|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Privacy/Proxy/Perfidy – what criminals (and others) put in domain whois
If you have a question about this talk, please contact Laurent Simon.
Abstract: I’ve recently completed a major study of the ‘whois’ contact details for domain names used in malicious or harmful Internet activities. ICANN wanted to know if a significant percentage of these domain registrations used a privacy or proxy services to obscure the perpetrator’s identity ? No surprises in our results: Yes!
What was perhaps surprising was that quite a significant percentage of domains used for lawful and harmless activities ALSO used privacy and proxy services.
But the real distinction is that when domains are maliciously registered, then contact details are hidden in a range of different ways so that 9 out 10 of these registrants are a priori uncontactable – whereas the uncontactable rate varies between a quarter and at most two- thirds for the non-malicious registrations.
This talk discusses how these results were obtained and what their implications are for the future of the whois system. It also gives some technical insight into the innovative design of whois parsing tool that has enabled some extremely variable reporting formats to be handled, at substantial scale, in an automated manner.
Bio: Richard Clayton came back to Cambridge in 2000 to study for a PhD on ‘Anonymity and Traceability in Cyberspace’. Since getting his degree he has stayed on as an academic PostDoc “because it’s more fun than working”. The main focus of his research is on cybercrime, and particularly on ‘phishing’. The ICANN project described in this talk was done during his recently completed three year collaboration with the National Physical Laboratory (NPL) on the EPSRC funded project “Internet Security”.
This talk is part of the Computer Laboratory Security Seminar series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsGiving What We Can: Cambridge OWASP (Application Security) Cambridge Chapter Events & Conferences Cambridge Conservation Seminars
Other talksMechanism of premature cracking in jointed plain concrete pavements TBA The Conscious Phenotype The self-avoiding walk problem Periodic and quasiperiodic vortex shedding in the wake of a rotating sphere Ethnic differences in mental health: does race matter?