Most discussions relating to DNS abuse have not distinguished between malicious and compromised domains. However, any nuanced approach to DNS abuse mitigation must account for both malicious registrations, where a domain is registered with malicious intent and, as such the registrant is likely complicit; and compromised domains, which are registered by a registrant for a non-abusive purpose but are later compromised by malicious third-party actors in order to engage in DNS abuse—typically without the registrant’s knowledge or consent. Thus, the registrant is considered a victim alongside others potentially affected and suspending the entire domain name is typically not the appropriate remediation. Compromised domains account for a significant portion of DNS abuse. As the DNS matures and we welcome more established web presences of all types of genuine registrants—individuals and businesses alike, both large and small—we must seek to protect them. Efforts to effectively combat DNS abuse should seek to do no harm to genuine registrants who are not directly to blame for abuse occurring in connection to their domain. The potential for disproportionate harm in treating compromised domains the same as maliciously registered domains is high. A more nuanced approach is required to address compromised names. This plenary session will explore the differentiation between maliciously registered and compromised domains in DNS abuse; specifically, the impacts of the DNS abuse itself on end-users and registrants and strategies to effectively mitigate DNS abuse when dealing with both malicious and compromised domains.
Graeme Bunton, DNS Abuse Institute (moderator)
Maciej Korczynski, University of Grenoble (presenter)
Reg Levy, Registrar Stakeholder Group
Chris Lewis Evans, Governmental Advisory Committee Public Safety Working Group
Rod Rasmussen, Security and Stability Advisory Committee
Lori Schulman, Intellectual Property Constituency
Alan Woods, Registries Stakeholder Group
Session Leader: Carlos Reyes Staff Facilitator: Ozan Sahin
Plenary Session: Evolving the DNS Abuse Conversation
Press space bar to start a drag.
When dragging you can use the arrow keys to move the item around and escape to cancel.
Some screen readers may require you to be in focus mode or to use your pass through key