• Documents
  • Authors
  • Tables
  • Other Seers ▼
    RefSeer AckSeer CollabSeer SeerSeer
  • Log in
  • Sign up
  • MetaCart

CiteSeerX logo

Advanced Search Include Citations
Advanced Search Include Citations | Disambiguate

On the Effects of Registrar-level Intervention

Cached

  • Download as a PDF

Download Links

  • [www-cse.ucsd.edu]
  • [cseweb.ucsd.edu]
  • [www.cse.ucsd.edu]
  • [www-cse.ucsd.edu]
  • [cseweb.ucsd.edu]
  • [www.cs.ucsd.edu]
  • [www.cs.ucsd.edu]
  • [www.cs.ucsd.edu]
  • [cseweb.ucsd.edu]
  • [www.cse.ucsd.edu]
  • [www.cs.ucsd.edu]

  • Save to List
  • Add to Collection
  • Correct Errors
  • Monitor Changes
by Gregor Maier , Geoffrey M. Voelker , Stefan Savage
  • Summary
  • Active Bibliography
  • Co-citation
  • Clustered Documents
  • Version History

BibTeX

@MISC{Maier_onthe,
    author = {Gregor Maier and Geoffrey M. Voelker and Stefan Savage},
    title = {On the Effects of Registrar-level Intervention},
    year = {}
}

Bookmark

citeulike Connotea Bibsonomy Del.icio.us Digg Reddit

OpenURL

 

Abstract

Virtually all Internet scams make use of domain name resolution as a critical part of their execution (e.g., resolving a spam-advertised URL to its Web site). Consequently, defenders have initiated a range of efforts to intervene within the DNS ecosystem to block such activity (e.g., by blacklisting “known bad ” domain names at the client). Recently, there has been a push for domain registrars to take a more active role in this conflict, and it is this class of intervention that is the focus of our work. In particular, this paper characterizes the impact of two recent efforts to counter scammers ’ use of domain registration: CNNIC’s blanket policy changes for the.cn ccTLD made in late 2009 and the late 2010 agreement between eNom and LegitScript to reactively take down “rogue” Internet pharmacy domains. Using a combination of historic WHOIS data and co-temporal spam feeds, we measure the impact of these interventions on both the registration and use of spam-advertised domains. We use these examples to illustrate the key challenges in making registrar-level intervention an effective tool. 1

Citations

46 Examining the impact of website take-down on phishing - Moore, Clayton - 2007
29 Beyond Blacklists: Learning to Detect Malicious Web Sites from Suspicious URLs.” http://www.cs. berkeley.edu/ ∼jtma/papers/beyondbl-kdd2009.pdf. [5] Symantec. ”Internet Security Threat Report, Volume 17.” http://www.symantec.com/threatreport - Ma, Saul, et al.
16 Spamcraft: An Inside Look At Spam Campaign Orchestration - Kreibich, Kanich, et al. - 2009
15 Click Trajectories: End-toEnd Analysis of the Spam Value Chain - Levchenko, Chachra, et al. - 2011
14 On the effectiveness of techniques to detect phishing sites - Ludl, McAllister, et al. - 2009
12 An empirical analysis of phishing blacklists - Sheng, Wardman, et al.
11 Shades of grey: On the effectiveness of reputation-based blacklists - Sinha, Bailey, et al. - 2008
8 WHOIS Protocol Specification - Daigle - 2004
8 The Impact of Incentives on Notice and Take-down - Moore, Clayton - 2008
7 The consequence of non-cooperation in the fight against phishing - Moore, Clayton - 2008
6 On the potential of proactive domain blacklisting - Felegyhazi, Kreibich, et al. - 2010
6 PhishNet: Predictive Blacklisting to Detect Phishing Attacks - PRAKASH, KUMAR, et al. - 2010
3 Random Pseudo-URLs Try to Confuse Anti-Spam Solutions. http://garwarner.blogspot.com/ 2010/09/random-pseudo-urls-try-to-confuse-anti.html - Warner - 2010
2 VeriSign registry registrar protocol (RRP) version 2.0.0 - Hollenbeck, Veeramachaneni, et al. - 2003
2 and Registrars: Are some Domain Name Registrars safe havens for Internet drug rings? http://www.legitscript.com/download/Roguesand-Registrars-Report.pdf - Rogues - 2010
1 Increase For .cn Chinese Website Domain Names - Price - 2010
1 Demand Media–eNom: the World’s #1 Bad Host and Abusive Registrar - Armin - 2010
1 KnujOn’s response to eNom statement - Armin - 2010
1 Experience .CN Domain Name for One Yuan Campaign” will extend till 31st - CNNIC - 2008
1 The Notification about further enhancement of auditing domain name registration information. http://www.cnnic.net.cn/html/Dir/2009/12/ 12/5750.htm - CNNIC - 2009
1 eNom and LegitScript LLC announce agreement to identify customers operating illegal online pharmacies. http://www.businesswire.com/news/ home/20100921005657/en/eNom-LegitScriptLLC-Announce-Agreement-Identify-Customers - Media - 2010
1 Форум успешных вебмастеров. http:// www.gofuckbiz.com/showpost.php?p=382053 - Elmaros - 2010
1 EPP domain name mapping - Hollenbeck - 2009
1 Extensible provisioning protocol - Hollenbeck - 2009
1 NSI registry registrar protocol - Hollenbeck, Srivastava - 2000
1 Internet Security Report: Audit of the gTLD Internet Structure, Evaluation of Contractual Compliance, and Review of Illict Activity by Registrar. http://www.knujon.com/knujon_audit0610.pdf - com - 2010
The National Science Foundation
  • About CiteSeerX
  • Submit Documents
  • Privacy Policy
  • Help
  • Data
  • Source
  • Contact Us

Developed at and hosted by The College of Information Sciences and Technology

© 2007-2010 The Pennsylvania State University