I am currently a visiting student at National University of Singapore, advised by Prof.Zhenkai Liang. I am a core member of the CTF team 0x401.

My research pursuits revolve around network security, with a primary focus on Content Delivery Network (CDN) security and protocol security. My current work aims to discover and solve the security risks posed by CDN forwarding request inconsistencies to build safer, better CDNs. My research results have received acknowledgements from well-known CDN vendors such as Cloudflare, Azure, Aliyun, Cachefly, Qiniu, and Upyun.

I am currently looking for a PhD position in 25 Fall.

๐Ÿ”ฅ News

  • 2024.03: ๐ŸŽ‰๐ŸŽ‰ Our paper โ€œCDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacksโ€ was accepted by Usenix Security, Philadelphia, PA, 2024.

๐Ÿ“ Publications

  • CDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacks
    • Ziyu Lin, Zhiwei Lin, Ximeng Liu, Jianjun Chen, Run Guo, Cheng Chen, Shaodong Xiao
    • The 33rd USENIX Security Symposium
    • This paper is about exploiting CDN Back-to-Origin strategies to launch a new class of amplification attacks.

๐Ÿ“– Educations

  • 2024.01 - Present, National University of Singapore, Visiting scholar
  • 2020.09 - Present, Sichuan University, Undergraduate

๐Ÿ’ป Internships

  • 2023.08 - 2023.10, QI-ANXIN Technology Company, Security Research Intern.
  • 2023.03 - 2023.10, NISL at Tsinghua University, Research Intern.

๐ŸŽ– Honors and Awards

  • 1st Prize, 2023 National College Student Information Security Contest (National Finals CTF)
  • 1st Prize, 2023 National College Student Information Security Contest (Southwest Division CTF)
  • 3rd Prize, 2022 โ€œQiangwang Cupโ€ National Cyber Security Contest (National Online Finals)
  • 3rd Prize, 2022 D^3CTF (International Finals)

๐Ÿ“š CVEs

  • CVE-2023-51770
  • CVE-2023-46227
  • CVE-2023-41578
  • CVE-2023-42268
  • โ€ฆ