DNS Logging: DNS Manipulation Intent

[shivaccuknox]

An adversary can piggyback user data within DNS requests, so that the DNS server retrieves the user data for further processing.

The detection technique involves logging the DNS requests

The adapter used is KubeArmor, and the API logging work [https://github.com/5GSEC/nimbus/issues/112] item tracks the adapter/security engine work

This detection technique is not part of the MITRE FiGHT