The modality of mortality in domain names

Presented at VB2018, Oct. 5, 2018, 11 a.m. (30 minutes).

Domain names established for routine use are typically registered for one or more years, and faithfully renewed thereafter. Knowing nothing else, we'd expect that a domain existing today will still be there tomorrow. This is an expectation of 'domain continuity'. Other domains get treated as effectively being 'disposable'. Those domains get registered, quickly abused for cybercrime-related purposes (such as spamming, phishing, malware distribution, etc.), and are then abandoned after becoming unusable due to being blocklisted or 'held' by registrar action. In this study, we've obtained an ongoing feed of 'Newly Observed Domains' from *Farsight Security*'s SIE, and then periodically probed those names from global measurement points to determine: * What fraction of new domain names 'die a premature death' due to being blocklisted or suspended? * What causes the 'death' of those domains? Do they mostly get blocklisted? Or do they 'die' due to action by registrars or others? * What does the survival curve for those names look like over time? * Are there differences between the traditional gTLDs, ccTLDs and ICANN's new gTLDs? *Farsight Security* CEO Dr. Paul Vixie will address these topics and make recommendations as to how to reduce domain name abuse.

Presenters:

  • Paul Vixie - Farsight Security
    Paul Vixie Dr Paul Vixie is an Internet pioneer. Currently, he is the Chairman, CEO and cofounder of award-winning Farsight Security, Inc. He was inducted into the Internet Hall of Fame in 2014 for work related to DNS. Dr Vixie is a prolific author of open-source Internet software including BIND, and of many Internet standards documents concerning DNS and DNSSEC. In addition, he founded the first anti-spam company (MAPS, 1996), the first non-profit Internet infrastructure software company (ISC, 1994), and the first neutral and commercial Internet exchange (PAIX, 1991). He earned his Ph.D. from Keio University for work related to DNS and DNSSEC in 2010. @PaulVixie

Links:

Similar Presentations: