University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > Privacy/Proxy/Perfidy – what criminals (and others) put in domain whois

Privacy/Proxy/Perfidy – what criminals (and others) put in domain whois

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Laurent Simon.

Abstract: I’ve recently completed a major study of the ‘whois’ contact details for domain names used in malicious or harmful Internet activities. ICANN wanted to know if a significant percentage of these domain registrations used a privacy or proxy services to obscure the perpetrator’s identity ? No surprises in our results: Yes!

What was perhaps surprising was that quite a significant percentage of domains used for lawful and harmless activities ALSO used privacy and proxy services.

But the real distinction is that when domains are maliciously registered, then contact details are hidden in a range of different ways so that 9 out 10 of these registrants are a priori uncontactable – whereas the uncontactable rate varies between a quarter and at most two- thirds for the non-malicious registrations.

This talk discusses how these results were obtained and what their implications are for the future of the whois system. It also gives some technical insight into the innovative design of whois parsing tool that has enabled some extremely variable reporting formats to be handled, at substantial scale, in an automated manner.

Bio: Richard Clayton came back to Cambridge in 2000 to study for a PhD on ‘Anonymity and Traceability in Cyberspace’. Since getting his degree he has stayed on as an academic PostDoc “because it’s more fun than working”. The main focus of his research is on cybercrime, and particularly on ‘phishing’. The ICANN project described in this talk was done during his recently completed three year collaboration with the National Physical Laboratory (NPL) on the EPSRC funded project “Internet Security”.

This talk is part of the Computer Laboratory Security Seminar series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2014 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity