PaDAWaNS: Proactive Domain Abuse Warning and Notification System

More Info
expand_more

Abstract

The counterfeit market is rapidly expanding into the online realm. Large amounts of fraudulent webshops advertise luxury clothing and fashion accessories, but ship counterfeit products to their customers. Apart from customers, brand owners and domain registries experience a negative impact caused by these fake webshops. Current countermeasures are slow and of a reactive nature, leaving a large enough window of opportunity for criminals to make a profit. This thesis introduces a proactive mitigation approach that can be deployed at domain registries. By predicting whether a newly registered domain will be used to sell counterfeit merchandise, preventive countermeasures can often be taken in advance, minimizing the criminals' window of opportunity and profits. These predictions are made by training a detection model using both registrant information and infrastructure measurements of the registered domains. To evaluate the prediction system, new domain registrations are classified for a period of 6 months. Registrations classified as malicious are then monitored for signs of abuse. Overall, the system is able to detect malicious registrations with reasonable precision. Additionally, the body of abusive domain registrations created during this thesis project is analyzed to gain insights into the methods used to host counterfeit webshops, which can be used as a starting point for future research.

Files

Thesis_public_version_.pdf
(pdf | 1.04 Mb)
Unknown license