CyLab Student Seminar

  • Robert Mehrabian Collaborative Innovation Center
  • 2201
  • Ph.D. Student
  • Department of Electrical and Computer Enineering
  • Carnegie Mellon University

Empirically Analyzing and Combating the Malicious Utilization of Domain Names

The Domain Name System plays a crucial role in the Internet architecture resolving names humans can remember, to Internet Protocol addresses computers can understand. Being the primary mechanism for users to access services on the Internet, domain names became a valuable part of any brand with an Internet presence. Inevitably, criminals realized the potential in domain names to increase their revenue and nowadays they abuse domain names for many different reasons.

Miscreants often take advantage of domain names to make it hard for defenders to block their abusive or malicious endeavors such as spam emails, botnets, drive-by-download sites, illegal content distribution sites.

Other criminals, called squatters, expect to profit from the similarity of their domain names to a brand name by passively counting on user mistakes (e.g., typing mistakes) or by actively fooling users for phishing and scam.

We postulate that combining judiciously chosen detection tools with novel domain registration policies can make the vast majority of current malicious domain name registrations economically nonviable, and can decrea

Janos Szurdi is a Ph.D. Candidate in the Electrical and Computer Engineering Department at Carnegie Mellon University, advised by Nicolas Christin. His research interest is in online crime and measurements, focusing on domain registration abuses. He received his B.Sc. and M.Sc. with highest honors from the Budapest University of Technology and Economics. Before starting his Ph.D., Janos worked as a Java developer at Sonrisa Ltd. and as a research assistant at CrySyS Laboratory.

For More Information, Please Contact: