Using Domain Name Registrant Information to Identify Malicious Domains

January 2016 • Presentation

Mark Langston

In this this FloCon presentation, the author describes how phony addresses may be predictive of future bad behavior from domains not yet known to be malicious.

Publisher:

CERT Division

Subjects

Situational AwarenessSituational Awareness
FloConFloCon

Abstract

By mining WHOIS registrant data for physical addresses associated with known-malicious domains, we can identify the popular use of phony registrant addresses. This presentation covers how these phony addresses may be predictive of future bad behavior from domains not yet known to be malicious.

Software Engineering Institute

Using Domain Name Registrant Information to Identify Malicious Domains

January 2016 • Presentation

Mark Langston

Publisher:

Subjects

Abstract

Supplemental Materials

Part of a Collection

Software Engineering Institute

Using Domain Name Registrant Information to Identify Malicious Domains

January 2016 • Presentation

Mark Langston

Publisher:

Subjects

Abstract

Share

Supplemental Materials

Part of a Collection