Using Domain Name Registrant Information To Identify Malicious Domains

Abstract

Registrant information mining is difficult no standards for field entries, even within an entity. WHOIS Privacy services present a barrier to analysis. There are entities whose names may be worthy of a priori filtering, but identifying those entities is time-consuming, often subjective, and largely manual. The legal aspect of domain name ownership does not always keep pace with usage malicious activity may extend beyond ownership changes, or begin before legal proceedings can start, Fake address watering holes do not seem to be prevalent, or even common.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 24, 2015
Accession Number
AD1145202

Entities

People

  • Mark Langston

Organizations

  • Carnegie Mellon University

Tags

DTIC Thesaurus Topics

  • Congress
  • Copyrights
  • Department Of Defense
  • Electronic Mail
  • Engineering
  • Filtration
  • Governments
  • Guarantees
  • Intellectual Property
  • Law
  • Materials
  • Mobile Application Software
  • Network Protocols
  • Pharmacies
  • Phishers
  • Software Development
  • Standards
  • Universities

Readers

  • Cybersecurity.
  • Systems Analysis and Design
  • Wetland-Land-Environmental Management.