An empirical study: automated subdomain takeover threat detection

Y. Wang, Z. Li, T. Wu, I. Duncan, Q. Lyu

Research output: Contribution to conferencePaperpeer-review


Due to the development of E-commerce, phishing attacks are one of the major current cyber threats. Phishing attacks have become increasingly sophisticated and have exploited both individuals and organizations. For the enterprise, a successful duplicate phishing website may affect an organizations reputation or be the basis of a subdomain takeover attack. This latter attack can completely escape the detection of an SSL certificate and have a direct impact on the enterprise. A successful subdomain takeover attack has a higher threat level as a controllable subdomain owns the same SSL certificate with its parent website, and yet it does not require an advanced technical skill to exploit. In this paper, two techniques have been presented as potential solutions. One is a query approach based on machine learning for querying existing subdomains and the second is an auto-detection system to identify the potentially risky subdomains.
Original languageEnglish
Number of pages10
Publication statusE-pub ahead of print - 12 Jul 2021


  • Phishing
  • Subdomain Enumeration Tools
  • Subdomain Takeover Attack
  • Subdomain Takeover Detection


Dive into the research topics of 'An empirical study: automated subdomain takeover threat detection'. Together they form a unique fingerprint.

Cite this