Possible hierarchies

1 Layers

1.1 Threats that leverage the DNS

1.2 Threats against the underlying infrastructure

1.3 Temporal

1.3.1 Attacks on the protocol layer below the DNS

2 Targets

2.1 Registry

2.2 Registry back-end providers

2.3 Registrar

2.4 Registrant

2.5 End users

2.6 Infrastructure providers

3 Perspective

3.1 RFC - 3833 -- user, app, OS, ISP, DNS, registrar, registrant, registry -- threat analysis to the domain name system

3.2 Picture

3.2.1

3.3 Registrant <--> Registrar) Compromised credentials (Phishing, Key logger, social engineering, a.o.)

3.4 Registrar <--> Regisrty) Compromised credentials, DDOS

3.5 Registry <--> DNS) DDOS

3.6 DNS <--> End user) Spoofing, poisoning

3.7 ALL) MIM (Man in the middle)

4 SSAC

4.1 Operational matters

4.1.1 matters pertaining to the correct and reliable operation of the root name system

4.2 Administrative matters

4.2.1 matters pertaining to address allocation and Internet number assignment

4.3 Registration matters

4.3.1 matters pertaining to registry and registrar services

5 Direct vs indirect

6 Needs to border DNS

6.1 so the several recent papers by eff, zhang and others on isp monitizing synthetic return/content modification

6.2 No single authoritative DNS (eg alternate root-servers) , lack of DNS response integrity

6.3 alternate root, strings appearing in other configurations not supported in the global root

6.4 Possible extensions of carrier-grade NAT