Blog

Discover our latest research findings, technical insights, and expert analysis

INFERMAL: Investigating Cyber Attackers' Preferences in Domain Registrations for Enhanced Online Security
ICANN Research
6 min read

INFERMAL: Investigating Cyber Attackers' Preferences in Domain Registrations for Enhanced Online Security

The goal of the INFERMAL project is to conduct an in-depth analysis of maliciously registered domain names, aiming to uncover cyber attackers' preferences and possible measures to mitigate abusive activities within the domain name space.

Read more
Extended DNS Errors: Unlocking the Full Potential of DNS Troubleshooting
EDE Research
5 min read

Extended DNS Errors: Unlocking the Full Potential of DNS Troubleshooting

The Domain Name System has traditionally relied on response codes to signal anomalies, but they are of little help to precisely identify the root causes behind failures. In this article, we examine the new Extended DNS Errors (EDE) mechanism that provides extra feedback on DNS resolutions.

Read more
A New Phase of Measuring DNS Abuse
DNSAI
6 min read

A New Phase of Measuring DNS Abuse

Today the DNS Abuse Institute adds a new level of reporting for our measurement project: DNSAI Compass™ ("Compass"). With his new level of reporting we intend to show the spectrum of how malicious phishing and malware is distributed across the DNS registration ecosystem.

Read more
SAV: Why Is Source Address Validation Still a Problem?
Research SAV
12 min read

SAV: Why Is Source Address Validation Still a Problem?

In this post, we provide an introduction / refresher on what SAV is and discuss methods to detect non-compliant networks and the incentives that the industry must enact to make the deployment of SAV attractive.

Read more
New ICANN Project Explores the Drivers of Malicious Domain Name Registrations
ICANN Research
4 min read

New ICANN Project Explores the Drivers of Malicious Domain Name Registrations

ICANN is funding a new project that aims to systematically analyze the preferences of cyberattackers and possible measures to mitigate malicious activities across top-level domains.

Read more
Intercept and Inject: DNS Response Manipulation in the Wild
Manipulation Research
6 min read

Intercept and Inject: DNS Response Manipulation in the Wild

In November 2021, Internet users from Mexico lost access to whatsapp.net and facebook.com. Here, we present key takeaways from our analysis of the event - carried out with RIPE Atlas - and we look at the extent to which queries to DNS root servers get manipulated.

Read more
Measuring DNS Abuse: Our first report
DNSAI
4 min read

Measuring DNS Abuse: Our first report

In May 2022, we wrote about kicking off our work to measure DNS Abuse. We are proud to announce today that we have launched our first report and gone live with our measurement initiative: DNSAI Intelligence.

Read more