Research

Clusters in the Expanse: Understanding and Unbiasing IPv6 Hitlists

Clusters in the Expanse: Understanding and Unbiasing IPv6 Hitlists

Network measurements are an important tool in understanding the Internet. Due to the expanse of the IPv6 address space, exhaustive scans as in IPv4 are not possible for IPv6. Researchers show that addresses in IPv6 hitlists are heavily clustered and present novel techniques that allow to push IPv6 hitlists from quantity to quality.

View research
Entropy/IP: Uncovering Structure in IPv6 Addresses

Entropy/IP: Uncovering Structure in IPv6 Addresses

Researchers introduce Entropy/IP: a system that discovers Internet address structure based on analyses of a subset of IPv6 addresses known to be active, i.e., training data, gleaned by readily available passive and active means.

View research
DomainChroma: Building actionable threat intelligence from malicious domain names (2018)

DomainChroma: Building actionable threat intelligence from malicious domain names (2018)

Researchers use the Farsight passive DNS database (DNSDB) corresponding to investigate the domain name usage, such as the first- and last-seen timestamps, a list of resolved IP addresses, and changes in the name server records.

View research
Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates (2018)

Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates (2018)

For a better understanding of how many domains are affected by IP address churn, researchers observe DNS traffic through Farsight’s passive DNS measurements.

View research
Inferring BGP Blackholing Activity in the Internet (2017)

Inferring BGP Blackholing Activity in the Internet (2017)

The Border Gateway Protocol (BGP) has been used for decades as the de facto protocol to exchange reachability information among networks in the Internet. However, little is known about how this protocol is used to restrict reachability to selected destinations, e.g., that are under attack.

View research
Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting (2017)

Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting (2017)

Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers.

View research
Zone Poisoning: The How and Where of Non-Secure DNS Dynamic Updates (2017)

Zone Poisoning: The How and Where of Non-Secure DNS Dynamic Updates (2017)

Most attacks compromise the resolution path somewhere between the user and the authoritative name server for a Domain. Researchers explore an attack against the authoritative end of the path: the zone file of the authoritative name server using non-secure DNS dynamic update protocol extension.

View research
No domain left behind: is Let’s Encrypt democratizing encryption? (2017)

No domain left behind: is Let’s Encrypt democratizing encryption? (2017)

Researchers use the Farsight DNSDB for domain to IP mapping.

View research

Want to learn more?

Protect against cybercriminal activity in real-time.

Request a free demo