The official inofficial organization pad for the reading group of the Resilient Networking Lecture (KIT) during winter 24/25.
Every  paper-slot can be claimed by one student (every paper is read on Tue once, and on Thu once).

If  you don't manage to get access to one of the manuscripts (using google scholar, for instance), you can email the authors or your professor, who has a 
pdf of each of the papers (as a last resort)...

Thanks!

Tuesday/Thursday 2PM 

Note, that we are finishing on Jan 30, so two weeks before the sessions end right now. My calendar allows to stretch the reading groups in 2025 - if you feel that there are too many papers in too short time we could push RG 4 back by one week and RG 5 by 2. Let me know what you prefer.

Add your names to claim your date and paper below, the assingments to days is as follows:
Tuesday
1) Springer
2) Mathes
3) Junge
4) Dormann
5) Baumgarten
6) Adler 
7) Bräunig
8) Jossé
9) Schall
10) Shima

Thursday
1) Castro
2) Wahl
3) Purge
4) Knapp-Holldorf
5) Schupp
6) Caspar
7) B. Engel
8) Nguyen
9) YM Engel
10) Shima



Reading Group 1
 a) Herley, Cormac, and Paul C.  Van  Oorschot. "Sok: Science, security and  the elusive goal of  security as a  scientific pursuit." 2017 IEEE  Symposium on Security and  Privacy (SP).  IEEE, 2017.
Tuesday Dec 10:Bräunig
Thursday Dec 12:
 
 
 b) Albert, Jeong, Barabasi: Error and Attack Tolerance of Complex Networks, Nature

Tuesday: Springer
Thursday: Knapp-Holldorf


RG2
a)  Magoni, Damien. "Tearing down the Internet." IEEE Journal on Selected Areas in Communications 21.6 (2003): 949-960
Tuesday Jan 7: Mats Dormann
Thursday Jan 9: Simon Schupp


b) Schuchard,   Max, et al. "Losing control of the internet: using the  data   plane  to  attack the control plane." Proceedings of the 17th ACM conference  on  Computer and communications security. ACM, 2010. https://www-users.cse.umn.edu/~hoppernj/lci-ndss.pdf
--> Please note that we're reading the version with 9 pages from ACM CCS, not the 3-page short version!
Tuesday: Schall
Thursday:


RG3
a) 
Liu, Daiping, Shuai Hao, and Haining Wang."All your DNS records point to us." Proceedings of the 2016 ACM SIGSAC Conference on Computer and
Communications Security. ACM, 2016.
Tuesday Jan 14: Junge
Thursday Jan 16: Castro

b) 
Provable Security for PKI Schemes
Sara  Wrótniak '(Dept. of Computer Science and Engineering, University of  Connecticut, Storrs, CT) Hemi Leibowitz (School of Computer Science, The  College of Management Academic Studies Rishon Lezion, Israel) Ewa Syta  (Dept. of Computer Science, Trinity College, Hartford, CT) Amir Herzberg  (Dept. of Computer Science and Engineering, University of Connecticut,  Storrs, CT), CCS 2024

Tuesday: Jossé
Thursday: Wahl

RG4
a) Rossow, Christian. "Amplification Hell: Revisiting Network Protocols for
DDoS Abuse." NDSS. 2014.
Tuesday Jan 21: Morris Baumgarten-Egemole
Thursday Jan 23:YM Engel

b)  Rossow et al. "Identifying the scan and attack infrastructures
behind amplification DDoS attacks." Proceedings of the 2016 ACM SIGSAC
Conference on Computer and Communications Security. ACM, 2016.
Tuesday: Erik Adler
Thursday: Nguyen

RG5)
a)
Detecting Tunneled Flooding Traffic via Deep Semantic Analysis of Packet Length Patterns
Chuanpu  Fu (Tsinghua University)Qi Li (Tsinghua University) Meng Shen (Beijing  Institute of   echnology) Ke Xu (Tsinghua University), CCS 2024
Tuesday Jan 28:  Mathes
Thursday Jan 30:


===============================================================


Additional Papers:
a) 
CAMP: Compositional Amplification Attacks against DNS                        
Huayi Duan, Marco Bearzi, Jodok Vieli, David Basin, Adrian Perrig, and Si Liu, ETH Zürich; Bernhard Tellenbach, Armasuisse


Attack Modelling for Information Security and Survivability
https://doi.org/10.1184/R1/6572063.v1

Herley, Cormac, and Paul C. Van  Oorschot. "Sok: Science, security and  the elusive goal of security as a  scientific pursuit." 2017 IEEE  Symposium on Security and Privacy (SP).  IEEE, 2017.


Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines
James P.G. Sterbenz et al.
https://www.sciencedirect.com/science/article/pii/S1389128610000824

Albert, Jeong, Barabasi: Error and Attack Tolerance of Complex Networks, Nature


Magoni, Damien. "Tearing down the Internet." IEEE Journal on Selected Areas in Communications 21.6 (2003): 949-960

Schuchard, Max, et al. "Losing control of the internet: using the  data   plane to attack the control plane." Proceedings of the 17th ACM    conference on Computer and communications security. ACM, 2010. https://www-users.cse.umn.edu/~hoppernj/lci-ndss.pdf
--> Please note that we're reading the version with 9 pages from ACM CCS, not the 3-page short version!


 Cohen, Reuven, Raziel Hess-Green, and Gabi Nakibly. "Small lies, lots   of damage: a partition attack on link-state routing protocols." 2015   IEEE Conference on Communications and Network Security (CNS). IEEE, 2015

Keep Your Friends Close, but Your Routeservers Closer: Insights into RPKI Validation in the Internet
Authors: 
Tomas  Hlavacek, Fraunhofer Institute for Secure Information Technology SIT  and National Research Center for Applied Cybersecurity ATHENE; Haya  Shulman and Niklas Vogel, Fraunhofer Institute for Secure Information  Technology SIT, National Research Center for Applied Cybersecurity  ATHENE, and Goethe-Universität Frankfurt; Michael Waidner, Fraunhofer  Institute for Secure Information Technology SIT, National Research  Center for Applied Cybersecurity ATHENE, and Technische Universität  Darmstadt
https://www.usenix.org/conference/usenixsecurity23/presentation/hlavacek


Liu, Daiping, Shuai Hao, and Haining Wang."All your DNS records point to us." Proceedings of the 2016 ACM SIGSAC Conference on Computer and
Communications Security. ACM, 2016.

NRDelegationAttack: Complexity DDoS attack on DNS Recursive Resolvers                   
Authors: 
Yehuda Afek and Anat Bremler-Barr, Tel-Aviv University; Shani Stajnrod, Reichman University
https://www.usenix.org/conference/usenixsecurity23/presentation/afek


Rossow, Christian. "Amplification Hell: Revisiting Network Protocols for
DDoS Abuse." NDSS. 2014.

Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack
Authors: 
Run  Guo, Tsinghua University; Jianjun Chen, Tsinghua University and  Zhongguancun Laboratory; Yihang Wang and Keran Mu, Tsinghua University;  Baojun Liu, Tsinghua University and Zhongguancun Laboratory; Xiang Li,  Tsinghua University; Chao Zhang, Tsinghua University and Zhongguancun  Laboratory; Haixin Duan, Tsinghua University and Zhongguancun Laboratory  and QI-ANXIN Technology Research Institute; Jianping Wu, Tsinghua  University and Zhongguancun Laboratory
https://www.usenix.org/conference/usenixsecurity23/presentation/guo-run


Rossow et al. "Identifying the scan and attack infrastructures
behind amplification DDoS attacks." Proceedings of the 2016 ACM SIGSAC
Conference on Computer and Communications Security. ACM, 2016.

Glowing in the Dark: Uncovering IPv6 Address Discovery and Scanning Strategies in the Wild
Authors: 
Hammas  Bin Tanveer, The University of Iowa; Rachee Singh, Microsoft and  Cornell University; Paul Pearce, Georgia Tech; Rishab Nithyanand,  University of Iowa
https://www.usenix.org/conference/usenixsecurity23/presentation/bin-tanveer


How to Count Bots in Longitudinal Datasets of IP Addresses
Leon  Böck (Technische Universität Darmstadt), Dave Levin (University of  Maryland), Ramakrishna Padmanabhan (CAIDA), Christian Doerr (Hasso  Plattner Institute), Max Mühlhäuser (Technical University of Darmstadt)
https://www.ndss-symposium.org/ndss-paper/how-to-count-bots-in-longitudinal-datasets-of-ip-addresses/

Preventing SIM Box Fraud Using Device Model Fingerprinting
BeomSeok  Oh (KAIST), Junho Ahn (KAIST), Sangwook Bae (KAIST), Mincheol Son  (KAIST), Yonghwa Lee (KAIST), Min Suk Kang (KAIST), Yongdae Kim (KAIST)
https://www.ndss-symposium.org/ndss-paper/preventing-sim-box-fraud-using-device-model-fingerprinting/

IMP4GT: IMPersonation Attacks in 4G NeTworks
David     Rupprecht (Ruhr University Bochum), Katharina Kohls (Ruhr   University    Bochum), Thorsten Holz (Ruhr University Bochum),  Christina  Poepper   (NYU  Abu Dhabi), NDSS 2020


Detecting Tunneled Flooding Traffic via Deep Semantic Analysis of Packet Length Patterns
Chuanpu Fu (Tsinghua University)Qi Li (Tsinghua University) Meng Shen (Beijing Institute of   echnology) Ke Xu (Tsinghua University), CCS 2024

Provable Security for PKI Schemes
Sara Wrótniak (Dept. of Computer Science and Engineering, University of Connecticut, Storrs, CT) Hemi Leibowitz (School of Computer Science, The College of Management Academic Studies Rishon Lezion, Israel) Ewa Syta (Dept. of Computer Science, Trinity College, Hartford, CT) Amir Herzberg (Dept. of Computer Science and Engineering, University of Connecticut, Storrs, CT), CCS 2024

Dietzel, C., Feldmann, A., & King,  T. (2016, March). Blackholing at ixps: On the effectiveness of ddos  mitigation in the wild. In International Conference on Passive and Active Network Measurement (pp. 319-332). Springer, Cham.


Keyu Man et al., "DNS Cache Poisoning Attack Reloaded: Revolutions With Side Channels" Proceedings of ACM CCS, 2020


The Maginot Line: Attacking the Boundary of DNS Caching Protection                   
Authors: 
Xiang Li, Chaoyi Lu, and Baojun Liu, Tsinghua University; Qifan Zhang and Zhou Li, University of California, Irvine; Haixin Duan, Tsinghua University, QI-ANXIN Technology Research Institute, and Zhongguancun Laboratory; Qi Li, Tsinghua University and Zhongguancun Laboratory
https://www.usenix.org/conference/usenixsecurity23/presentation/li-xiang

Fourteen Years in the Life: A Root Server’s Perspective on DNS Resolver Security                   
Authors: 
Alden Hilton, Sandia National Laboratories; Casey Deccio, Brigham Young University; Jacob Davis, Sandia National Laboratories
https://www.usenix.org/conference/usenixsecurity23/presentation/hilton

NRDelegationAttack: Complexity DDoS attack on DNS Recursive Resolvers                   
Authors: 
Yehuda Afek and Anat Bremler-Barr, Tel-Aviv University; Shani Stajnrod, Reichman University
https://www.usenix.org/conference/usenixsecurity23/presentation/afek

Keep Your Friends Close, but Your Routeservers Closer: Insights into RPKI Validation in the Internet
Authors: 
Tomas Hlavacek, Fraunhofer Institute for Secure Information Technology SIT and National Research Center for Applied Cybersecurity ATHENE; Haya Shulman and Niklas Vogel, Fraunhofer Institute for Secure Information Technology SIT, National Research Center for Applied Cybersecurity ATHENE, and Goethe-Universität Frankfurt; Michael Waidner, Fraunhofer Institute for Secure Information Technology SIT, National Research Center for Applied Cybersecurity ATHENE, and Technische Universität Darmstadt
https://www.usenix.org/conference/usenixsecurity23/presentation/hlavacek


Access Denied: Assessing Physical Risks to Internet Access Networks
Authors: 
Alexander Marder, CAIDA / UC San Diego; Zesen Zhang, UC San Diego; Ricky Mok and Ramakrishna Padmanabhan, CAIDA / UC San Diego; Bradley Huffaker, CAIDA/ UC San Diego; Matthew Luckie, University of Waikato; Alberto Dainotti, Georgia Tech; kc claffy, CAIDA/ UC San Diego; Alex C. Snoeren and Aaron Schulman, UC San Diego
https://www.usenix.org/conference/usenixsecurity23/presentation/marder


Flexsealing BGP Against Route Leaks: Peerlock Active Measurement and Analysis
Tyler   McDaniel (University of Tennessee, Knoxville), Jared M. Smith    (University of Tennessee, Knoxville), Max Schuchard (University of    Tennessee, Knoxville), NDSS

Q. Zhang, J.H. Cho, T. J.  Moore,  and F. F. Nelson,  ``DREVAN: Deep  Reinforcement Learning-based   Vulnerability-Aware Network  Adaptations  for Resilient Networks,''  The  2021 IEEE Conference on  Communications  and Network Security (CNS   2021), 17 June 2021.

Threat modeling – A systematic literature review
Xiong Wenjun, and Robert Lagerströhttps://pads.ccc.de/T4J63cwG3o m; Elsevier Computers & Security

a) ROV++: Improved Deployable Defense against BGP Hijacking
Reynaldo    Morillo (University of Connecticut), Justin Furuness  (University of    Connecticut), Cameron Morris (University of Connecticut),  James   Breslin  (University of Connecticut), Amir Herzberg (University of     Connecticut), Bing Wang (University of Connecticut), NDSS

b) Withdrawing the BGP Re-Routing Curtain: Understanding the Security Impact of BGP Poisoning through Real-World Measurements
Jared    M. Smith (University of Tennessee, Knoxville), Kyle Birkeland     (University of Tennessee, Knoxville), Tyler McDaniel (University of     Tennessee, Knoxville), Max Schuchard (University of Tennessee,     Knoxville), NDSS 2020

SmartCookie: Blocking Large-Scale SYN Floods with a Split-Proxy Defense on Programmable Data Planes                        
Sophia Yoo, Xiaoqi Chen, and Jennifer Rexford, Princeton University

CAMP: Compositional Amplification Attacks against DNS                        
Huayi Duan, Marco Bearzi, Jodok Vieli, David Basin, Adrian Perrig, and Si Liu, ETH Zürich; Bernhard Tellenbach, Armasuisse

A System to Detect Forged-Origin BGP Hijacks                        
Thomas Holterbach and Thomas Alfroy, University of Strasbourg; Amreesh Phokeer, Internet Society; Alberto Dainotti, Georgia Tech; Cristel Pelsser, UCLouvain
NDSS 2024

Herwig, Stephen, et al. "Measurement and Analysis of Hajime, a Peer-to-peer IoT Botnet."

Smith, Jared M., and Max Schuchard. "Routing around congestion:
Defeating DDoS attacks and adverse network conditions via reactive BGP
routing." 2018 IEEE Symposium on Security and Privacy (SP). IEEE,
2018.

Jonker, Mattijs, et al. "A First Joint Look at DoS Attacks and BGP Blackholing in the Wild."
Proceedings of the Internet Measurement Conference 2018. ACM, 2018. 

 Meza, Justin, et al. "A large scale study of data center network  reliability." Proceedings of the Internet Measurement Conference.ACM,  2018. 

DISCO: Sidestepping RPKI's Deployment Barriers
Tomas   Hlavacek (Fraunhofer SIT), Italo Cunha (Universidade Federal de  Minas   Gerais), Yossi Gilad (Hebrew University of Jerusalem), Amir  Herzberg   (University of Connecticut), Ethan Katz-Bassett (Columbia  University),   Michael Schapira (Hebrew University of Jerusalem), Haya  Shulman   (Fraunhofer SIT), NDSS

Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches
Menghao  Zhang (Tsinghua University), Guanyu Li (Tsinghua University),  Shicheng  Wang (Tsinghua University), Chang Liu (Tsinghua University),  Ang Chen  (Rice University), Hongxin Hu (Clemson University), Guofei Gu  (Texas  A&M University), Qi Li (Tsinghua University), Mingwei Xu  (Tsinghua  University), Jianping Wu (Tsinghua University), NDSS

maTLS: How to Make TLS middlebox-aware?
Hyunwoo   Lee (Seoul National University), Zach Smith (University of    Luxembourg), Junghwan Lim (Seoul National University), Gyeongjae Choi    (Seoul National University), Selin Chun (Seoul National University),    Taejoong Chung (Rochester Institute of Technology), Ted "Taekyoung"   Kwon  (Seoul National University), NDSS 2021

CDN Judo: Breaking the CDN DoS Protection with Itself 
Run  Guo, Weizhong Li, Baojun   Liu, Shuang Hao,   Jia Zhang, Haixin  Duan,   Kaiwen Sheng, Jianjun Chen, Ying Liu, NDSS 2020 
https://www.ndss-symposium.org/wp-content/uploads/2020/02/24411.pdf














The official inofficial organization pad for the reading group of the Resilient Networking Lecture (KIT) during winter 24/25.
Every  paper-slot can be claimed by one student (every paper is read on Tue once, and on Thu once).

If  you don't manage to get access to one of the manuscripts (using google scholar, for instance), you can email the authors or your professor, who has a 
pdf of each of the papers (as a last resort)...

Thanks!

Tuesday/Thursday 2PM 

Note, that we are finishing on Jan 30, so two weeks before the sessions end right now. My calendar allows to stretch the reading groups in 2025 - if you feel that there are too many papers in too short time we could push RG 4 back by one week and RG 5 by 2. Let me know what you prefer.

Add your names to claim your date and paper below, the assingments to days is as follows:
Tuesday
1) Springer
2) Mathes
3) Junge
4) Dormann
5) Baumgarten
6) Adler 
7) Bräunig
8) Jossé
9) Schall

Thursday
1) Castro
2) Wahl
3) Purge
4) Knapp-Holldorf
5) Schupp
6) Caspar
7) B. Engel
8) Nguyen
9) YM Engel




Reading Group 1
 a) Herley, Cormac, and Paul C.  Van  Oorschot. "Sok: Science, security and  the elusive goal of  security as a  scientific pursuit." 2017 IEEE  Symposium on Security and  Privacy (SP).  IEEE, 2017.
Tuesday Dec 10: Bräunig
Thursday Dec 12:
 
 
 b) Albert, Jeong, Barabasi: Error and Attack Tolerance of Complex Networks, Nature

Tuesday: Springer
Thursday: Knapp-Holldorf


RG2
a)  Magoni, Damien. "Tearing down the Internet." IEEE Journal on Selected Areas in Communications 21.6 (2003): 949-960
Tuesday Jan 7: Mats Dormann
Thursday Jan 9: Simon Schupp


b) Schuchard,   Max, et al. "Losing control of the internet: using the  data   plane  to  attack the control plane." Proceedings of the 17th ACM conference  on  Computer and communications security. ACM, 2010. https://www-users.cse.umn.edu/~hoppernj/lci-ndss.pdf
--> Please note that we're reading the version with 9 pages from ACM CCS, not the 3-page short version!
Tuesday: Schall
Thursday:


RG3
a) 
Liu, Daiping, Shuai Hao, and Haining Wang."All your DNS records point to us." Proceedings of the 2016 ACM SIGSAC Conference on Computer and
Communications Security. ACM, 2016.
Tuesday Jan 14: Junge
Thursday Jan 16: Castro

b) 
Provable Security for PKI Schemes
Sara  Wrótniak (Dept. of Computer Science and Engineering, University of  Connecticut, Storrs, CT) Hemi Leibowitz (School of Computer Science, The  College of Management Academic Studies Rishon Lezion, Israel) Ewa Syta  (Dept. of Computer Science, Trinity College, Hartford, CT) Amir Herzberg  (Dept. of Computer Science and Engineering, University of Connecticut,  Storrs, CT), CCS 2024

Tuesday:
Thursday:

RG4
a) Rossow, Christian. "Amplification Hell: Revisiting Network Protocols for
DDoS Abuse." NDSS. 2014.
Tuesday Jan 21: Morris Baumgarten-Egemole
Thursday Jan 23:YM Engel

b)  Rossow et al. "Identifying the scan and attack infrastructures
behind amplification DDoS attacks." Proceedings of the 2016 ACM SIGSAC
Conference on Computer and Communications Security. ACM, 2016.
Tuesday: Erik Adler
Thursday: Nguyen

RG5)
a)
Detecting Tunneled Flooding Traffic via Deep Semantic Analysis of Packet Length Patterns
Chuanpu  Fu (Tsinghua University)Qi Li (Tsinghua University) Meng Shen (Beijing  Institute of   echnology) Ke Xu (Tsinghua University), CCS 2024
Tuesday Jan 28:
Thursday Jan 30:


===============================================================


Additional Papers:
a) 
CAMP: Compositional Amplification Attacks against DNS                        
Huayi Duan, Marco Bearzi, Jodok Vieli, David Basin, Adrian Perrig, and Si Liu, ETH Zürich; Bernhard Tellenbach, Armasuisse


Attack Modelling for Information Security and Survivability
https://doi.org/10.1184/R1/6572063.v1

Herley, Cormac, and Paul C. Van  Oorschot. "Sok: Science, security and  the elusive goal of security as a  scientific pursuit." 2017 IEEE  Symposium on Security and Privacy (SP).  IEEE, 2017.


Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines
James P.G. Sterbenz et al.
https://www.sciencedirect.com/science/article/pii/S1389128610000824

Albert, Jeong, Barabasi: Error and Attack Tolerance of Complex Networks, Nature


Magoni, Damien. "Tearing down the Internet." IEEE Journal on Selected Areas in Communications 21.6 (2003): 949-960

Schuchard, Max, et al. "Losing control of the internet: using the  data   plane to attack the control plane." Proceedings of the 17th ACM    conference on Computer and communications security. ACM, 2010. https://www-users.cse.umn.edu/~hoppernj/lci-ndss.pdf
--> Please note that we're reading the version with 9 pages from ACM CCS, not the 3-page short version!


 Cohen, Reuven, Raziel Hess-Green, and Gabi Nakibly. "Small lies, lots   of damage: a partition attack on link-state routing protocols." 2015   IEEE Conference on Communications and Network Security (CNS). IEEE, 2015

Keep Your Friends Close, but Your Routeservers Closer: Insights into RPKI Validation in the Internet
Authors: 
Tomas  Hlavacek, Fraunhofer Institute for Secure Information Technology SIT  and National Research Center for Applied Cybersecurity ATHENE; Haya  Shulman and Niklas Vogel, Fraunhofer Institute for Secure Information  Technology SIT, National Research Center for Applied Cybersecurity  ATHENE, and Goethe-Universität Frankfurt; Michael Waidner, Fraunhofer  Institute for Secure Information Technology SIT, National Research  Center for Applied Cybersecurity ATHENE, and Technische Universität  Darmstadt
https://www.usenix.org/conference/usenixsecurity23/presentation/hlavacek


Liu, Daiping, Shuai Hao, and Haining Wang."All your DNS records point to us." Proceedings of the 2016 ACM SIGSAC Conference on Computer and
Communications Security. ACM, 2016.

NRDelegationAttack: Complexity DDoS attack on DNS Recursive Resolvers                   
Authors: 
Yehuda Afek and Anat Bremler-Barr, Tel-Aviv University; Shani Stajnrod, Reichman University
https://www.usenix.org/conference/usenixsecurity23/presentation/afek


Rossow, Christian. "Amplification Hell: Revisiting Network Protocols for
DDoS Abuse." NDSS. 2014.

Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack
Authors: 
Run  Guo, Tsinghua University; Jianjun Chen, Tsinghua University and  Zhongguancun Laboratory; Yihang Wang and Keran Mu, Tsinghua University;  Baojun Liu, Tsinghua University and Zhongguancun Laboratory; Xiang Li,  Tsinghua University; Chao Zhang, Tsinghua University and Zhongguancun  Laboratory; Haixin Duan, Tsinghua University and Zhongguancun Laboratory  and QI-ANXIN Technology Research Institute; Jianping Wu, Tsinghua  University and Zhongguancun Laboratory
https://www.usenix.org/conference/usenixsecurity23/presentation/guo-run


Rossow et al. "Identifying the scan and attack infrastructures
behind amplification DDoS attacks." Proceedings of the 2016 ACM SIGSAC
Conference on Computer and Communications Security. ACM, 2016.

Glowing in the Dark: Uncovering IPv6 Address Discovery and Scanning Strategies in the Wild
Authors: 
Hammas  Bin Tanveer, The University of Iowa; Rachee Singh, Microsoft and  Cornell University; Paul Pearce, Georgia Tech; Rishab Nithyanand,  University of Iowa
https://www.usenix.org/conference/usenixsecurity23/presentation/bin-tanveer


How to Count Bots in Longitudinal Datasets of IP Addresses
Leon  Böck (Technische Universität Darmstadt), Dave Levin (University of  Maryland), Ramakrishna Padmanabhan (CAIDA), Christian Doerr (Hasso  Plattner Institute), Max Mühlhäuser (Technical University of Darmstadt)
https://www.ndss-symposium.org/ndss-paper/how-to-count-bots-in-longitudinal-datasets-of-ip-addresses/

Preventing SIM Box Fraud Using Device Model Fingerprinting
BeomSeok  Oh (KAIST), Junho Ahn (KAIST), Sangwook Bae (KAIST), Mincheol Son  (KAIST), Yonghwa Lee (KAIST), Min Suk Kang (KAIST), Yongdae Kim (KAIST)
https://www.ndss-symposium.org/ndss-paper/preventing-sim-box-fraud-using-device-model-fingerprinting/

IMP4GT: IMPersonation Attacks in 4G NeTworks
David     Rupprecht (Ruhr University Bochum), Katharina Kohls (Ruhr   University    Bochum), Thorsten Holz (Ruhr University Bochum),  Christina  Poepper   (NYU  Abu Dhabi), NDSS 2020


Detecting Tunneled Flooding Traffic via Deep Semantic Analysis of Packet Length Patterns
Chuanpu Fu (Tsinghua University)Qi Li (Tsinghua University) Meng Shen (Beijing Institute of   echnology) Ke Xu (Tsinghua University), CCS 2024

Provable Security for PKI Schemes
Sara Wrótniak (Dept. of Computer Science and Engineering, University of Connecticut, Storrs, CT) Hemi Leibowitz (School of Computer Science, The College of Management Academic Studies Rishon Lezion, Israel) Ewa Syta (Dept. of Computer Science, Trinity College, Hartford, CT) Amir Herzberg (Dept. of Computer Science and Engineering, University of Connecticut, Storrs, CT), CCS 2024

Dietzel, C., Feldmann, A., & King,  T. (2016, March). Blackholing at ixps: On the effectiveness of ddos  mitigation in the wild. In International Conference on Passive and Active Network Measurement (pp. 319-332). Springer, Cham.


Keyu Man et al., "DNS Cache Poisoning Attack Reloaded: Revolutions With Side Channels" Proceedings of ACM CCS, 2020


The Maginot Line: Attacking the Boundary of DNS Caching Protection                   
Authors: 
Xiang Li, Chaoyi Lu, and Baojun Liu, Tsinghua University; Qifan Zhang and Zhou Li, University of California, Irvine; Haixin Duan, Tsinghua University, QI-ANXIN Technology Research Institute, and Zhongguancun Laboratory; Qi Li, Tsinghua University and Zhongguancun Laboratory
https://www.usenix.org/conference/usenixsecurity23/presentation/li-xiang

Fourteen Years in the Life: A Root Server’s Perspective on DNS Resolver Security                   
Authors: 
Alden Hilton, Sandia National Laboratories; Casey Deccio, Brigham Young University; Jacob Davis, Sandia National Laboratories
https://www.usenix.org/conference/usenixsecurity23/presentation/hilton

NRDelegationAttack: Complexity DDoS attack on DNS Recursive Resolvers                   
Authors: 
Yehuda Afek and Anat Bremler-Barr, Tel-Aviv University; Shani Stajnrod, Reichman University
https://www.usenix.org/conference/usenixsecurity23/presentation/afek

Keep Your Friends Close, but Your Routeservers Closer: Insights into RPKI Validation in the Internet
Authors: 
Tomas Hlavacek, Fraunhofer Institute for Secure Information Technology SIT and National Research Center for Applied Cybersecurity ATHENE; Haya Shulman and Niklas Vogel, Fraunhofer Institute for Secure Information Technology SIT, National Research Center for Applied Cybersecurity ATHENE, and Goethe-Universität Frankfurt; Michael Waidner, Fraunhofer Institute for Secure Information Technology SIT, National Research Center for Applied Cybersecurity ATHENE, and Technische Universität Darmstadt
https://www.usenix.org/conference/usenixsecurity23/presentation/hlavacek


Access Denied: Assessing Physical Risks to Internet Access Networks
Authors: 
Alexander Marder, CAIDA / UC San Diego; Zesen Zhang, UC San Diego; Ricky Mok and Ramakrishna Padmanabhan, CAIDA / UC San Diego; Bradley Huffaker, CAIDA/ UC San Diego; Matthew Luckie, University of Waikato; Alberto Dainotti, Georgia Tech; kc claffy, CAIDA/ UC San Diego; Alex C. Snoeren and Aaron Schulman, UC San Diego
https://www.usenix.org/conference/usenixsecurity23/presentation/marder


Flexsealing BGP Against Route Leaks: Peerlock Active Measurement and Analysis
Tyler   McDaniel (University of Tennessee, Knoxville), Jared M. Smith    (University of Tennessee, Knoxville), Max Schuchard (University of    Tennessee, Knoxville), NDSS

Q. Zhang, J.H. Cho, T. J.  Moore,  and F. F. Nelson,  ``DREVAN: Deep  Reinforcement Learning-based   Vulnerability-Aware Network  Adaptations  for Resilient Networks,''  The  2021 IEEE Conference on  Communications  and Network Security (CNS   2021), 17 June 2021.

Threat modeling – A systematic literature review
Xiong Wenjun, and Robert Lagerströhttps://pads.ccc.de/T4J63cwG3o m; Elsevier Computers & Security

a) ROV++: Improved Deployable Defense against BGP Hijacking
Reynaldo    Morillo (University of Connecticut), Justin Furuness  (University of    Connecticut), Cameron Morris (University of Connecticut),  James   Breslin  (University of Connecticut), Amir Herzberg (University of     Connecticut), Bing Wang (University of Connecticut), NDSS

b) Withdrawing the BGP Re-Routing Curtain: Understanding the Security Impact of BGP Poisoning through Real-World Measurements
Jared    M. Smith (University of Tennessee, Knoxville), Kyle Birkeland     (University of Tennessee, Knoxville), Tyler McDaniel (University of     Tennessee, Knoxville), Max Schuchard (University of Tennessee,     Knoxville), NDSS 2020

SmartCookie: Blocking Large-Scale SYN Floods with a Split-Proxy Defense on Programmable Data Planes                        
Sophia Yoo, Xiaoqi Chen, and Jennifer Rexford, Princeton University

CAMP: Compositional Amplification Attacks against DNS                        
Huayi Duan, Marco Bearzi, Jodok Vieli, David Basin, Adrian Perrig, and Si Liu, ETH Zürich; Bernhard Tellenbach, Armasuisse

A System to Detect Forged-Origin BGP Hijacks                        
Thomas Holterbach and Thomas Alfroy, University of Strasbourg; Amreesh Phokeer, Internet Society; Alberto Dainotti, Georgia Tech; Cristel Pelsser, UCLouvain
NDSS 2024

Herwig, Stephen, et al. "Measurement and Analysis of Hajime, a Peer-to-peer IoT Botnet."

Smith, Jared M., and Max Schuchard. "Routing around congestion:
Defeating DDoS attacks and adverse network conditions via reactive BGP
routing." 2018 IEEE Symposium on Security and Privacy (SP). IEEE,
2018.

Jonker, Mattijs, et al. "A First Joint Look at DoS Attacks and BGP Blackholing in the Wild."
Proceedings of the Internet Measurement Conference 2018. ACM, 2018. 

 Meza, Justin, et al. "A large scale study of data center network  reliability." Proceedings of the Internet Measurement Conference.ACM,  2018. 

DISCO: Sidestepping RPKI's Deployment Barriers
Tomas   Hlavacek (Fraunhofer SIT), Italo Cunha (Universidade Federal de  Minas   Gerais), Yossi Gilad (Hebrew University of Jerusalem), Amir  Herzberg   (University of Connecticut), Ethan Katz-Bassett (Columbia  University),   Michael Schapira (Hebrew University of Jerusalem), Haya  Shulman   (Fraunhofer SIT), NDSS

Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches
Menghao  Zhang (Tsinghua University), Guanyu Li (Tsinghua University),  Shicheng  Wang (Tsinghua University), Chang Liu (Tsinghua University),  Ang Chen  (Rice University), Hongxin Hu (Clemson University), Guofei Gu  (Texas  A&M University), Qi Li (Tsinghua University), Mingwei Xu  (Tsinghua  University), Jianping Wu (Tsinghua University), NDSS

maTLS: How to Make TLS middlebox-aware?
Hyunwoo   Lee (Seoul National University), Zach Smith (University of    Luxembourg), Junghwan Lim (Seoul National University), Gyeongjae Choi    (Seoul National University), Selin Chun (Seoul National University),    Taejoong Chung (Rochester Institute of Technology), Ted "Taekyoung"   Kwon  (Seoul National University), NDSS 2021

CDN Judo: Breaking the CDN DoS Protection with Itself 
Run  Guo, Weizhong Li, Baojun   Liu, Shuang Hao,   Jia Zhang, Haixin  Duan,   Kaiwen Sheng, Jianjun Chen, Ying Liu, NDSS 2020 
https://www.ndss-symposium.org/wp-content/uploads/2020/02/24411.pdf