short-paper

Open access

Wolf in Sheep's Clothing: Evaluating Security Risks of the Undelegated Record on DNS Hosting Services

Authors:

Eihal Alowaisheq,

Min ZhangAuthors Info & Claims

IMC '23: Proceedings of the 2023 ACM on Internet Measurement Conference

Pages 188 - 197

https://doi.org/10.1145/3618257.3624839

Published: 24 October 2023 Publication History

Abstract

Leveraging DNS for covert communications is appealing since most networks allow DNS traffic, especially the ones directed toward renowned DNS hosting services. Unfortunately, most DNS hosting services overlook domain ownership verification, enabling miscreants to host undelegated DNS records of a domain they do not own. Consequently, miscreants can conduct covert communication through such undelegated records for whitelisted domains on reputable hosting providers. In this paper, we shed light on the emerging threat posed by undelegated records and demonstrate their exploitation in the wild. To the best of our knowledge, this security risk has not been studied before.

We conducted a comprehensive measurement to reveal the prevalence of the risk. In total, we observed 1,580,925 unique undelegated records that are potentially abused. We further observed that a considerable portion of these records are associated with malicious behaviors. By utilizing threat intelligence and malicious traffic collected by malware sandbox, we extracted malicious IP addresses from 25.41% of these records, spanning 1,369 Tranco top 2K domains and 248 DNS hosting providers, including Cloudflare and Amazon. Furthermore, we discovered that the majority of the identified malicious activities are Trojan-related. Moreover, we conducted case studies on two malware families (Dark.IOT and Specter) that exploit undelegated records to obtain C2 servers, in addition to the masquerading SPF records to conceal SMTP-based covert communication. Also, we provided mitigation options for different entities. As a result of our disclosure, several popular hosting providers have taken action to address this issue.

References

[1]

Akamai. 2023. Edge DNS-Secure DNS Solution and Edge Platform. https://www.akamai.com/products/edge-dns.

[2]

Gautam Akiwate, Raffaele Sommese, Mattijs Jonker, Zakir Durumeric, KC Claffy, Geoffrey M. Voelker, and Stefan Savage. 2022. Retroactive Identification of Targeted DNS Infrastructure Hijacking. In Proceedings of the 22nd ACM Internet Measurement Conference (Nice, France) (IMC '22). Association for Computing Machinery, New York, NY, USA, 14--32. https://doi.org/10.1145/3517745.3561425

Digital Library

[3]

Alibaba. 2023. Domain Name Service. https://www.alibabacloud.com/domain.

[4]

Eihal Alowaisheq, Siyuan Tang, Zhihao Wang, Fatemah Alharbi, Xiaojing Liao, and XiaoFeng Wang. 2020. Zombie Awakening: Stealthy Hijacking of Active Domains through DNS Hosting Referral. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (Virtual Event, USA) (CCS '20). Association for Computing Machinery, New York, NY, USA, 1307--1322. https://doi.org/10.1145/3372297.3417864

Digital Library

[5]

Amazon. 2023. Amazon Route 53|DNS Service. https://aws.amazon.com/route53/.

[6]

Manos Antonakakis, Roberto Perdisci, David Dagon, Wenke Lee, and Nick Feamster. 2010. Building a Dynamic Reputation System for DNS. In Proceedings of the 19th USENIX Conference on Security (Washington, DC) (USENIX Security'10). USENIX Association, USA, 18.

Digital Library

[7]

Baidu. 2023. Baidu AI Cloud. https://intl.cloud.baidu.com/.

[8]

Nick Biasini and J Esler. 2015. Threat spotlight: Angler lurking in the domain shadows.

[9]

Leyla Bilge, Engin Kirda, Christopher Kruegel, and Marco Balduzzi. 2011. EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis.

[10]

Kevin Borgolte, Tobias Fiebig, Shuang Hao, Christopher Kruegel, and Giovanni Vigna. [n.,d.]. Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates. In Proceedings of the 25th Network and Distributed System Security Symposium (NDSS) 25 ed.) (San Diego, CA, USA, 2018-02), Patrick Traynor and Alina Oprea (Eds.). Internet Society (ISOC). https://doi.org/10.14722/ndss.2018.23327

Digital Library

[11]

Jonas Bushart and Christian Rossow. 2020. Padding Aintextquoterightt Enough: Assessing the Privacy Guarantees of Encrypted DNS. In 10th USENIX Workshop on Free and Open Communications on the Internet (FOCI 20). USENIX Association. https://www.usenix.org/conference/foci20/presentation/bushart

[12]

Catalin Cimpanu. 2023. DEF CON: New tool brings back 'domain fronting' as 'domain hiding'. https://www.zdnet.com/article/def-con-new-tool-brings-back-domain-fronting-as-domain-hiding/.

[13]

Daiki Chiba, Takeshi Yagi, Mitsuaki Akiyama, Toshiki Shibahara, Takeshi Yada, Tatsuya Mori, and Shigeki Goto. 2016. DomainProfiler: Discovering domain names abused in future. In 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 491--502.

[14]

Cisco. 2023 a. Cisco Umbrella|Leader in Cloud Cybersecurity SASE Solutions. https://umbrella.cisco.com/.

[15]

Cisco. 2023 b. DNS-Layer Security: The Ultimate Guide to What It Is and Why You Need It. https://umbrella.cisco.com/blog/what-is-dns-layer-security.

[16]

Cisco. 2023. Snort-Network Intrusion Detection & Prevention System. https://www.snort.org/.

[17]

Cloudflare. 2023. Cloudflare, Inc. - Investor Relations. https://cloudflare.net/home/default.aspx.

[18]

ClouDNS. 2023. Free DNS hosting, Cloud DNS hosting and Domain names. https://www.cloudns.net/.

[19]

CSC. 2023. DNS Services | Managed DNS Security - CSC. https://www.cscdbs.com/en/domain-security/dns-services/.

[20]

Viktor Dukhovni and Wes Hardaker. 2015. The DNS-Based Authentication of Named Entities (DANE) Protocol: Updates and Operational Guidance. RFC 7671. https://doi.org/10.17487/RFC7671

Digital Library

[21]

Emercoin. 2022. EmerDNS - Blockchain Service. https://emercoin.com/en/emerdns/.

[22]

Mark Felegyhazi, Christian Kreibich, and Vern Paxson. 2010. On the Potential of Proactive Domain Blacklisting. In Proceedings of the 3rd USENIX Conference on Large-Scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More (San Jose, California) (LEET'10). USENIX Association, USA, 6.

Digital Library

[23]

David Fifield, Chang Lan, Rod Hynes, Percy Wegmann, and Vern Paxson. 2015. Blocking-resistant communication through domain fronting. Proc. Priv. Enhancing Technol., Vol. 2015, 2 (2015), 46--64.

[24]

Mozilla Foundation. 2023. PUBLIC SUFFIX LIST. https://publicsuffix.org/.

[25]

Godaddy. 2023. Domain Names, Websites, and Hosting. https://sg.godaddy.com/.

[26]

Google. 2023 a. Google Scholar. https://scholar.google.com/scholar'start=0&as_sdt=2005&sciodt=0,5&cites=1499698348405075976&scipsc= .

[27]

Google. 2023 b. Public DNS-Google for Developers. https://developers.google.com/speed/public-dns.

[28]

Daniel Gruss, Michael Schwarz, Matthias Wübbeling, Simon Guggi, Timo Malderle, Stefan More, and Moritz Lipp. 2018. Use-After-FreeMail: Generalizing the Use-After-Free Problem and Applying It to Email Services. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security (Incheon, Republic of Korea) (ASIACCS '18). Association for Computing Machinery, New York, NY, USA, 297--311. https://doi.org/10.1145/3196494.3196514

Digital Library

[29]

Shuai Hao, Haining Wang, Angelos Stavrou, and Evgenia Smirni. 2015. On the DNS Deployment of Modern Web Services. In 2015 IEEE 23rd International Conference on Network Protocols (ICNP). IEEE, 100--110.

[30]

Nguyen Phong Hoang, Arian Akhavan Niaki, Jakub Dalek, Jeffrey Knockel, Pellaeon Lin, Bill Marczak, Masashi Crete-Nishihata, Phillipa Gill, and Michalis Polychronakis. 2021. How Great is the Great Firewall? Measuring Chinatextquoterights DNS Censorship. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 3381--3398. https://www.usenix.org/conference/usenixsecurity21/presentation/hoang

[31]

Paul E. Hoffman. 2023. DNS Security Extensions (DNSSEC). RFC 9364. https://doi.org/10.17487/RFC9364

Digital Library

[32]

Paul E. Hoffman and Jakob Schlyter. 2012. The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA. RFC 6698. https://doi.org/10.17487/RFC6698

Digital Library

[33]

Rebekah Houser, Shuai Hao, Chase Cotton, and Haining Wang. 2022. A Comprehensive, Longitudinal Study of Government DNS Deployment at Global Scale. In 2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 193--204. https://doi.org/10.1109/DSN53405.2022.00030

[34]

Naotake Ishikura, Daishi Kondo, Vassilis Vassiliades, Iordan Iordanov, and Hideki Tode. 2021. DNS tunneling detection by cache-property-aware features. IEEE Transactions on Network and Service Management, Vol. 18, 2 (2021), 1203--1217.

[35]

Liz Izhikevich, Gautam Akiwate, Briana Berger, Spencer Drakontaidis, Anna Ascheman, Paul Pearce, David Adrian, and Zakir Durumeric. 2022. ZDNS: A Fast DNS Toolkit for Internet Measurement. In Proceedings of the 22nd ACM Internet Measurement Conference (Nice, France) (IMC '22). Association for Computing Machinery, New York, NY, USA, 33--43. https://doi.org/10.1145/3517745.3561434

Digital Library

[36]

Bahruz Jabiyev, Steven Sprecher, Kaan Onarlioglu, and Engin Kirda. 2021. T-Reqs: HTTP Request Smuggling with Differential Fuzzing. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (Virtual Event, Republic of Korea) (CCS '21). Association for Computing Machinery, New York, NY, USA, 1805--1820. https://doi.org/10.1145/3460120.3485384

Digital Library

[37]

Aqsa Kashaf, Vyas Sekar, and Yuvraj Agarwal. 2020. Analyzing Third Party Service Dependencies in Modern Web Services: Have We Learned from the Mirai-Dyn Incident?. In Proceedings of the ACM Internet Measurement Conference (Virtual Event, USA) (IMC '20). Association for Computing Machinery, New York, NY, USA, 634--647. https://doi.org/10.1145/3419394.3423664

Digital Library

[38]

Erin Kenneally and David Dittrich. 2012. The Menlo Report: Ethical principles guiding information and communication technology research. Available at SSRN 2445102 (2012).

[39]

Scott Kitterman. 2014. Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1. RFC 7208. https://doi.org/10.17487/RFC7208

Digital Library

[40]

Athanasios Kountouras, Panagiotis Kintis, Athanasios Avgetidis, Thomas Papastergiou, Charles Lever, Michalis Polychronakis, and Manos Antonakakis. 2021. Understanding the Growth and Security Considerations of ECS. In NDSS.

[41]

Athanasios Kountouras, Panagiotis Kintis, Chaz Lever, Yizheng Chen, Yacin Nadji, David Dagon, Manos Antonakakis, and Rodney Joffe. 2016. Enabling Network Security Through Active DNS Datasets. In Research in Attacks, Intrusions, and Defenses, Fabian Monrose, Marc Dacier, Gregory Blanc, and Joaquin Garcia-Alfaro (Eds.). Springer International Publishing, Cham, 188--208.

[42]

Murray Kucherawy, Dave Crocker, and Tony Hansen. 2011. DomainKeys Identified Mail (DKIM) Signatures. RFC 6376. https://doi.org/10.17487/RFC6376

Digital Library

[43]

Marc Kührer, Thomas Hupperich, Jonas Bushart, Christian Rossow, and Thorsten Holz. 2015. Going Wild: Large-Scale Classification of Open DNS Resolvers. In Proceedings of the 2015 Internet Measurement Conference (Tokyo, Japan) (IMC '15). Association for Computing Machinery, New York, NY, USA, 355--368. https://doi.org/10.1145/2815675.2815683

Digital Library

[44]

Xiang Li, Baojun Liu, Xiaofeng Zheng, Haixin Duan, Qi Li, and Youjun Huang. 2021. Fast IPv6 Network Periphery Discovery and Security Implications. In Proceedings of the 2021 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN '21). https://doi.org/10.1109/dsn48987.2021.00025

[45]

Zhenhua Li, Cheng Jin, Tianyin Xu, Christo Wilson, Yao Liu, Linsong Cheng, Yunhao Liu, Yafei Dai, and Zhi-Li Zhang. 2014. Towards Network-Level Efficiency for Cloud Storage Services. In Proceedings of the 2014 Conference on Internet Measurement Conference (Vancouver, BC, Canada) (IMC '14). Association for Computing Machinery, New York, NY, USA, 115--128. https://doi.org/10.1145/2663716.2663747

Digital Library

[46]

Daiping Liu, Shuai Hao, and Haining Wang. 2016. All Your DNS Records Point to Us: Understanding the Security Threats of Dangling DNS Records. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (Vienna, Austria) (CCS '16). Association for Computing Machinery, New York, NY, USA, 1414--1425. https://doi.org/10.1145/2976749.2978387

Digital Library

[47]

Daiping Liu, Zhou Li, Kun Du, Haining Wang, Baojun Liu, and Haixin Duan. 2017. Don't let one rotten apple spoil the whole barrel: Towards automated detection of shadowed domains. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. 537--552.

Digital Library

[48]

Célestin Matte, Nataliia Bielova, and Cristiana Santos. 2020. Do Cookie Banners Respect my Choice?: Measuring Legal Compliance of Banners from IAB Europe's Transparency and Consent Framework. In 2020 IEEE Symposium on Security and Privacy (SP). 791--809. https://doi.org/10.1109/SP40000.2020.00076

[49]

MaxMind. 2023. IP Geolocation and Online Fraud Prevention|MaxMind. https://www.maxmind.com/en/home.

[50]

Giovane C. M. Moura, Sebastian Castro, Wes Hardaker, Maarten Wullink, and Cristian Hesselman. 2020. Clouding up the Internet: How Centralized is DNS Traffic Becoming?. In Proceedings of the ACM Internet Measurement Conference (Virtual Event, USA) (IMC '20). Association for Computing Machinery, New York, NY, USA, 42--49. https://doi.org/10.1145/3419394.3423625

Digital Library

[51]

Namecheap. 2023. Namecheap: Buy a domain name - Register cheap domain. https://www.namecheap.com/.

[52]

Palo Alto Networks. 2023. Next-Generation Firewalls - Palo Alto Networks. https://www.paloaltonetworks.com/network-security/next-generation-firewall.

[53]

Arian Akhavan Niaki, Shinyoung Cho, Zachary Weinberg, Nguyen Phong Hoang, Abbas Razaghpanah, Nicolas Christin, and Phillipa Gill. 2020. ICLab: A Global, Longitudinal Internet Censorship Measurement Platform. In 2020 IEEE Symposium on Security and Privacy (SP). IEEE, 135--151.

[54]

Adam Oest, Yeganeh Safaei, Adam Doupé, Gail-Joon Ahn, Brad Wardman, and Kevin Tyers. 2019. Phishfarm: A scalable framework for measuring the effectiveness of evasion techniques against browser phishing blacklists. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE, 1344--1361.

[55]

OISF. 2023. Suricata-Home. https://suricata.io/.

[56]

Craig Partridge and Mark Allman. 2016. Ethical Considerations in Network Measurement Papers. Commun. ACM, Vol. 59, 10 (sep 2016), 58--64. https://doi.org/10.1145/2896816

Digital Library

[57]

Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Feamster, Nick Weaver, and Vern Paxson. 2017. Global Measurement of DNS Manipulation. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 307--323. https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/pearce

[58]

Pieter Arntz. 2022. The pitfalls of blocking IP addresses. https://www.malwarebytes.com/blog/news/2022/12/the-pitfalls-of-blocking-ip-addresses.

[59]

QAX. 2023. ALPHA Threat Intelligence Platform. https://ti.qianxin.com/.

[60]

Radware. 2023. Dark.IoT Botnet. https://www.radware.com/security/threat-advisories-and-attack-reports/dark-iot-botnet/.

[61]

Rob Shapland. 2022. How to defend against malicious IP addresses in the cloud. https://www.techtarget.com/searchsecurity/tip/How-to-defend-against-malicious-IP-addresses-in-the-cloud.

[62]

360 Security. 2023 a. 360 Threat Intelligence Platform. https://ti.360.net/.

[63]

360 Security. 2023 b. Ghost in action: the Specter botnet. https://blog.netlab.360.com/ghost-in-action-the-specter-botnet/.

[64]

Ram Sundara Raman, Prerana Shenoy, Katharina Kohls, and Roya Ensafi. 2020. Censored Planet: An Internet-Wide, Longitudinal Censorship Observatory. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (Virtual Event, USA) (CCS '20). Association for Computing Machinery, New York, NY, USA, 49--66. https://doi.org/10.1145/3372297.3417883

Digital Library

[65]

TechTerms. 2023. Trojan Horse Definition. https://techterms.com/definition/trojanhorse.

[66]

Tencent. 2023. Tencent Cloud. https://intl.cloud.tencent.com/?lang=en.

[67]

Junyu Zhou Tianze Ding. 2021. Domain Borrowing: Catch My C2 Traffic if You Can. https://www.blackhat.com/asia-21/briefings/schedule/index.html#domain-borrowing-catch-my-c-traffic-if-you-can-22314

[68]

Elisa Tsai, Deepak Kumar, Ram Sundara Raman, Gavin Li, Yael Eiger, and Roya Ensafi. 2023. CERTainty: Detecting DNS Manipulation at Scale using TLS Certificates. arXiv preprint arXiv:2305.08189 (2023).

[69]

Olivier Van Der Toorn, Roland van Rijswijk-Deij, Tobias Fiebig, Martina Lindorfer, and Anna Sperotto. 2020. TXTing 101: finding security issues in the long tail of DNS TXT records. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, 544--549.

[70]

VirusTotal. 2023. VirusTotal - How it work. https://support.virustotal.com/hc/en-us/articles/115002126889-How-it-works.

[71]

WordPress. 2023. WordPress.com: Build a Site, Sell Your Stuff, Start a Blog & More. https://wordpress.com/.

[72]

Penghui Zhang, Adam Oest, Haehyun Cho, Zhibo Sun, RC Johnson, Brad Wardman, Shaown Sarker, Alexandros Kapravelos, Tiffany Bao, Ruoyu Wang, et al. 2021. Crawlphish: Large-scale analysis of client-side cloaking techniques in phishing. In 2021 IEEE Symposium on Security and Privacy (SP). IEEE, 1109--1124.

Cited By

Xu WLi XLu CLiu BDuan HZhang JChen JWan TMeng WJensen CCremers CKirda E(2023)TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS AmplifiersProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616668(311-325)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616668
Zhang FLiu BAlowaisheq EChen JLu CSong LMa YLiu YDuan HYang MMeng WJensen CCremers CKirda E(2023)Silence is not Golden: Disrupting the Load Balancing of Authoritative DNS ServersProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616647(296-310)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616647

Index Terms

Wolf in Sheep's Clothing: Evaluating Security Risks of the Undelegated Record on DNS Hosting Services
1. Networks
  1. Network services
    1. Naming and addressing
2. Security and privacy
  1. Network security

Recommendations

DNS for Massive-Scale Command and Control

Attackers, in particular botnet controllers, use stealthy messaging systems to set up large-scale command and control. To systematically understand the potential capability of attackers, we investigate the feasibility of using domain name service (DNS) ...
Detecting mass-mailing worm infected hosts by mining DNS traffic data
MineNet '05: Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data

The Domain Name System (DNS) is a critical infrastructure in the Internet; thus, monitoring its traffic, and protecting DNS from malicious activities are important for security in cyberspace. However, it is often difficult to determine whether a DNS ...
DGA-based malware detection using DNS traffic analysis
RACS '19: Proceedings of the Conference on Research in Adaptive and Convergent Systems

A large number of malicious software communicate with C & C (Command and Control) servers to download resources for malicious actions or to receive commands to perform desired attacks. Malware needs to know C & C servers' IP addresses to communicate ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

IMC '23: Proceedings of the 2023 ACM on Internet Measurement Conference

October 2023

746 pages

ISBN:9798400703829

DOI:10.1145/3618257

General Chairs:
Marie-José Montpetit
McGill University, Canada
,
Aris Leivadeas
École de Technologie Supérieure, Canada
,
Program Chairs:
Steve Uhlig
Queen Mary University of London, United Kingdom
,
Mobin Javed
Lahore University of Management Sciences, Pakistan

Copyright © 2023 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 October 2023

Check for updates

Author Tags

Qualifiers

Short-paper

Funding Sources

National Natural Science Foundation of China
National Key R&D Program of China
Tsinghua University-China Telecom Corp., Ltd. Joint Research Center for Next Generation Internet Technology Research Fund
CCF-Tencent Rhino-Bird Young Faculty Open Research Fund
Alibaba Innovative Research Program (AIR)

Conference

IMC '23

Sponsor:

SIGCOMM

IMC '23: ACM Internet Measurement Conference

October 24 - 26, 2023

Montreal QC, Canada

Acceptance Rates

Overall Acceptance Rate 277 of 1,083 submissions, 26%

Upcoming Conference

IMC '24

Sponsor:
sigcomm
sigcomm

ACM Internet Measurement Conference

November 4 - 6, 2024

Madrid , AA , Spain

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
708
Total Downloads

Downloads (Last 12 months)708
Downloads (Last 6 weeks)125

Reflects downloads up to 05 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Xu WLi XLu CLiu BDuan HZhang JChen JWan TMeng WJensen CCremers CKirda E(2023)TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS AmplifiersProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616668(311-325)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616668
Zhang FLiu BAlowaisheq EChen JLu CSong LMa YLiu YDuan HYang MMeng WJensen CCremers CKirda E(2023)Silence is not Golden: Disrupting the Load Balancing of Authoritative DNS ServersProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616647(296-310)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616647

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents