• About the Institute
  • Innovation
  • Education
  • Collaboration
  • Events
  • Blog
  • Contact
  • Events
  • Contact
  • Blog
  • NetBeacon
  • DNSAI Compass
DNS Abuse Institute

ABOUT US

Discover who we are and what we do

INNOVATION

Learn about our innovative solutions to strengthen the DNS.

EDUCATION

Access our resources and discover our projects and research.

COLLABORATION

Learn how to join, contribute, and participate!

Article

  • Home
  • Blog
  • Article
  • The Path to Combatting Abuse

The Path to Combatting Abuse

  • Posted by Graeme Bunton
  • Categories Article, News
  • Date March 29, 2021

By Graeme Bunton, Director of the DNS Abuse Institute

Completely eradicating malware, botnets, phishing, pharming, and spam from the Domain Name System is not possible. That may be an odd statement from someone who just took the leadership position at the DNS Abuse Institute, but it’s meant to underscore the scope of the work ahead of us. There will always be bad actors exploiting the DNS for their own criminal purposes, but working together, we can mitigate their impact.

This begins with bringing the domain name community and other interested stakeholders together to collaborate on making the DNS safer, and we took an important step in that direction with the inaugural DNS Abuse Forum co-hosted by CircleID.

Efforts to combat DNS Abuse are not new.

Leaders came together in 2019 to publish a framework for the industry to address issues, and Public Interest Registry regularly updates its data on DNS Abuse within the .ORG domain name and its takedown efforts. But DNS Abuse forum panelists Ashley Heineman (GoDaddy), Jeff Bedser (iThreat), John Crain (ICANN), and Chris Lewis-Evans (UK National Crime Agency) forged a path for how the industry can be more effective.

For example, John Crain pointed out that malware and phishing tends to be campaign driven, which means the industry needs to be nimble and organized when it identifies these attacks. That requires greater collaboration.

Ashely Heineman noted that only a fraction of the DNS Abuse reports that GoDaddy receives are unique, evidenced, and actionable. Improving the quality of abuse reporting will enable Registries and Registrars to be more efficient with their time and efforts.

One of the challenges raised during the forum was the emergence of reusing domains for abuse. Chris Lewis-Evans pointed out how bad actors will utilize a domain, then park it to keep it under the radar, before deploying it again for phishing or spam emails. Sophisticated techniques are leading to an increase in the resale of victim data, which reinforces the need to combat bad actors.

Lewis-Evans also pointed out that the number of domains doesn’t equate to the level of harm attributable to abuse. He called for a greater emphasis on educational materials and awareness campaigns and wider and more standardized abuse reporting.

Jeff Bedser echoed that message, pointing out that the standardization of definitions and escalation paths as well as evidentiary standards are critical to combating abuse, especially reducing the “life cycle” of an abusive domain. He laid out a “best practice” scenario:

  • DNS abuse is reported
  • Abuse is well evidenced
  • Escalation path is followed to appropriate party for action
  • Mitigation occurs within a relatively short period of time
  • Victimization window is reduced

To achieve this best-case scenario will require a new level of collaboration. As a next step, the Institute will hold a follow-up forum later this spring focused on the overlap of civil society and intellectual property concerns with regard to DNS abuse.

The Institute welcomes all who want to join our effort to facilitate discussions, raise awareness, and create solutions. One way you can do that is by signing up for the DNS abuse newsletter at dnsabuseinstitute.org. Also, feel free to reach out to me directly via email: Graeme@dnsabuseinstitute.org.

The domain community will never be able to rest when it comes to DNS Abuse.

What we can do is work together to develop, harmonize, and propagate best practices that create a safer, more responsible Internet. The Institute is committed to serving in a central role in these efforts.

Tag:DNS Abuse, DNS Abuse Institute

  • Share:
author avatar
Graeme Bunton

Previous post

An Institute to Combat Abuse
March 29, 2021

Next post

Introducing the DNS Abuse Institute Advisory Council
May 17, 2021

You may also like

注册商和注册机构的《通用滥用政策》
30 August, 2023

最近,一位注册商联系我,他们真切关注采取更多措施来解决 DNS 滥用的问题,但不确定应该从哪里开始着手。DNS 滥用是一个复杂的问题,没有明确的切入点来着手解决。不止这一家注册商,许多注册机构和注册商越来越担心滥用行为,并需要帮助来着手解决这一问题。 本文是三部分系列文章的第一篇,该系列文章旨在为制定反滥用实践的关键组成部分提供合理、简明的介绍。第一篇文章致力于提供合理的法律依据,或者说基本的 DNS 滥用政策,以解决滥用问题。接下来的两篇文章将讨论管理 DNS 滥用的有效手段以及实际缓解程序。 本政策是与互联网和司法管辖区政策网络 (I&J) 共同制定的,我们对他们的贡献和支持表示感谢。I&J 在这一领域有很多非常好的内容,其中包括他们的 Toolkit: DNS Level Action to Address Abuses(工具包:DNS 层面应对滥用的行动),我建议任何对减少滥用感兴趣的人士都要读一下。DNS 滥用研究所也是 I&J 域名联络小组的积极参与者。  DNS 滥用具体政策 大多数注册商都会在其网站上发布某种形式的“服务条款”或“可接受的使用政策”。这些政策条款通常赋予注册商出于多种原因而终止服务的自由裁量权。 发布和采用特定的滥用政策提供了几个优势,主要是在于明确性和保护性方面。明确的滥用政策以及对其执行的声誉,可以对不良行为者使用该服务构成威慑。如果注册商或注册机构的相关政策涵盖了滥用行为,那么在对滥用行为采取行动时也会得到更有力的法律保护。  在我们详细介绍通用政策如何发挥作用之前,我想先说明一下它是如何制定的。首先,我们专门制定了这一通用政策,这样所有注册商或注册机构都可以根据具体情况来使用/修改/实施此政策。这就是为什么该政策采用创意共享许可,特别是 CC By 4.0 license(CC By 4.0 许可)的原因,这些许可允许任何人在注明 DNSAI 的情况下分享和调整材料。其次,我们正在将其转换为 Markdown 格式并将存放在 …

dnsaicompassinset
A New Phase of Measuring DNS Abuse
9 June, 2023
2022 DNSAI Annual Report Image
DNSAI Releases 2022 Annual Report
11 April, 2023

Search

Categories

  • Article
  • Best Practice
  • Bulletin
  • DNSAI Compass
  • News
  • Newsletter
  • Report
  • Research
  • Resources
logo-public-interest-registry-dns-abuse-institute

The DNS Abuse Institute

Providing innovative solutions and information that ensure the DNS is safe and secure worldwide.

Institute

  • About the Institute
  • Innovation
  • Education
  • Collaboration

Quick Links

  • Blog
  • Contact
  • Privacy Policy
  • NetBeacon
  • DNSAI Compass

Connect With Us

Newsletter

Get the latest DNS Abuse Institute news delivered to your inbox.


PIR will only use the personal data you submit via this form to contact you regarding the DNS Abuse Institute Newsletter. The information will not be used for any other purpose.

Please be aware that if you do not consent to the use of your email for this purpose we will not be able to fulfill your request.

Opt-In *

* indicates required

© 2022 Public Interest Registry. All rights reserved.