Evicttechnique

D3-ANCIAuthentication Cache Invalidation

Authentication Cache Invalidation

Definition

Removing tokens or credentials from an authentication cache to prevent further user associated account accesses.

Defends against19

TypeTargetConfidenceTier
SubTechniqueCreate Process with Tokent1134.002100%live
SubTechniqueNTDSt1003.003100%live
TechniqueSteal Web Session Cookiet1539100%live
SubTechniquePassword Sprayingt1110.003100%live
SubTechniqueMake and Impersonate Tokent1134.003100%live
SubTechniquePassword Guessingt1110.001100%live
SubTechniquePassword Crackingt1110.002100%live
SubTechniqueWeb Cookiest1606.001100%live
SubTechniqueCached Domain Credentialst1003.005100%live
SubTechniqueToken Impersonation/Theftt1134.001100%live
SubTechniqueGolden Tickett1558.001100%live
TechniqueForge Web Credentialst1606100%live
SubTechniqueApplication Access Tokent1550.001100%live
SubTechnique/etc/passwd and /etc/shadowt1003.008100%live
TechniqueSteal Application Access Tokent1528100%live
SubTechniqueAdditional Cloud Credentialst1098.001100%live
TechniqueSteal or Forge Kerberos Ticketst1558100%live
SubTechniqueWeb Session Cookiet1550.004100%live
TechniqueUnsecured Credentialst1552100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Defence
Credential Revocation
Defence
Session Termination
Defence
Credential Rotation
Defence
DNS Cache Eviction
Defence
Credential Scrubbing
Defence
Token-based Authentication
Sourced from MITRE D3FEND ontology. Curated by Adam Lundqvist, SQUR.