11–13 Oct 2014
Hyatt Regency Century Plaza
US/Pacific timezone

Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs

12 Oct 2014, 13:30
30m
Westside (Hyatt Regency Century Plaza)

Westside

Hyatt Regency Century Plaza

2025 Avenue of the Stars Los Angeles California 90067 USA
Public Workshop Sunday Workshop (Public)

Speaker

Dr Maciej Korczynski (Delft University of Technology)

Description

In this presentation, we describe security metrics for Top-Level Domains (TLDs) and we measure their operational values using DNS query data and other data sources such as botnet and phishing feeds. They can serve as publicly available signals to different classes intermediaries such as registries, registrars, or hosting providers and can offer the option to benchmark themselves against their market. There currently exists very little empirical information about the security performance of TLDs and of the overall DNS ecosystem. We distinguish three types of security metrics, each at a different layer of ab- straction. The top-layer involves the security metrics of an entire TLD such as .nl, .com, or .amsterdam. The second layer of abstraction consists of security metrics for market players under TLDs. These are Internet infrastructure providers, registries, registrars, and hosting providers. Examples of security metrics at this layer include concentration of malicious domains across players and their up-times. The third layer is a break-down of the second layer and involves security metrics for network resources managed by each of the players, such as DNS resolvers, or authoritative name servers. In this presentation, we pay a special attention to the second layer and we develop reputation metrics for registries, registrars, and hosting providers with the respect to the TLD layer. In our future work, we plan to correlate the abuse rate reflected in the here-proposed reputation metrics with registry policy, such as pricing, the correctness of the whois data, security monitoring of the DNS infrastructure, etc.

Primary author

Dr Maciej Korczynski (Delft University of Technology)

Co-authors

Mr Maarten Wullink (SIDN) Prof. Michel van Eeten (Delft University of Technology)

Presentation materials