Understanding the Implementation and Security Implications of Protective DNS Services
Mingxuan Liu
Network and Distributed System Security (NDSS) Symposium 2024 · Day 1 · Network Security
The internet's utility is constantly challenged by the proliferation of malicious domain names, which serve as critical infrastructure for cyberattacks such as botnet command and control, phishing, spam, and malware distribution. Industry reports, such as Cisco's, indicate that over 91% of internet attacks are linked to the resolution of these nefarious domains, with ICANN's DAAR project identifying over 622,000 malicious domains in March 2023 alone. While traditional domain takedown procedures are effective, they are often slow and resource-intensive, necessitating complex legal and administrative processes involving registrars and law enforcement. This inherent friction has spurred the security community to seek more agile and real-time solutions for mitigating threats at the domain level.