Romanian Cyber Security Journal / Spring 2026, No. 1, Vol. 8

Systemic Analysis of Internet Domain Vulnerabilities and Multi Layered Mitigation Strategies

Mihail DUMITRACHE, Ionut SANDU, Carmen ROTUNĂ, Monica TODERAȘCU

---

Abstract

Internet domain names constitute a critical component of global digital infrastructure, supporting resource identification and trust establishment across environments. Their security is therefore essential to the resilience and reliability of digital systems nowadays. This paper analyses the main vulnerabilities affecting Internet domains within 2022-2025 timeframe, with a focus on developments and assesses their implications for future defensive strategies. The findings indicate a shift from protocol based attacks toward exploitation of administrative control ecosystems, lifecycle management failures and domain trust mechanism issues. Identified vulnerabilities affect domain owners, registrars, registries and all internet ecosystem. These include DNS records, denial-of-service, cache poisoning, homograph attacks, certificate misissuance DNS-based amplification attacks and DNSSEC-related. This research paper integrates academic research with institutional and operational sources, including ICANN, RIPE NCC and national CERT reporting. It highlights the systemic nature of domain name security, driven by governance gaps, inconsistent enforcement and increasing attacker automation. In response, a multi-layered mitigation framework is proposed, emphasizing lifecycle governance, controlplane security, resolver resilience, identity protection and availability engineering. The results suggest that effective domain security in 2026 requires continuous monitoring, automated detection and coordinated ecosystem-level governance to ensure the trustworthiness of domain-based digital identity.

Keywords

Mitigation, Domain name, Defense resilience, Security, vulnerabilities, DNS, Incident, Threat