DNS Blocking: A Viable Strategy in Malware Defense

Abstract

During the wars in Iraq and Afghanistan, insurgents use of improvised explosive devices (IEDs) proliferated. The United States ramped up its development of counter-IED equipment to improve standoff detection of explosives and explosive precursor components and to defeat IEDs themselves as part of a broader defense capability. One effective strategy was jamming or interrupting radio frequency (RF) communications to counter radio-controlled IEDs (RCIEDs). This approach disrupts critical parts of RF communications, making the RCIEDs communication to activate ineffective, saving both warfighter and civilian lives and property. For some time now, the cyber world has also been under attack by a diffuse set of enemies who improvise their own tools in many different varieties and hide them where they can do much damage. This analogy has its limitations; however, here I want to explore the idea of disrupting communications from malicious code such as ransomware that is used to lock up your digital assets or data-exfiltration software that is used to steal your digital data.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2017
Accession Number
AD1086810

Entities

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Counter IED
  • Cyber

DTIC Thesaurus Topics

  • Best Practices
  • Computer Network Security
  • Cyber Threats
  • Cyberattacks
  • Cybersecurity
  • Data Exfiltration
  • Detection
  • Digital Communications
  • Electronic Countermeasures
  • Engineering
  • Explosive Devices
  • Explosives
  • Governments
  • Improvised Explosive Devices
  • Materials
  • Radio Frequency
  • Software Development

Readers

  • Cybersecurity.
  • Munitions and Ordnance Engineering
  • Oncology

Technology Areas

  • Cyber
  • Cyber - Quantum