Evaluating the Effectiveness of Handling Abusive Domain Names by Internet Entities

Abstract

A large number of domains are abused every day for cybercrime. At the same time, the fight against abusive domains is not the fight of one person or organization but a battle that requires the cooperation of the entire community. However, very little research has been done to quantify the positive benefits of this strategy for dealing with abusive domains. As a result, using pornography and gambling domain names as examples, we present the first empirical study evaluating the usability and effectiveness of all Internet entities (e.g., registrars and hosting providers) in the DNS ecosystem for receiving and handling abusive domain reports. First, the paper thoroughly demonstrates the mechanisms for receiving and handling abusive domain reports at various Internet entities in China. Second, we select and report the appropriate 2433 abusive domains to 43 service providers across six categories of Internet entities. Finally, we discover the methods and response time used by each Internet entity to handle abuse reports based on the changes in reported domains. Based on the above data, we analyze and evaluate the effectiveness of Internet entities in dealing with abusive domains. Moreover, we indicate the scope of protection and disadvantages of each method, i.e., whether the abusive domain can escape handling. The paper aims to provide a more detailed overview and reference for the security communities, service providers, and Internet entities concerned with dealing with abusive domains.