Taxonomy and adversarial strategies of random subdomain attacks

None, None; None, None

Taxonomy and adversarial strategies of random subdomain attacks

Conference Paper (2019)

Author(s)

Harm Griffioen (TU Delft - Cyber Security)

C. Dörr (TU Delft - Cyber Security)

Research Group

Cyber Security

DOI related publication

https://doi.org/10.1109/NTMS.2019.8763820

DNS DDoS Cyber threat intelligence Random subdomain attack

To reference this document use:

https://resolver.tudelft.nl/uuid:34fbcfbb-98e9-4d8a-9764-76028e431ca1

More Info

expand_more

Publication Year

2019

Language

English

Research Group

Cyber Security

Pages (from-to)

1-5

ISBN (print)

978-1-7281-1543-6

ISBN (electronic)

978-1-7281-1542-9

Abstract

Ever since the introduction of the domain name system (DNS), attacks on the DNS ecosystem have been a steady companion. Over time, targets and techniques have shifted, and in the recent past a new type of attack on the DNS has emerged. In this paper we report on the DNS random subdomain attack, querying floods of non-existent subdomains, intended to cause a denial-of-service on DNS servers. Based on five major attacks in 2018 obtained through backscatter measurements in a large network telescope, we show the techniques pursued by adversaries, and develop a taxonomy of strategies of this attack.

No files available

Metadata only record. There are no files for this record.