Compass Dashboards empower registries and registrars with data to understand phishing and malware trends in their zone, over time, and compared against peers.
The DNS Abuse Institute (“DNSAI” or the “Institute”) is pleased to announce the general availability of DNSAI Compass Dashboards to help domain registrars and registries to better understand and combat DNS Abuse.
The new Compass Dashboards provide registrars and registries with unprecedented views into individualized data on phishing and malware across their domains under management (DUM) or within their “zones.” Compass Dashboards provide access to reliable and consistent data so security, compliance, policy, and anti-abuse teams can benchmark the prevalence and persistence of abuse and understand the impact of their processes and policies over time.
Compass Dashboards also allow organizations to compare their data against an anonymized peer group. This data can be used to optimize internal efforts, communicate progress, and improve collaboration both internally and externally with stakeholders, government groups, policy makers, security professionals, and the general public.
DNSAI Compass Reports and Dashboards fill a need for DNS Abuse data specific to registrars and registries. “DNS Abuse response teams expend a significant amount of time and energy to identify, prevent, and mitigate DNS Abuse but have had limited access to data on the impact of their efforts,” said Graeme Bunton, Executive Director of the Institute. “With the launch of the first iteration of Compass Dashboards, the Institute looks forward to receiving feedback, making improvements to reduce DNS Abuse, and empowering the DNS Community.”
Compass Dashboards provide registrar or Top Level Domain (TLD) specific data for their zones. Dashboards for .ORG are provided below as an example below:
Figure 1: Understanding the prevalence and persistence of phishing
and malware in their zone and overtime.
Figure 2: Understanding trends on the type of registration: compromised or malicious.
Figure 3: Comparing against industry peers.
Since its launch in 2022, the DNSAI Compass initiative has been well-received in the community. Nick Wenban-Smith, General Counsel and Head of Stakeholder Relation, Nominet UK, said, “In a world where there are multiple conflicting reports and opinions about ‘bad stuff’ on the internet, ccTLD registries have been crying out for reliable tracking and actionable benchmarks. We are very grateful to the DNS Abuse Institute for their leadership in this complex field, and for shining a light of clarity into this area with their excellent data and reporting via DNSAI Compass reports.”
Registries and registrars are invited to access their own Dashboards or meet with the Institute by contacting support@DNSAbuseInstitute.org.
About DNSAI Compass
The DNSAI Compass initiatives include monthly reports and dashboards. These were created in response to the needs expressed by registrars and registries for access to relevant, reliable abuse data in a timely manner. To ensure delivery of sufficiently granular, accurate, and comparable data, DNSAI collaborates with industry experts at KOR Labs, led by Maciej Korczynski, an Associate Professor at Grenoble Alpes University in France.
DNSAI Compass reports highlight monthly aggregate data on phishing and malware trends across the DNS ecosystem. Most recently, the Compass report for July 2023 noted that 31% of identified phishing and 45% of identified malware was related to a compromised domain name. A compromised domain name is a benign domain name that has been compromised at the website, hosting, or DNS level. This is compared to a malicious domain name which is registered for specifically to carry out malicious purposes (i.e., DNS Abuse). In the same month, Compass observed mitigation rates of 76% across the DNS ecosystem.
Figure 4: Compass report from July 2023 showing compromised vs malicious.