Contents
Domain name compromisえ ドメイン名侵害はハイジャックよりましだ。
1. Techniques
DNS-Abuse-Techniques-Matrix_v1.1.pdf https://www.first.org/global/sigs/dns/DNS-Abuse-Techniques-Matrix_v1.1.pdf
2. 21 項目
この分け方でいいのか。(項目の意味するところがおかしいものもある。)
1. DGAs (Domain Generation Algorithms) – https://attack.mitre.org/techniques/T1568/002/ 2. Domain name compromise – The wrongfully taking control of a domain name from the 3. Lame delegations – Lame delegations occur as a result of expired nameserver domains 4. DNS cache poisoning – also known as DNS spoofing, is a type of cyber attack in which 5. DNS rebinding – a type of attack where a malicious website directs a client to a local 6. DNS server compromise – Attacker gains administrative privileges on an open recursive 7. Stub resolver hijacking – The attacker compromises the Operating System of a 8. Local recursive resolver hijacking – Consumer Premise Equipment (CPE), such as home 9. On-path DNS attack – “Attackers intercept communication between a user and a DNS 10. DoS against the DNS – Multiple systems sending malicious traffic to a target at the same 11. DNS as a vector for DoS – "Adversaries may attempt to cause a denial of service by 12. Dynamic DNS resolution (as obfuscation technique) – Adversaries may dynamically 13. Dynamic DNS resolution: Fast flux (as obfuscation technique) – “Adversaries may use 14. Infiltration and exfiltration via the DNS – Exfiltration via the DNS requires a delegated 15. Malicious registration of (effective) second level domains – For example, before 16. Creation of malicious subdomains under dynamic DNS providers – Before attacking a 17. Compromise of a non-DNS server to conduct abuse – Internet attack infrastructure is a 18. Spoofing or otherwise using unregistered domain names – In a context where a domain 19. Spoofing of a registered domain – In a context where a domain name is expected (such 20. DNS tunneling - tunneling another protocol over DNS – The DNS protocol serves an 21. DNS beacons - C2 communication – Successive or periodic DNS queries to a command