• Publications
  • Influence
How You Get Shot in the Back: A Systematical Study about Cryptojacking in the Real World
TLDR
We build CMTracker, a behavior-based detector with two runtime profilers for automatically tracking Cryptocurrency Mining scripts and their related domains. Expand
When HTTPS Meets CDN: A Case of Authentication in Delegated Service
TLDR
We proposed and implemented a lightweight solution based on DANE (DNS-based Authentication of Named Entities), an emerging IETF protocol complementing the current Web PKI model. Expand
An empirical reexamination of global DNS behavior
TLDR
We present measurement results from a unique dataset containing more than 26 billion DNS query-response pairs collected from more than 600 globally distributed recursive DNS resolvers. Expand
A Reexamination of Internationalized Domain Names: The Good, the Bad and the Ugly
TLDR
Internationalized Domain Names (IDNs) are domain names containing non-ASCII characters. Expand
Cookies Lack Integrity: Real-World Implications
TLDR
A cookie can contain a "secure" flag, indicating that it should be only sent over an HTTPS connection. Expand
Don't Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains
TLDR
We identify novel features that uniquely characterize domain shadowing by analyzing the deviation from their apex domains and correlate among different apex domains. Expand
An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come?
TLDR
This paper performs by far the first end-to-end and large-scale analysis on DNS-over-Encryption. Expand
Reexamining DNS From a Global Recursive Resolver Perspective
TLDR
In this paper, we present measurement results from a unique dataset containing more than 26 billion DNS query-response pairs collected from more than 600 globally distributed recursive DNS resolvers. Expand
Ghost Domain Names: Revoked Yet Still Resolvable
TLDR
We demonstrate a vulnerability affecting the large majority of popular DNS implementations which allows a malicious domain name to stay resolvable long after it has been removed from the upper level servers. Expand
Efficient performance estimate for one-class support vector machine
TLDR
This letter proposes and analyzes a method (@[email protected]@r-estimate) to estimate the generalization performance of one-class support vector machine (SVM) for novelty detection. Expand
...
1
2
3
4
5
...