Difference between revisions of "Statistical Analysis of DNS Abuse in gTLDs Final Report"
Jump to navigation
Jump to search
m (added Category:Featured using HotCat) |
|||
| (6 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | This 08/25/2017 report focuses on measuring rates of common forms of abusive activities in the [[Domain Name System]] (DNS).<ref>[https://www.icann.org/en/system/files/files/sadag-final-09aug17-en.pdf DNS Abuse Final Report 2017]</ref> The study examined malicious behavior in the global DNS and compared abuse rates in new and legacy [[gTLD]]s. | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | It was commissioned by the Competition, Consumer Trust, and Consumer Choice Review Team with the support of ICANN. | + | It was commissioned by the Competition, Consumer Trust, and Consumer Choice Review Team with the support of ICANN. [[Maciej Korczy]], [[Maarten Wullink]], [[Samaneh Tajalizadehkhoob]], [[Giovane Moura]], and [[Cristian Hesselman]] authored the study. |
| − | == Results == | + | ==Results== |
| − | + | === Overview === | |
| − | The study combines data sets from many sources, including zone files, domain WHOIS information, data obtained through our active measurements, and 11 reputable blacklists representing malware, phishing, and spam. | + | The study combines data sets from many sources, including zone files, domain WHOIS information, data obtained through our active measurements, and 11 reputable blacklists representing malware, phishing, and spam. The results of the study indicate that abuse counts primarily correlate with stricter registration policies and that the introduction of gTLDs has lowered span counts in legacy gTLDs. |
| − | + | === Main contributions: === | |
| − | |||
| − | |||
* A comprehensive descriptive statistical comparison of rates of DNS abuse in new and legacy gTLDs as they pertain to spam, phishing, and malware distribution. | * A comprehensive descriptive statistical comparison of rates of DNS abuse in new and legacy gTLDs as they pertain to spam, phishing, and malware distribution. | ||
| − | * Using regression | + | * Using regression modeling, the performance of inferential statistical analysis testing the correlation between passively and actively measured properties of new gTLDs as predictors of rates of abuse. |
* Analyzing proportions of abusive domains across other relevant to abusive practices players, i.e. registrars and privacy/proxy service providers. | * Analyzing proportions of abusive domains across other relevant to abusive practices players, i.e. registrars and privacy/proxy service providers. | ||
| + | |||
| + | ==References== | ||
| + | |||
| + | [[Category:Reports]] | ||
| + | [[Category:Featured]] | ||
Latest revision as of 16:05, 25 March 2022
This 08/25/2017 report focuses on measuring rates of common forms of abusive activities in the Domain Name System (DNS).[1] The study examined malicious behavior in the global DNS and compared abuse rates in new and legacy gTLDs.
It was commissioned by the Competition, Consumer Trust, and Consumer Choice Review Team with the support of ICANN. Maciej Korczy, Maarten Wullink, Samaneh Tajalizadehkhoob, Giovane Moura, and Cristian Hesselman authored the study.
Results
Overview
The study combines data sets from many sources, including zone files, domain WHOIS information, data obtained through our active measurements, and 11 reputable blacklists representing malware, phishing, and spam. The results of the study indicate that abuse counts primarily correlate with stricter registration policies and that the introduction of gTLDs has lowered span counts in legacy gTLDs.
Main contributions:
- A comprehensive descriptive statistical comparison of rates of DNS abuse in new and legacy gTLDs as they pertain to spam, phishing, and malware distribution.
- Using regression modeling, the performance of inferential statistical analysis testing the correlation between passively and actively measured properties of new gTLDs as predictors of rates of abuse.
- Analyzing proportions of abusive domains across other relevant to abusive practices players, i.e. registrars and privacy/proxy service providers.