John Kristoff scite author profile

John Kristoff

5Publications

32Citation Statements Received

68Citation Statements Given

How they've been cited

How they cite others

Affiliations

University of Illinois at Chicago, Schön Klinik Neustadt, DePaul University

Publications

Order By: Most citations

Tales of Favicons and Caches: Persistent Tracking in Modern Browsers

Σολωμός¹,

Kristoff²,

Kanich³

et al. 2021

View full text Add to dashboard Cite

Statement from the NDSS 2021 Program Committee: NDSS is devoted to ethical principles and encourages the research community to ensure its work protects the privacy, security, and safety of users and others involved. While the NDSS 2021 PC appreciated the technical contributions of this paper, it was the subject of a debate in our community regarding the responsible disclosure of vulnerabilities for the Firefox web browser. The PC examined and discussed the ethics concerns raised and the authors' response. Although no harm came to users, the authors' oversight could have made a non-vulnerable browser vulnerable to the attack proposed in the paper. The PC does not believe the authors acted in bad faith. Nevertheless, we decided to add this note as well as the authors' response (in an Appendix) to the paper because the NDSS PC takes both the ethics of responsible disclosure and fairness towards the authors seriously. It is the PC's view that researchers must not engage in disclosure practices that subject users to an appreciable risk of substantial harm. NDSS will work with other conferences to further improve the transparency of vulnerability disclosure to reduce such errors in the future.

show abstract

Visualizing DNS traffic

Pin¹,

Kristoff

Gooch

2006

View full text Add to dashboard Cite

This paper proposes a visualization approach to address Domain Name System (DNS) security challenges, such as distributed denial of service (DDoS) and cache poisoning attacks.We present Flying Term, a new perceptually motivated visual metaphor for visualizing the dynamic nature of DNS queries. The addition of visual metaphors such as Stacking Graphs, Two Tone Pseudo Color, and Chernoff Face Glyph within the same application framework provide enhanced monitoring capability and situational awareness for visualizing DNS queries. We demonstrate our visualization's capability to help administrators identify and understand DNS querying behavior due to anomalies such as misconfiguration and security events with DNS query data acquired from a diverse set of caching servers on the Internet.

show abstract

On Measuring RPKI Relying Parties

Kristoff

Bush

Kanich

et al. 2020

View full text Add to dashboard Cite

DNS Transport over TCP - Operational Requirements

Wessels¹,

Kristoff²

2022

View full text Add to dashboard Cite

On the Potential Abuse of IGMP

Sargent¹,

Kristoff

Paxson

et al. 2017

SIGCOMM Comput. Commun. Rev.

View full text Add to dashboard Cite

In this paper we investigate the vulnerability of the Internet Group Management Protocol (IGMP) to be leveraged for denial-of-service (DoS) attacks. IGMP is a connectionless protocol and therefore susceptible to attackers spoofing a third-party victim's source address in an effort to coax responders to send their replies to the victim. We find 305K IGMP responders that will indeed answer queries from arbitrary Internet hosts. Further, the responses are often larger than the requests, hence amplifying the attacker's own expenditure of bandwidth. We conclude that attackers can coordinate IGMP responders to mount sizeable DoS attacks.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

John Kristoff

Tales of Favicons and Caches: Persistent Tracking in Modern Browsers

Visualizing DNS traffic

On Measuring RPKI Relying Parties

DNS Transport over TCP - Operational Requirements

On the Potential Abuse of IGMP

Contact Info

Product

Resources

About