On Thu, Feb 13, 2025 at 11:51 AM Dave Lawrence <[email protected]> wrote:
> Shumon Huque writes: > > Section 8, para 4: Is there a reference for the 'so-called Water > Torture > > attacks'? As a native English speaker, I know what that means, but > it > > isn't > > clear to me that others will understand. > > > > Let me see if I can find one. I did request a reference from the DNSOP > > colleague who originally suggested that we cite this attack - I don't > think he > > was able to find one. > > Personally I've never liked the "water torture" moniker, or its > alternative "slow drip" appellation, as they don't feel particularly > apt as a metaphor. I prefer the more descriptive "pseudorandom > subdomain attack". > Agreed. > That said, I believe it was first publicly described as Slow Drip / > Water Torture in a presentation by Kei Nishida at APRICOT 39 in 2015, > though the first observations of the resolver exhaustion technique > were made by Ziqian Liu in a presentation to DNS-OARC in 2009 (though > without calling out the random subdomain component, which maybe wasn't > in play at the time). > > Kei Nishida presentation: > > https://conference.apnic.net/data/39/dnswatertortureonqtnet_1425130417_1425507043.pptx > > https://www.slideshare.net/slideshow/dnswatertortureonqtnet-1425130417-1425507043/45445438 > > Ziquian Liu presentation: > https://www.dns-oarc.net/files/workshop-200911/Ziqian_Liu.pdf > > For an academic reference with a durable URL that describes it, Xi > Luo, et al, published "A Large Scale Analysis of DNS Water Torture > Attack " with the ACM in 2018, > https://dl.acm.org/doi/pdf/10.1145/3297156.3297272 > > Personally I think I'd reference the Kei Nishida work as the first > indication of the method for resolver resource exhaustion by using > random non-existent subdomains, but use the pseudorandom subdomain > attack term. > Thanks Tale! Your suggestion sounds good to me. Shumon.
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
