The NetBeacon Institute (formerly the DNS Abuse Institute) was created by the Public Interest Registry (PIR), the registry operator for the .ORG top-level domain, to develop initiatives to generate recommended practices, foster collaboration, and find industry-shared solutions to combat malware, botnets, phishing, pharming, and related spam.[1] Its mission is focused on helping simplify and enhance DNS Abuse reporting while helping the Internet community better understand, measure, and, ultimately, mitigate abuse across the DNS. To make it happen, the Institute provides free resources and tools, establishes best practices, funds DNS research, and shares data in an effort to create a safer Internet for all.[2]

As DNS Abuse Institute edit

The Institute was founded in 2021 in furtherance of PIR’s nonprofit mission, as they believe that while progress on DNS Abuse has been made across the industry, not all registries and registrars have access to the same level of resources to combat DNS Abuse. Given this gap and a more general need for innovation, education, and collaboration on DNS Abuse across its many stakeholders, PIR founded the DNS Abuse Institute. The Institute is fully funded and supported by PIR. However, the work of the Institute is outwardly focused and there is functional separation between the Institute and PIR which ensures the Institute is empowered to make independent decisions, and plays no role in addressing abuse issues in .ORG, or any other PIR TLD.[1]

As NetBeacon Institute edit

The Institute was renamed on May 6, 2024 to NetBeacon Institute. According to the official website, this renaming reflects the Institute’s continued vision and commitment to provide innovative solutions in the fight against DNS Abuse. Some of the Institute program's names also had their names changed. [3]

Programs edit

NetBeacon Reporter edit

Main article: NetBeacon Reporter

Initially launched in June 2022, NetBeacon Reporter is a free tool that simplifies DNS Abuse reporting for individuals and organizations and provides domain registrars with the information and tools they need to act confidently.[4] That way, NetBeacon Reporter empoweres individuals and organizations to report suspected DNS Abuse and also empowers registrars and registries with higher fidelity abuse reports to act upon. CleanDNS, an anti-abuse solution provider which has continuosly collaborated with the Institute, donated the development and technology behind the program. NetBeacon Reporter has rapidly grown since its launch, from handling hundreds of abuse reports in its first year to tens of thousands in its second. [3]

NetBeacon MAP edit

NetBeacon Measurement and Analytics Platform (MAP), initially launched in September, 2022 as DNSAI: Compass, is the Institute’s initiative to measure phishing and malware. The most recent offerings were developed following hundreds of one-to-one meetings and collaborative discussions with registries and registrars:

  • Specific Reporting: The NetBeacon MAP: Monthly Analysis report identifies registrars and Top Level Domains with the highest and lowest levels of malicious abuse concentrations in their zones.
  • Dashboards for registries and registrars: NetBeacon MAP: Dashboards provide an academically rigorous free benchmarking metric to compare over time and between industry peers. The dashboards display how much phishing and malware is concentrated in the zones the registries and registrars manage, how much was mitigated, and how quickly. They also provide details on whether the domain was maliciously registered, or related to an issue of a compromised website—an essential piece of information to inform whether mitigation action at the DNS level is appropriate. Combatting DNS Abuse requires many stakeholders. NetBeacon MAP: Dashboards help operators optimize efforts to communicate progress and improve collaboration internally and externally to better combat threats.[3]

Leadership edit

The Institure is driven by Graeme Bunton and Rowena Schoo. The Advisory Council counts with expert representation from interested stakeholders related to DNS Abuse, such as gTLD registries, ccTLD registries, registrars, security researchers, and academics on issues related to DNS Abuse. Current Advisory Council members include:

References edit