Assessing the Effectiveness of Domain Blacklisting Against Malicious DNS Registrations

2019 IEEE Security and Privacy Workshops (SPW) Pub Date : 2019-05-01 DOI:10.1109/SPW.2019.00045
T. Vissers, Peter Janssen, W. Joosen, Lieven Desmet
{"title":"Assessing the Effectiveness of Domain Blacklisting Against Malicious DNS Registrations","authors":"T. Vissers, Peter Janssen, W. Joosen, Lieven Desmet","doi":"10.1109/SPW.2019.00045","DOIUrl":null,"url":null,"abstract":"Domain blacklists are widely-used in security research. However, given their proprietary nature, there is little insight into how they operate and how effective they are. In this paper, we analyze a unique combination of DNS traffic measurements with domain registration and blacklisting data. We focus in particular on large-scale malicious campaigns that register thousands of domain names used in orchestrated attacks. This allows us to gain insights into how blacklists and cybercriminals interact with each other. Furthermore, it enables us to pinpoint scenarios where blacklist operators struggle to detect campaign registrations.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"754 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE Security and Privacy Workshops (SPW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPW.2019.00045","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3

Abstract

Domain blacklists are widely-used in security research. However, given their proprietary nature, there is little insight into how they operate and how effective they are. In this paper, we analyze a unique combination of DNS traffic measurements with domain registration and blacklisting data. We focus in particular on large-scale malicious campaigns that register thousands of domain names used in orchestrated attacks. This allows us to gain insights into how blacklists and cybercriminals interact with each other. Furthermore, it enables us to pinpoint scenarios where blacklist operators struggle to detect campaign registrations.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
评估域名黑名单对恶意DNS注册的有效性
域黑名单在安全研究中有着广泛的应用。然而,考虑到它们的专有性质,人们对它们的运作方式和有效性知之甚少。在本文中,我们分析了DNS流量测量与域名注册和黑名单数据的独特组合。我们特别关注大规模恶意活动,这些活动注册了数千个用于精心策划攻击的域名。这使我们能够深入了解黑名单和网络罪犯是如何相互作用的。此外,它使我们能够查明黑名单操作人员难以检测竞选注册的情况。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
2019 IEEE Security and Privacy Workshops (SPW)
2019 IEEE Security and Privacy Workshops (SPW)
自引率
0.00%
发文量
0
期刊最新文献
Ensuring the Safe and Secure Operation of Electronic Control Units in Road Vehicles MaxNet: Neural Network Architecture for Continuous Detection of Malicious Activity Feasibility of a Keystroke Timing Attack on Search Engines with Autocomplete Characterizing Vulnerability of DNS AXFR Transfers with Global-Scale Scanning IOTFLA : A Secured and Privacy-Preserving Smart Home Architecture Implementing Federated Learning
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1