Domain Abuse Activity Reporting: Difference between revisions

(5 intermediate revisions by one other user not shown)

Line 1:

'''Domain Abuse Activity Reporting (DAAR)''' is a system for studying and reporting on domain name registration and [[DNS Abuse]]. The aim of the DAAR project is to develop a methodology for analyzing security threats to inform ICANN policy decisions.<ref>[https://www.icann.org/octo-ssr/daar DAAR, OCTO, ICANN]</ref>

'''Domain Abuse Activity Reporting (DAAR)''' is a system for studying and reporting on domain name registration and [[DNS Abuse]]. The aim of the DAAR project is to develop a methodology for analyzing security threats to inform [[ICANN]] policy decisions.<ref>[https://www.icann.org/octo-ssr/daar DAAR, OCTO, ICANN]</ref>

==Process==

DAAR collects [[TLD]] zone data and complements them with third-party [[RBL|Reputation Block List]]s based on crowdsourcing, spam filters, and ~~honeypots~~ that have identified [[Phishing]], [[Malware]], [[Spam]], and [[Botnet Attacks]]. The [[iThreat Cyber Group]] (ICG) collects and reports to DAAR three data sets.<ref>[https://www.icann.org/en/system/files/files/daar-monthly-report-04feb19-en.pdf Understanding the DAAR Monthly Report]</ref>

DAAR collects [[TLD]] zone data and complements them with third-party [[RBL|Reputation Block List]]s based on crowdsourcing, spam filters, and [[Honeypot]]s that have identified [[Phishing]], [[Malware]], [[Spam]], and [[Botnet Attacks]]. The [[iThreat Cyber Group]] (ICG) collects and reports to DAAR three data sets.<ref>[https://www.icann.org/en/system/files/files/daar-monthly-report-04feb19-en.pdf Understanding the DAAR Monthly Report]</ref>

===Zone Data===

Line 15:

# [[PhishTank]]

# [[Malware Patrol]]

# [[Abuse.ch]]

# [https://abuse.ch Abuse.ch]

# [https://urlabuse.com URLAbuse]

==Reporting==

===For gTLDs===

DAAR data are currently released to registries via ICANN's [https://www.icann.org/news/multimedia/2801 Service Level Agreement Monitoring] ([[SLAM]]) system and shared in [https://www.icann.org/octo-ssr/daar monthly reports] with a median aggregate, aggregated statistics, and time-series analyses.

===For ccTLDs===

In January 2021, DAAR began providing personalized monthly reports for [[ccTLD]]s.<ref>[https://www.icann.org/en/blogs/details/daar-activity-project-now-providing-personalized-monthly-reports-for-cctlds-20-1-2021-en DAAR Reports for ccTLDs begins, ICANN Blog]</ref>

==Critiques==

Line 29:

Line 33:

==References==

[[Category:ICANN Tools]]

[[Category:DNS Abuse Responses]]

@@ Line 1: / Line 1: @@
-'''Domain Abuse Activity Reporting (DAAR)''' is a system for studying and reporting on domain name registration and [[DNS Abuse]]. The aim of the DAAR project is to develop a methodology for analyzing security threats to inform ICANN policy decisions.<ref>[https://www.icann.org/octo-ssr/daar DAAR, OCTO, ICANN]</ref>
+'''Domain Abuse Activity Reporting (DAAR)''' is a system for studying and reporting on domain name registration and [[DNS Abuse]]. The aim of the DAAR project is to develop a methodology for analyzing security threats to inform [[ICANN]] policy decisions.<ref>[https://www.icann.org/octo-ssr/daar DAAR, OCTO, ICANN]</ref>
 ==Process==
-DAAR collects [[TLD]] zone data and complements them with third-party [[RBL|Reputation Block List]]s based on crowdsourcing, spam filters, and honeypots that have identified [[Phishing]], [[Malware]], [[Spam]], and [[Botnet Attacks]]. The [[iThreat Cyber Group]] (ICG) collects and reports to DAAR three data sets.<ref>[https://www.icann.org/en/system/files/files/daar-monthly-report-04feb19-en.pdf Understanding the DAAR Monthly Report]</ref>
+DAAR collects [[TLD]] zone data and complements them with third-party [[RBL|Reputation Block List]]s based on crowdsourcing, spam filters, and [[Honeypot]]s that have identified [[Phishing]], [[Malware]], [[Spam]], and [[Botnet Attacks]]. The [[iThreat Cyber Group]] (ICG) collects and reports to DAAR three data sets.<ref>[https://www.icann.org/en/system/files/files/daar-monthly-report-04feb19-en.pdf Understanding the DAAR Monthly Report]</ref>
 ===Zone Data===
@@ Line 15: / Line 15: @@
 # [[PhishTank]]
 # [[Malware Patrol]]
-# [[Abuse.ch]]
+# [https://abuse.ch Abuse.ch]
+# [https://urlabuse.com URLAbuse]
 ==Reporting==
+===For gTLDs===
 DAAR data are currently released to registries via ICANN's [https://www.icann.org/news/multimedia/2801 Service Level Agreement Monitoring] ([[SLAM]]) system and shared in [https://www.icann.org/octo-ssr/daar monthly reports] with a median aggregate, aggregated statistics, and time-series analyses.
+===For ccTLDs===
+In January 2021, DAAR began providing personalized monthly reports for [[ccTLD]]s.<ref>[https://www.icann.org/en/blogs/details/daar-activity-project-now-providing-personalized-monthly-reports-for-cctlds-20-1-2021-en DAAR Reports for ccTLDs begins, ICANN Blog]</ref>
 ==Critiques==
@@ Line 29: / Line 33: @@
 ==References==
+[[Category:ICANN Tools]]
+[[Category:DNS Abuse Responses]]