Return to search

A Novel Framework For Detecting Subdomain State Against Takeover Attacks

The Domain Name System (DNS) oversees the internet's architecture, providing pointers to both internal and external services. Consequently, enterprises increase their attack surface while simultaneously increasing their exposure to potential cyber threats. Subdomain takeovers happen when a subdomain leads to a website that no longer exists. As a result, the subdomain will be in control of an attacker. A compromised subdomain may be the access point to many attacks like information threats, phishing attacks, infrastructure intrusion and many more. Subdomain takeover attacks are one of the overlooked attack surfaces related to cyber security. This thesis aims to investigate the subdomain takeover attacks, how the attacks happen, the attack methodology by an attacker and drawbacks in the current strategies and tools, which are countermeasures for subdomain takeover attacks. The research focuses on resolving an intrusion from happening within the perspective of an enterprise standpoint. A new custom framework which resolves the subdomain takeover attacks was developed. A comparative study of the newly developed framework and the existing open-source tools and their response to an attack scenario too is made. Also, a comparison of the leading cloud platforms was conducted and their existing security features and mitigation measures for similar attacks and threats.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:hh-47147
Date January 2022
CreatorsJayaprakash, Rigved, Kalariyil Venugopal, Vishnu
PublisherHögskolan i Halmstad, Akademin för informationsteknologi
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0016 seconds