org/wiki/Q1576430","display_name":"Bandwidth (computing)","level":2,"score":0.28380000591278076},{"id":"https://openalex.org/C2775896111","wikidata":"https://www.wikidata.org/wiki/Q642560","display_name":"Router","level":2,"score":0.2793000042438507},{"id":"https://openalex.org/C154504017","wikidata":"https://www.wikidata.org/wiki/Q853614","display_name":"Identifier","level":2,"score":0.259799987077713},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.2565999925136566}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.5281/zenodo.17354993","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.17354993","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.5281/zenodo.17354993","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.17354993","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.6234275698661804,"id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"This":[0],"repository":[1],"contains":[2],"the":[3,29,52,89,93,106,158,178,193,224],"artifacts":[4],"to":[5,26,177,202,213],"reproduce":[6],"figures":[7],"and":[8,47,58,82,104,151,186],"tables":[9],"of":[10,31,51,95,122,160,205,223],"our":[11,17,21],"paper.":[12],"NOTE:":[13],"If":[14],"you":[15],"use":[16],"tools,":[18],"please":[19],"cite":[20],"paper":[22],"as":[23],"follows:":[24],"Forward":[25],"Hell?":[27],"On":[28],"Potentials":[30],"Misusing":[32],"Transparent":[33,207],"DNS":[34,63,96,114,123,125,129,146,194,226],"Forwarders":[35],"in":[36,157,164],"Reflective":[37],"Amplification":[38],"Attacks":[39],"Maynard":[40],"Koch,":[41],"Florian":[42],"Dolzmann,":[43],"Thomas":[44],"C.":[45],"Schmidt,":[46],"Matthias":[48],"W\u00e4hlisch":[49],"Proc.":[50],"ACM":[53],"SIGSAC":[54],"Conference":[55],"on":[56,103],"Computer":[57],"Communications":[59],"Securityhttps://doi.org/10.1145/3749215":[60],"Abstract:":[61],"The":[62],"service":[64],"infrastructure":[65,220],"is":[66],"infamous":[67],"for":[68],"facilitating":[69],"reflective":[70,166],"amplification":[71,167],"attacks.":[72,168],"Various":[73],"countermeasures":[74],"including":[75],"server":[76],"shielding,":[77],"access":[78,212],"control,":[79],"rate":[80,184],"limiting,":[81,185],"protocol":[83],"restrictions":[84],"have":[85],"been":[86],"implemented.":[87],"Still,":[88],"threat":[90,109],"remains":[91],"throughout":[92],"deployment":[94],"servers.":[97],"In":[98],"this":[99],"paper,":[100],"we":[101,198],"report":[102],"evaluate":[105],"widely":[107,117],"unnoticed":[108],"that":[110,171],"derives":[111],"from":[112],"transparent":[113,126,142,172],"forwarders,":[115],"a":[116,203],"deployed":[118],"incompletely":[119],"functional":[120],"set":[121],"components.":[124],"forwarders":[127,143,173,208],"guide":[128],"requests":[130,147],"non-recursively,":[131],"i.e.,":[132],"without":[133],"rebuilding":[134],"packets":[135],"with":[136],"correct":[137],"source":[138],"addresses.":[139],"As":[140],"such,":[141],"feed":[144],"arbitrary":[145],"into":[148],"(mainly":[149],"powerful":[150],"anycasted)":[152],"open":[153],"recursive":[154,215],"resolvers,":[155,216],"which":[156,197],"case":[159],"misuse":[161],"participate":[162],"unwillingly":[163],"distributed":[165],"We":[169],"show":[170],"raise":[174],"severe":[175],"threats":[176],"Internet":[179],"infrastructure.":[180,228],"They":[181],"easily":[182],"circumvent":[183],"achieve":[187],"an":[188],"additional,":[189],"scalable":[190],"impact":[191],"via":[192],"anycast":[195],"infrastructure,":[196],"empirically":[199],"verified":[200],"up":[201],"factor":[204],"14.":[206],"can":[209],"also":[210],"bridge":[211],"shielded":[214],"making":[217],"these":[218],"protected":[219],"entities":[221],"part":[222],"global":[225],"attack":[227]},"counts_by_year":[],"updated_date":"2025-11-06T06:51:31.235846","created_date":"2025-10-16T00:00:00"}