Taxonomy and adversarial strategies of random subdomain attacks

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

Abstract

Ever since the introduction of the domain name system (DNS), attacks on the DNS ecosystem have been a steady companion. Over time, targets and techniques have shifted, and in the recent past a new type of attack on the DNS has emerged. In this paper we report on the DNS random subdomain attack, querying floods of non-existent subdomains, intended to cause a denial-of-service on DNS servers. Based on five major attacks in 2018 obtained through backscatter measurements in a large network telescope, we show the techniques pursued by adversaries, and develop a taxonomy of strategies of this attack.

Original languageEnglish
Title of host publication2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)
Subtitle of host publicationProceedings
Place of PublicationPiscataway
PublisherIEEE
Pages1-5
Number of pages5
ISBN (Electronic)978-1-7281-1542-9
ISBN (Print)978-1-7281-1543-6
DOIs
Publication statusPublished - 2019
Event10th IFIP International Conference on New Technologies, Mobility and Security, NTMS 2019 - Canary Islands, Spain
Duration: 24 Jun 201926 Jun 2019

Conference

Conference10th IFIP International Conference on New Technologies, Mobility and Security, NTMS 2019
CountrySpain
CityCanary Islands
Period24/06/1926/06/19

Keywords

  • Cyber threat intelligence
  • DDoS
  • DNS
  • Random subdomain attack

Fingerprint Dive into the research topics of 'Taxonomy and adversarial strategies of random subdomain attacks'. Together they form a unique fingerprint.

  • Cite this

    Griffioen, H., & Doerr, C. (2019). Taxonomy and adversarial strategies of random subdomain attacks. In 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS): Proceedings (pp. 1-5). [8763820] IEEE. https://doi.org/10.1109/NTMS.2019.8763820