Research

DomainChroma: Building actionable threat intelligence from malicious domain names (2018)

DomainChroma: Building actionable threat intelligence from malicious domain names (2018)

Researchers use the Farsight passive DNS database (DNSDB) corresponding to investigate the domain name usage, such as the first- and last-seen timestamps, a list of resolved IP addresses, and changes in the name server records.

View research
Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates (2018)

Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates (2018)

For a better understanding of how many domains are affected by IP address churn, researchers observe DNS traffic through Farsight’s passive DNS measurements.

View research
Inferring BGP Blackholing Activity in the Internet (2017)

Inferring BGP Blackholing Activity in the Internet (2017)

The Border Gateway Protocol (BGP) has been used for decades as the de facto protocol to exchange reachability information among networks in the Internet. However, little is known about how this protocol is used to restrict reachability to selected destinations, e.g., that are under attack.

View research
Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting (2017)

Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting (2017)

Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers.

View research
Zone Poisoning: The How and Where of Non-Secure DNS Dynamic Updates (2017)

Zone Poisoning: The How and Where of Non-Secure DNS Dynamic Updates (2017)

Most attacks compromise the resolution path somewhere between the user and the authoritative name server for a Domain. Researchers explore an attack against the authoritative end of the path: the zone file of the authoritative name server using non-secure DNS dynamic update protocol extension.

View research
No domain left behind: is Let’s Encrypt democratizing encryption? (2017)

No domain left behind: is Let’s Encrypt democratizing encryption? (2017)

Researchers use the Farsight DNSDB for domain to IP mapping.

View research

Want to learn more?

Protect against cybercriminal activity in real-time.

Request a free demo