I am currently a visiting student at National University of Singapore, advised by Prof.Zhenkai Liang. I am a core member of the CTF team 0x401.
My research pursuits revolve around network security, with a primary focus on Content Delivery Network (CDN) security and protocol security. My current work aims to discover and solve the security risks posed by CDN forwarding request inconsistencies to build safer, better CDNs. My research results have received acknowledgements from well-known CDN vendors such as Cloudflare, Azure, Aliyun, Cachefly, Qiniu, and Upyun.
I am currently looking for a PhD position in 25 Fall.๐ฅ News
- 2024.03: ๐๐ Our paper โCDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacksโ was accepted by Usenix Security, Philadelphia, PA, 2024.
๐ Publications
- CDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacks
- Ziyu Lin, Zhiwei Lin, Ximeng Liu, Jianjun Chen, Run Guo, Cheng Chen, Shaodong Xiao
- The 33rd USENIX Security Symposium
- This paper is about exploiting CDN Back-to-Origin strategies to launch a new class of amplification attacks.
๐ Educations
- 2024.01 - Present, National University of Singapore, Visiting scholar
- 2020.09 - Present, Sichuan University, Undergraduate
๐ป Internships
- 2023.08 - 2023.10, QI-ANXIN Technology Company, Security Research Intern.
- 2023.03 - 2023.10, NISL at Tsinghua University, Research Intern.
๐ Honors and Awards
- 1st Prize, 2023 National College Student Information Security Contest (National Finals CTF)
- 1st Prize, 2023 National College Student Information Security Contest (Southwest Division CTF)
- 3rd Prize, 2022 โQiangwang Cupโ National Cyber Security Contest (National Online Finals)
- 3rd Prize, 2022 D^3CTF (International Finals)
๐ CVEs
- CVE-2023-51770
- CVE-2023-46227
- CVE-2023-41578
- CVE-2023-42268
- โฆ