Keep up with with our latest updates and announcements
The INFERMAL project aims to systematically analyze the preferences of cyberattackers when registering domains for malicious activities. Led by Dr. Maciej Korczyński, the research team will study factors like pricing, payment methods, and registration restrictions to identify patterns in attackers' behaviour. The findings will help registrars and registries develop better anti-abuse practices and ultimately create a more secure namespace for all.
Read more in our blog.
We are excited to announce our support for the 10th International Workshop on Traffic Measurements for Cybersecurity (WTMC 2025), set to take place in Venice, Italy, on June 30, 2025. The event, co-located with the IEEE European Symposium on Security and Privacy, will bring together experts from academia and industry to explore cutting-edge research in cybersecurity seen from the traffic measurements perspective.
As a supporter, we are committed to advancing the field of cybersecurity and facilitating conversations on traffic measurements, network anomalies, and the role of emerging technologies like generative AI in both cyber defense and attacks. We look forward to engaging with the brightest minds in the industry and contributing to the development of innovative cybersecurity solutions.
For more information about the event, visit WTMC 2025.
KOR Labs will present key findings from the INFERMAL project during a two-hour ICANN webinar on February 19 at 15:00 UTC. Led by Prof. Maciej Korczyński (KOR Labs) and coordinated by Dr. Samaneh Tajalizadehkhoob (ICANN), the session will include a presentation followed by an interactive Q&A session. The webinar presents a valuable opportunity for stakeholders to gain insights into the complexities of malicious activities within the registration landscape.
Registration details are provided here.
We are very happy to announce that Professor Maciej Korczyński will present the results of the INFERMAL project at ICANN 81 in Istanbul (Türkiye). Join the DNS Abuse Updates session on Wednesday November 13, 2024 13:15 - 14:30 GMT+03 to learn about different factors that may influence the choice of certain registrars and TLDs by malicious actors when registering new phishing domains.
About the project: INFERMAL (Inferential Analysis of Maliciously Registered Domains) is a research study being carried out by KOR Labs and funded by ICANN. The goal of this project is to conduct an in-depth analysis of maliciously registered domain names, aiming to uncover cyber attackers' preferences and possible measures to mitigate abusive activities within the domain name space.
Follow the updates on the project website.
We are excited to announce the publication of the final report, marking the successful completion of our two-year research initiative. The document synthesizes our methodology, key findings, and recommendations, contributing to the broader understanding of DNS abuse.
The full report is now available for download here. We invite the community to explore our findings and engage with this important research. We would like to thank everyone who contributed to this project and look forward to continuing discussions about DNS abuse mitigation.
KOR Labs is pleased to announce its participation in the upcoming DNS Abuse Updates session at ICANN81 (10:15 UTC, 13 November 2024). As our INFERMAL project has just been completed, we will present the key findings and insights to the community. Prof. Maciej Korczyński (KOR Labs) will join Dr. Samaneh Tajalizadehkhoob (ICANN OCTO-SSR) to share the project's outcomes during this session.
As we work towards understanding the preferences of cyberattackers, our analysis focuses on three categories of features: registration attributes (including domain pricing, payment methods, API access, and free services), proactive verification (such as registrant information validation and registration restrictions), and reactive security practices (malicious domain uptimes).
Read more about the feature selection in our blog.
Last year, KOR Labs together with partners (ORANGE Polska SA, PDMFC LDA, and NovaForensic) kicked off the ThreatChase project with the aim to create an open platform for protection against phishing.
The proposed platform will improve cybersecurity capabilities across the EU, notably for SMEs and public organizations by providing the essential information needed to identify and block malicious traffic before it reaches their networks. It can help organizations to detect and respond to cyberattacks more quickly based on real-time threat intelligence, allowing them to identify when their systems are being targeted by attackers and take appropriate action.
Follow us on X and LinkedIn to see how we make the ThreatChase platform a pivot place for supporting interaction between suppliers and adopters of cybersecurity solutions.
The INFERMAL research project will unfold in three phases. In Phase 1 (November 2023), researchers will map abusive domains from blocklists to their registration information. Phase 2 (July 2024) will analyze proactive security measures, including how registrars validate user data and respond to abuse notifications. The final phase (September 2024) will culminate in a research paper using generalized linear modeling to identify key factors driving domain abuse and propose recommendations for mitigation.
More about our next steps in this blog.
KOR Labs has become an official supporter of the 9th International Workshop on Traffic Measurements for Cybersecurity (WTMC 2024). The workshop is co-located with the 9th IEEE European Symposium on Security and Privacy (IEEE EuroS&P 2024) in Vienna, Austria and will take place on Monday, July 8, 2024. The workshop aims to address the complexities of modern communication networks and their evolving cybersecurity challenges through traffic measurements. It provides a platform for researchers and industry experts to present their latest findings and discuss the impact of traffic measurements on cybersecurity. Key topics include incident response, cyber attack measurements, security of web-based services, and the economics of cybersecurity. Submissions are accepted in various formats and will undergo rigorous peer review, with accepted papers published in IEEE Xplore. For further details, please visit the oficial website.