A Reexamination of Internationalized Domain Names: The Good, the Bad and the Ugly | IEEE Conference Publication | IEEE Xplore
Subscribe
ADVANCED SEARCH
Conferences >2018 48th Annual IEEE/IFIP In...

A Reexamination of Internationalized Domain Names: The Good, the Bad and the Ugly

PDF
Baojun Liu; Chaoyi Lu; Zhou Li; Ying Liu; Haixin Duan; Shuang Hao
All Authors

Abstract:

Internationalized Domain Names (IDNs) are domain names containing non-ASCII characters. Despite its installation in DNS for more than 15 years, little has been done to un...Show More

Metadata

Abstract:

Internationalized Domain Names (IDNs) are domain names containing non-ASCII characters. Despite its installation in DNS for more than 15 years, little has been done to understand how this initiative was developed and its security implications. In this work, we aim to fill this gap by studying the IDN ecosystem and cyber-attacks abusing IDN. In particular, we performed by far the most comprehensive measurement study using IDNs discovered from 56 TLD zone files. Through correlating data from auxiliary sources like WHOIS, passive DNS and URL blacklists, we gained many insights. Our discoveries are multi-faceted. On one hand, 1.4 million IDNs were actively registered under over 700 registrars, and regions within east Asia have seen prominent development in IDN registration. On the other hand, most of the registrations were opportunistic: they are currently not associated with meaningful websites and they have severe configuration issues (e.g., shared SSL certificates). What is more concerning is the rising trend of IDN abuse. So far, more than 6K IDNs were determined as malicious by URL blacklists and we also identified 1,516 and 1,497 IDNs showing high visual and semantic similarity to reputable brand domains (e.g., apple.com). Meanwhile, brand owners have only registered a few of these domains. Our study suggests the development of IDN needs to be re-examined. New solutions and proposals are needed to address issues like its inadequate usage and new attack surfaces.
Published in: 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
Date of Conference: 25-28 June 2018
Date Added to IEEE Xplore: 23 July 2018
ISBN Information:
Electronic ISSN: 2158-3927
DOI: 10.1109/DSN.2018.00072
Conference Location: Luxembourg, Luxembourg
Contents

I. Introduction

Domain Name System (DNS) provides translation between domain names and IP addresses and is one of the cornerstones in the Internet infrastructure. In the beginning stage of Internet, only letter, digits, and hyphen were allowed and most of the domain names came from English words. To build a multilingual Internet and make the access easier for people around the globe, especially from eastern countries, IETF proposed Internationalized Domain Name (IDN) initiative and established standard to support domain names encoded with Unicode characters.

Contact IEEE to Subscribe
More Like This
Blockchain-based open infrastructure for URL filtering in an Internet browser

2020 IEEE 14th International Conference on Application of Information and Communication Technologies (AICT)

Published: 2020

PhishFarm: A Scalable Framework for Measuring the Effectiveness of Evasion Techniques against Browser Phishing Blacklists

2019 IEEE Symposium on Security and Privacy (SP)

Published: 2019

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.