Software Engineering Institute

Using Domain Name Registrant Information to Identify Malicious Domains

January 11, 2016 • Presentation

By

Mark Langston

In this this FloCon presentation, the author describes how phony addresses may be predictive of future bad behavior from domains not yet known to be malicious.

Publisher

Software Engineering Institute

Subjects

Flocon Situational Awareness

Abstract

By mining WHOIS registrant data for physical addresses associated with known-malicious domains, we can identify the popular use of phony registrant addresses. This presentation covers how these phony addresses may be predictive of future bad behavior from domains not yet known to be malicious.

Download Slides

Part of a Collection

FloCon 2016 Presentations

Ask a question about this Presentation

This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.

Software Engineering Institute

Using Domain Name Registrant Information to Identify Malicious Domains

January 11, 2016 • Presentation

By Mark Langston

Publisher

Subjects

Abstract

SHARE

Part of a Collection

By

Mark Langston