This page is available in

ICANN Acronyms and Terms

ICANN has hundreds of acronyms and terms, which can be confusing. We created this multilingual tool to help explain what these terms mean and facilitate your work within the ICANN community. Search for terms by name or acronym using the search bar, or search by letter. All acronyms and terms are available in Arabic, Chinese, French, Russian, and Spanish.

Do you have feedback on the definitions or the terms? Send us an email to: acronymsandterms@icann.org

F

  • fast flux

    A technique that attackers use to make it difficult for investigators to identify the devices that the attackers use to conduct a cyberattack.

    With fast flux, attackers take advantage of the time-to-live (TTL) value associated with Domain Name System resource records. First, the attackers host proxy websites at multiple Internet Protocol (IP) addresses. Then, they use short TTL values in the zone data for their domain name, so they can quickly change its IP address. The continuously changing IP address effectively thwarts investigative efforts to locate the attacker's malicious content.

    Attackers also use the fast-flux technique to quickly change the IP addresses of their criminal name servers. When attackers apply fast flux to their fraudulent websites and their criminal name servers in tandem, the technique is called double flux.