Dawn of the dead domain: Measuring the exploitation of residual trust in domains

Chaz Lever, Robert J. Walls, Yacin Nadji, David Dagon, Patrick Mcdaniel, Manos Antonakakis

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

An individual who re-registers an expired domain implicitly inherits the residual trust associated with the domain's prior use. Adversaries can, and increasingly do, exploit these ownership changes to undermine the security of both users and systems. In fact, many seemingly disparate security problems share a root cause in residual trust abuse. As we enter the dawn of the dead domain, new techniques and policies are needed to fight this growing threat.

Original languageEnglish (US)
Article number7891499
Pages (from-to)70-77
Number of pages8
JournalIEEE Security and Privacy
Volume15
Issue number2
DOIs
StatePublished - Jan 1 2017

Fingerprint

exploitation
abuse
threat
cause

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Electrical and Electronic Engineering
  • Law

Cite this

Lever, Chaz ; Walls, Robert J. ; Nadji, Yacin ; Dagon, David ; Mcdaniel, Patrick ; Antonakakis, Manos. / Dawn of the dead domain : Measuring the exploitation of residual trust in domains. In: IEEE Security and Privacy. 2017 ; Vol. 15, No. 2. pp. 70-77.
@article{568824a2f23444b981e1afec7713c0a3,
title = "Dawn of the dead domain: Measuring the exploitation of residual trust in domains",
abstract = "An individual who re-registers an expired domain implicitly inherits the residual trust associated with the domain's prior use. Adversaries can, and increasingly do, exploit these ownership changes to undermine the security of both users and systems. In fact, many seemingly disparate security problems share a root cause in residual trust abuse. As we enter the dawn of the dead domain, new techniques and policies are needed to fight this growing threat.",
author = "Chaz Lever and Walls, {Robert J.} and Yacin Nadji and David Dagon and Patrick Mcdaniel and Manos Antonakakis",
year = "2017",
month = "1",
day = "1",
doi = "10.1109/MSP.2017.42",
language = "English (US)",
volume = "15",
pages = "70--77",
journal = "IEEE Security and Privacy",
issn = "1540-7993",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "2",

}

Lever, C, Walls, RJ, Nadji, Y, Dagon, D, Mcdaniel, P & Antonakakis, M 2017, 'Dawn of the dead domain: Measuring the exploitation of residual trust in domains', IEEE Security and Privacy, vol. 15, no. 2, 7891499, pp. 70-77. https://doi.org/10.1109/MSP.2017.42

Dawn of the dead domain : Measuring the exploitation of residual trust in domains. / Lever, Chaz; Walls, Robert J.; Nadji, Yacin; Dagon, David; Mcdaniel, Patrick; Antonakakis, Manos.

In: IEEE Security and Privacy, Vol. 15, No. 2, 7891499, 01.01.2017, p. 70-77.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Dawn of the dead domain

T2 - Measuring the exploitation of residual trust in domains

AU - Lever, Chaz

AU - Walls, Robert J.

AU - Nadji, Yacin

AU - Dagon, David

AU - Mcdaniel, Patrick

AU - Antonakakis, Manos

PY - 2017/1/1

Y1 - 2017/1/1

N2 - An individual who re-registers an expired domain implicitly inherits the residual trust associated with the domain's prior use. Adversaries can, and increasingly do, exploit these ownership changes to undermine the security of both users and systems. In fact, many seemingly disparate security problems share a root cause in residual trust abuse. As we enter the dawn of the dead domain, new techniques and policies are needed to fight this growing threat.

AB - An individual who re-registers an expired domain implicitly inherits the residual trust associated with the domain's prior use. Adversaries can, and increasingly do, exploit these ownership changes to undermine the security of both users and systems. In fact, many seemingly disparate security problems share a root cause in residual trust abuse. As we enter the dawn of the dead domain, new techniques and policies are needed to fight this growing threat.

UR - http://www.scopus.com/inward/record.url?scp=85018507956&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85018507956&partnerID=8YFLogxK

U2 - 10.1109/MSP.2017.42

DO - 10.1109/MSP.2017.42

M3 - Article

AN - SCOPUS:85018507956

VL - 15

SP - 70

EP - 77

JO - IEEE Security and Privacy

JF - IEEE Security and Privacy

SN - 1540-7993

IS - 2

M1 - 7891499

ER -