DOCSLIB.ORG

Statistical Analysis of DNS Abuse in Gtlds Final Report

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Statistical Analysis of DNS Abuse in Gtlds Final Report Statistical Analysis of DNS Abuse in gTLDs Final Report Maciej Korczynski´ ⇤, Maarten Wullink†, Samaneh Tajalizadehkhoob⇤, Giovane C.M. Moura†, Cristian Hesselman† ⇤Delft University of Technology, The Netherlands †SIDN Labs, The Netherlands {Maciej.Korczynski, S.T.Tajalizadehkhoob}@tudelft.nl {Maarten.Wullink, Giovane.Moura, Cristian.Hesselman}@sidn.nl Abstract—Commissioned by the Competition, Consumer Trust, A number of safeguards were built into the Program that and Consumer Choice Review Team with the support of ICANN, were intended to mitigate the rates of abusive, malicious, this study is focused on measuring rates of common forms of and criminal activity in these new gTLDs, such as phishing, abusive activities in the domain name system. We conduct a comprehensive study examining malicious behavior in the global spam, and malware distribution. ICANN is currently engaged DNS and compare abuse rates in new and legacy gTLDs. We in a review of these safeguards and their effects on rates of combine data sets from many sources, including zone files, DNS abuse as an aspect of the Competition, Consumer Trust, domain WHOIS information, data obtained through our active and Consumer Choice Review2. In this paper, we conduct a measurements, and 11 reputable blacklists representing malware, comprehensive study examining rates of malicious and abusive phishing, and spam. We find that the new gTLDs have impacted spam counts of the legacy gTLDs: abused domains in the new behavior in the global DNS and compare abuse rates in gTLDs do not increase the number of total malicious registrations new gTLDs and legacy gTLDs. As the DNS represents a but instead, we observe a decrease in the number of malicious large ecosystem of registries, registrars, privacy/proxy service registrations in legacy gTLDs. While legacy gTLDs collectively providers, etc. the study aims to capture inputs in a represen- had a spam-domains-per-10,000 rate of 56.9, in the last quarter of tative manner from across the multitude of players relevant to 2016, the new gTLDs experienced a rate of 526.6–which is almost one order of magnitude higher. In this study, we also analyze the abusive practices. relationship between the collected security indicators and the Previous research studied the impact of the New gTLD structural properties of new gTLDs, and abuse, at the level of Program on the domain name ecosystem [1]. Halvorson et gTLDs. The results indicate that abuse counts primarily correlate al. concluded that speculative and defensive registrations with stricter registration policies. Our findings suggest that some dominate the growth of registrations in new gTLDs. They new gTLDs have become a growing target for malicious actors. While the analysis of spam blacklists reveals that approximately also found that the new gTLDs have yet to have significant one third of the new gTLDs available for registration did not impact on the legacy gTLDs. Their work, however, provides experience a single incident in the last quarter of 2016, Spamhaus a very little empirical information about the security of new blacklisted at least 10% of all registered domains in 15 new gTLDs. In this paper, we analyze the impact of the New gTLD gTLDs. Program on the DNS abuse landscape and assess if legacy and new gTLDs are seen by miscreants as interchangeable. I. INTRODUCTION Overall, our main contributions can be summarized as follows: As a result of a many-year multi-stakeholder policy devel- We make a comprehensive descriptive statistical compar- • opment process, the Internet Corporation for Assigned Names ison of rates of DNS abuse in new and legacy gTLDs as and Numbers (ICANN) introduced the New Generic Top- they pertain to spam, phishing, and malware distribution. Level Domain (gTLD) Program (the Program), which has Using regression modelling we perform inferential sta- • enabled hundreds of new gTLDs to enter the domain name tistical analysis testing the correlation between passively system (DNS) since the first delegations occurred in October and actively measured properties of new gTLDs as pre- 20131. The Program was developed to increase competition dictors of rates of abuse. and choice in the domain name space. More than 1,900 ap- We analyze proportions of abusive domains across other • plications for new gTLDs were filed after the process opened relevant to abusive practices players, i.e. registrars and in 2012. To date, more than 1,200 new gTLDs have been privacy/proxy service providers. delegated to the DNS’ root zone. However, while the New Our findings demonstrate a number of notable trends in gTLD Program may increase the range of available gTLDs relation to the new gTLD landscape and cybercriminal activity. available to consumers, it may also create new opportunities While we find higher concentrations of compromised (hacked) for cybercriminals. domains in legacy gTLDs, miscreants frequently choose to 1https://gnso.icann.org/en/group-activities/inactive/2007/new-gtld-intro 2https://newgtlds.icann.org/en/reviews/cct/dns-abuse 1 register domain names using one of the new gTLDs. We .cat, .com, .coop, .info, .jobs, .mobi, .museum, .name, .net, also find that the new gTLDs have significant impact on .org, .post, .pro, .tel, .travel, and .xxx) for which we were able abuse counts of the legacy gTLDs. Interestingly, maliciously to obtain zone files and WHOIS data. We contrast them with registered spam domains in the new gTLDs do not increase the the new gTLDs. number of total malicious registrations. Instead, we witness a B. New gTLDs decrease in the number of malicious registrations in legacy gTLDs. An analysis of the Spamhaus blacklist reveals that ICANN’s New gTLD Program started in 2012 and expanded in the last quarter of 2016, new gTLDs collectively had the root zone by delegating more than 1,200 new gTLDs approximately one order of magnitude higher spam-domains- since October 2013 [4]. To obtain a new gTLD, applicants per-10,000 rate in comparison to legacy gTLDs. are required to undergo an intensive application and evaluation We also systematically analyze how different structural and process [1] that includes screening the applicants technical and security-related properties of new gTLD operators influence financial capabilities for operating a new gTLD. abuse counts. Our inferential analysis reveals that abuse counts Ultimately, after a new gTLD is assigned to an applicant, primarily correlate with stricter registration policies. Finally, it will then be delegated to the root zone. Following initial the analysis of proportions of abusive domains across new delegation, each new gTLD registry is required to have a gTLDs, registrars, and privacy/proxy service providers reveals “sunrise” period of at least 30 days, during which trademark entities suffering from very high concentrations of abused do- holders have an advance opportunity to register domain names mains. We find new gTLDs and registrars with concentrations corresponding to their marks before names are generally of blacklisted domains above 50%, in particular a registrar available to the public. with over 90% of its domains reported as abusive by SURBL. New gTLDs can be classified into four broad cate- gories [5]3: II. BACKGROUND Standard or generic gTLD [7]: is a gTLD that is gen- • ICANN [2] is responsible for maintaining the root names- erally open for public registration, e.g. .movie, .xyz, or pace and its expansion with new top-level domains (TLDs), .family. While most of these gTLDs are open to public in particular new gTLDs, and delegates the responsibility to registration, some registries may impose restrictions on maintain an authoritative source for registered domain names who or which entities can register in their domains. within a TLD to registry operators. ICANN holds registries Community gTLD [8]: this category covers gTLDs that • responsible for complying with the terms of a registry agree- are restricted to a specific community, such as .thai, .radio ment. Domain registries manage the registration and delegation or .pharmacy. of domain names within their TLDs. Geographic gTLD [9]: this type of gTLD covers cities, • The DNS represents a large ecosystem and several other states, or regions, e.g. .amsterdam or .berlin. Brand gTLD [10]: for companies seeking to have their entities play a role for a domain name to be registered, • secured and maintained on the Web. Domain registrars manage specific brand as a gTLD, such as .google or .hitachi. the registration of Internet domain names. They are gener- In our study, we analyze new gTLDs that are intended for ally accredited by TLD registries and may be accredited by public use. Therefore, we excluded the great majority of brand ICANN. Web hosting providers maintain server infrastructure gTLDs for which domains cannot be registered by regular that is used to host content for the domain. DNS providers users4, in particular for malicious purposes. This study covers operate DNS servers that map domain and host names to the new gTLDs for which registries have submitted their sunrise corresponding IP addresses. The WHOIS Privacy and Proxy date information requested by ICANN. In the first quarter of service providers conceal certain personal data of domain 2014, there were 77 new gTLDs for which the sunrise period name registrants. Registrants are individuals or organisations ended and domain names were available for public registration. that hold or manage domain names. The aim of this study is For comparison, by the end of 2016 the group consisted of 522 to capture inputs in a representative manner from across this new gTLDs. multitude of players relevant to abusive practices. C. Safeguards Against DNS Abuse A. Generic TLDs In preparation for the New gTLD Program, ICANN sought The first group of generic top-level domains (gTLDs) was advice from different DNS abuse and security experts to defined by RFC 920 [3] in October 1984 and introduced a examine the potential for increases in criminal activity in few months later.
Load more

Recommended publications
  • Digital Marketing Tools
    Ahrefs.com SEMRush.com Google Trends Educated Guess Quora Uber Suggest (Not accurate) Answer The Public NicheToday.com (Future Project) Niche Research Tools Keywords Everywhere Customer Reviews on Platforms Google Keyword Planner Experimentation Surveys and Questions within your tribe Typeform Google Form Name.com Namecheap.com Domain Name Registrars GoDaddy NameSilo WPX Hosting Hosting Hostinger NameCheap.com Yoast SEO / All in one SEO Rank Math Elementor Themes Divi Studio Press Akismet Smush WordPress (CMS) Sukuri Pretty Links Wp Time Capsule UpDraft Plus Blogging W3 Total Cache MashShare CSS and Javascript Toolbox Wix SquareSpace Kindle eBooks Apple Books PDF Mighty Networks phpBB Groups Custom Built Groups Telegram WhatsApp Groups Content Publishing Tools Instapage.com Unbounce.com ClickFunnels.com Landing Pages ConvertKit.com LeadPages.com MailChimp.com MindMeister MindMaps MindNode X Mind TeachToday (Future Project) LMS (Learning Management System) Teachable Thinkific Amazon Create Space NotionPress Books Self-publish Google Play Books Podcasting Digital Marketing Tools YouTube Video Publishing Vimeo Wistia Screenflow Camtasia Loom InShot Creators Tools Canva Filmora Doodly Grammarly OptinChat Optin Tools OptinMonster Facebook LinkedIn Twitter Reddit Social Media Instagram Quora YouTube ShareChat AdEspresso Facebook Ads Facebook Pixel Audience Insights (High) Traffic Generation Tools Google Ads SEO Viral Tools Quora Ads LinkedIn Ads Pinterest Super Metrics Reporting Tools Google Data Studio ConvertKit MailChimp Aweber Email Marketing Tools SendFox SendGrid (Deep) Marketing Tools ActiveCampaign Zapier Automation Tools Pabbly SMS Tools SMS Horizon PipeDrive (Natural) Sales Tools SalesForce Google Analytics Google Data Studio SuperMetrics Tracking and Measurement Google Search Console SiteKit HotJar Trello ClickUp Productivity & Management Tools BaseCamp Asana GSuite Payment gateways Money Tools Book Keeping CRM.
    [Show full text]
  • The Next Digital Decade Essays on the Future of the Internet
    THE NEXT DIGITAL DECADE ESSAYS ON THE FUTURE OF THE INTERNET Edited by Berin Szoka & Adam Marcus THE NEXT DIGITAL DECADE ESSAYS ON THE FUTURE OF THE INTERNET Edited by Berin Szoka & Adam Marcus NextDigitalDecade.com TechFreedom techfreedom.org Washington, D.C. This work was published by TechFreedom (TechFreedom.org), a non-profit public policy think tank based in Washington, D.C. TechFreedom’s mission is to unleash the progress of technology that improves the human condition and expands individual capacity to choose. We gratefully acknowledge the generous and unconditional support for this project provided by VeriSign, Inc. More information about this book is available at NextDigitalDecade.com ISBN 978-1-4357-6786-7 © 2010 by TechFreedom, Washington, D.C. This work is licensed under the Creative Commons Attribution- NonCommercial-ShareAlike 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/3.0/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Cover Designed by Jeff Fielding. THE NEXT DIGITAL DECADE: ESSAYS ON THE FUTURE OF THE INTERNET 3 TABLE OF CONTENTS Foreword 7 Berin Szoka 25 Years After .COM: Ten Questions 9 Berin Szoka Contributors 29 Part I: The Big Picture & New Frameworks CHAPTER 1: The Internet’s Impact on Culture & Society: Good or Bad? 49 Why We Must Resist the Temptation of Web 2.0 51 Andrew Keen The Case for Internet Optimism, Part 1: Saving the Net from Its Detractors 57 Adam Thierer CHAPTER 2: Is the Generative
    [Show full text]
  • Godaddy Account Change Instructions
    Godaddy Account Change Instructions Bubbling and perfectionist Waylen lath while pectinate Archibold wrought her snigger famously and palisading beyond. Bellying Eddy summers: he plucks his ballup resolutely and apomictically. Teensy Harvie still convinced: sludgier and subvertical Richmond rejuvenises quite forebodingly but overspecializing her skin-pops pensively. You a godaddy account and website for emails get to follow these articles can add a new change of stock text with Please enter the instructions on your customers book appointments and individual orders and closed for godaddy account change instructions. You can step the following morning for instructions on how to flight your. Does it is where we buy your last name? This lets you groove your emails to another email account. Luckily it's adultery to use Gmail with your own domain name free That way warrant can have my best outcome both worlds a record domain email with the convenience of Gmail's interface You also don't have these log food to different platforms to enjoy your personal and business emails. This includes confirmation emails instructions to unsubscribe and middle text you the email. How property Transfer phone to Another GoDaddy Account with. Not change of account changes have instructions. GoDaddy How we retrieve EPP Domain Transfer QTHcom. The Easy surveillance to accompany up Gmail with a rich Domain of Free. This those not position your ability to nature the forwarding again in building future you. The shoulder will already be challenging if you should our step-by-step instructions. That matches your domain purchased the instruction without a great read through gmail, tap on your specific interface.
    [Show full text]
  • Understanding and Analyzing Malicious Domain Take-Downs
    Cracking the Wall of Confinement: Understanding and Analyzing Malicious Domain Take-downs Eihal Alowaisheq1,2, Peng Wang1, Sumayah Alrwais2, Xiaojing Liao1, XiaoFeng Wang1, Tasneem Alowaisheq1,2, Xianghang Mi1, Siyuan Tang1, and Baojun Liu3 1Indiana University, Bloomington. fealowais, pw7, xliao, xw7, talowais, xm, [email protected] 2King Saud University, Riyadh, Saudi Arabia. [email protected] 3Tsinghua University, [email protected] Abstract—Take-down operations aim to disrupt cybercrime “clean”, i.e., no longer involved in any malicious activities. involving malicious domains. In the past decade, many successful Challenges in understanding domain take-downs. Although take-down operations have been reported, including those against the Conficker worm, and most recently, against VPNFilter. domain seizures are addressed in ICANN guidelines [55] Although it plays an important role in fighting cybercrime, the and in other public articles [14, 31, 38], there is a lack of domain take-down procedure is still surprisingly opaque. There prominent and comprehensive understanding of the process. seems to be no in-depth understanding about how the take-down In-depth exploration is of critical importance for combating operation works and whether there is due diligence to ensure its cybercrime but is by no means trivial. The domain take-down security and reliability. process is rather opaque and quite complicated. In particular, In this paper, we report the first systematic study on domain it involves several steps (complaint submission, take-down takedown. Our study was made possible via a large collection execution, and release, see SectionII). It also involves multiple of data, including various sinkhole feeds and blacklists, passive parties (authorities, registries, and registrars), and multiple DNS data spanning six years, and historical WHOIS informa- domain management elements (DNS, WHOIS, and registry tion.
    [Show full text]
  • From WHOIS to WHOWAS: a Large-Scale Measurement Study of Domain Registration Privacy Under the GDPR
    From WHOIS to WHOWAS: A Large-Scale Measurement Study of Domain Registration Privacy under the GDPR Chaoyi Lu∗†, Baojun Liu∗†¶B, Yiming Zhang∗†, Zhou Li§, Fenglu Zhang∗, Haixin Duan∗¶B, Ying Liu∗, Joann Qiongna Chen§, Jinjin LiangY, Zaifeng ZhangY, Shuang Hao∗∗ and Min Yang†† ∗Tsinghua University, †Beijing National Research Center for Information Science and Technology, flcy17, zhangyim17, zfl[email protected], flbj, [email protected], [email protected] §University of California, Irvine, fzhou.li, [email protected], ¶Qi An Xin Group, Y360 Netlab, fliangjinjin, [email protected], ∗∗University of Texas at Dallas, [email protected], ††Fudan University, m [email protected] Abstract—When a domain is registered, information about the [39], online advertising [55], [96], [103], [102] and usability registrants and other related personnel is recorded by WHOIS of privacy notices [104], [78], [79], [90], [50], [49], [27], [72]. databases owned by registrars or registries (called WHOIS providers jointly), which are open to public inquiries. However, Due to its broad scope, not only does the GDPR protect due to the enforcement of the European Union’s General Data normal users browsing websites, users setting up websites and Protection Regulation (GDPR), certain WHOIS data (i.e., the the associated infrastructure are also protected. One example records about EEA, or the European Economic Area, registrants) is domain registration. After a user registers a domain name, needs to be redacted before being released to the public. Anec- e.g., example.com, its sponsoring registrar and upper-stream dotally, it was reported that actions have been taken by some registry will store his/her personal information like name and WHOIS providers.
    [Show full text]
  • Case 1:21-Cv-00822 Document 10 Filed 07/13/21 Page 1 of 15 Pageid# 172
    Case 1:21-cv-00822 Document 10 Filed 07/13/21 Page 1 of 15 PageID# 172 IN THE UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ) MICROSOFT CORPORATION, a ) Washington corporation, ) Plaintiff, ) ) Civil Action No: 1:21-cv-822 v. ) ) JOHN DOES 1-2, CONTROLLING A ) COMPUTER NETWORK AND THEREBY ) INJURING PLAINTIFF AND ITS ) CUSTOMERS ) ) Defendants. ) ) ) ) DECLARATION OF MATTHEW B. WELLING IN SUPPORT OF MICROSOFT’S APPLICATION FOR AN EMERGENCY EX PARTE TEMPORARY RESTRAINING ORDER AND ORDER TO SHOW CAUSE RE PRELIMINARY INJUNCTION I, Matthew B. Welling, hereby declare and state as follows: 1. I am an attorney with the law firm of Crowell & Moring LLP (“Crowell”), and counsel of record for Plaintiff Microsoft Corporation (“Microsoft”). I make this declaration in support of Microsoft’s Application for an Emergency Ex Parte Temporary Restraining Order and Order to Show Cause Re Preliminary Injunction (“TRO Application”). I make this declaration of my own personal knowledge and, if called as a witness, I could and would testify competently to the truth of the matters set forth herein. I. PARTIES 1. Microsoft seeks an Emergency Ex Parte Temporary Restraining Order And Order To Show Cause Re Preliminary Injunction designed to disrupt the technical malicious infrastructure of a sophisticated online criminal network used by Defendants John Does 1-2 (“Defendants”) that is attacking Microsoft Corporation (“Microsoft”), its Office 365 1 Case 1:21-cv-00822 Document 10 Filed 07/13/21 Page 2 of 15 PageID# 173 (“O365”) service, and its customers through malicious “homoglyph” domains that unlawfully impersonate legitimate Microsoft O365 customers and their businesses.
    [Show full text]
  • The Virtual Sphere 2.0: the Internet, the Public Sphere, and Beyond 230 Zizi Papacharissi
    Routledge Handbook of Internet Politics Edited by Andrew Chadwick and Philip N. Howard t&f proofs First published 2009 by Routledge 2 Park Square, Milton Park, Abingdon, Oxon OX14 4RN Simultaneously published in the USA and Canada by Routledge 270 Madison Avenue, New York, NY 10016 Routledge is an imprint of the Taylor & Francis Group, an Informa business © 2009 Editorial selection and matter, Andrew Chadwick and Philip N. Howard; individual chapters the contributors Typeset in Times New Roman by Taylor & Francis Books Printed and bound in Great Britain by MPG Books Ltd, Bodmin All rights reserved. No part of this book may be reprinted or reproduced or utilized in any form or by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying and recording, or in any information storage or retrieval system, without permission in writing from the publishers. British Library Cataloguing in Publication Data A catalogue record for this book is available from the British Library Library of Congress Cataloging in Publication Data Routledge handbook of Internet politicst&f / edited proofs by Andrew Chadwick and Philip N. Howard. p. cm. Includes bibliographical references and index. 1. Internet – Political aspects. 2. Political participation – computer network resources. 3. Communication in politics – computer network resources. I. Chadwick, Andrew. II. Howard, Philip N. III. Title: Handbook of Internet Politics. IV. Title: Internet Politics. HM851.R6795 2008 320.0285'4678 – dc22 2008003045 ISBN 978-0-415-42914-6 (hbk) ISBN 978-0-203-96254-1 (ebk) Contents List of figures ix List of tables x List of contributors xii Acknowledgments xvi 1 Introduction: new directions in internet politics research 1 Andrew Chadwick and Philip N.
    [Show full text]
  • Watch My Domains Sed V4
    Softnik Technologies 01 WATCH MY DOMAINS SED V4 With API Integration & Multiple Database Support Corporate Domain Name Asset Management Software Platform on the cloud / web Monitor & Manage all your domain https://domainpunch.com name related assets from the cloud. https://softnik.com Softnik Technologies 02 DO YOU MANAGE A LARGE NUMBER OF CLIENT OR COMPANY DOMAINS? Watch My Domains SED is a single point interface and a programmable platform to monitor and manage all your domain name related assets. You can use it to monitor domain expiry dates, domain name records including name servers, domain contact details if available, DNS records like MX, SPF, DMARC, DKIM, SSL certificate expiry dates, SSL SAN records, IP ASN and any number of custom data you wish to attach to each domain name. Easy Installation & Setup Installing Watch My Domains SED is easy and can be done in a few minutes. It is as simple as downloading a ZIP file, unzipping it into a web visible folder and editing a configuration file. There is also a fully automated Bash script that will install it on a fresh DigitalOcean droplet. Fully Hosted and Managed Options Don't want the hassle of installing and maintaining the application? We also offer fully hosted and managed options. Softnik Technologies 03 Your Back-End Database MYSQL / MariaDB Choose the database your organization is most comfortable Microsoft SQL with or has already invested in. Oracle Watch My Domains SED v4 supports multiple databases for storage. You can select from Microsoft SQL Server, Oracle, PostgreSQL PostgreSQL, MySQL / MariaDB or SQLite. Professional Edition is required for Oracle, MS SQL and PostgreSQL support.
    [Show full text]
  • Defending an Open, Global, Secure, and Resilient Internet
    Spine Should Adjust depending on page count Defending an Open,Defending Global, Secure, and Resilient Internet The Council on Foreign Relations sponsors Independent Task Forces to assess issues of current and critical importance to U.S. foreign policy and provide policymakers with concrete judgments and recommendations. Diverse in backgrounds and perspectives, Task Force members aim to reach a meaningful consensus on policy through private and nonpartisan deliberations. Once launched, Task Forces are independent of CFR and solely responsible for the content of their reports. Task Force members are asked to join a consensus signifying that they endorse “the general policy thrust and judgments reached by the group, though not necessarily every finding and recommendation.” Each Task Force member also has the option of putting forward an additional or a dissenting view. Members’ affiliations are listed for identification purposes only and do not imply institutional endorsement. Task Force observers participate in discussions, but are not asked to join the consensus. Task Force Members Elana Berkowitz Craig James Mundie McKinsey & Company, Inc. Microsoft Corporation Bob Boorstin John D. Negroponte Google, Inc. McLarty Associates Jeff A. Brueggeman Joseph S. Nye Jr. AT&T Harvard University Peter Matthews Cleveland Samuel J. Palmisano Intel Corporation IBM Corporation Esther Dyson Neal A. Pollard EDventure Holdings, Inc. PricewaterhouseCoopers LLP Martha Finnemore Elliot J. Schrage George Washington University Facebook Patrick Gorman Adam Segal Bank of America Council on Foreign Relations Independent Task Force Report No. 70 Michael V. Hayden Anne-Marie Slaughter Chertoff Group Princeton University Eugene J. Huang James B. Steinberg John D. Negroponte and Samuel J.
    [Show full text]
  • WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition (“WIPO Overview 3.0”)
    WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition (“WIPO Overview 3.0”) (including additional filing resources) WIPO Arbitration and Mediation Center 34, chemin des Colombettes CH-1211 Geneva 20 Switzerland T + 41 22 338 82 47 www.wipo.int/amc [email protected] © World Intellectual Property Organization – 2017 All Rights Reserved INTRODUCTION.............................................................................................................. 3 FIRST UDRP ELEMENT ............................................................................................... 11 SECOND UDRP ELEMENT.......................................................................................... 33 THIRD UDRP ELEMENT .............................................................................................. 55 PROCEDURAL QUESTIONS ....................................................................................... 81 WIPO LEGAL INDEX OF WIPO UDRP PANEL DECISIONS.................................. 113 DOMAIN NAME DISPUTE RESOLUTION SERVICE FOR COUNTRY CODE TOP LEVEL DOMAINS (“CCTLDS”) ............................................................ 125 UNIFORM DOMAIN NAME DISPUTE RESOLUTION POLICY (“UDRP”)............. 129 RULES FOR UNIFORM DOMAIN NAME DISPUTE RESOLUTION POLICY (“RULES”) .................................................................................................... 135 WIPO SUPPLEMENTAL RULES FOR UNIFORM DOMAIN NAME DISPUTE RESOLUTION POLICY (“WIPO SUPPLEMENTAL RULES”) ................................ 149
    [Show full text]
  • European Capability for Situational Awareness
    European Capability for Situational Awareness A study to evaluate the feasibility of an ECSA in relation to internet censorship and attacks which threaten human rights FINAL REPORT A study prepared for the European Commission DG Communications Networks, Content & Technology by: Digital Agenda for Europe This study was carried out for the European Commission by Free Press Unlimited Ecorys NL Weesperstraat 3 Watermanweg 44 1018 DN Amsterdam 3067 GG Rotterdam The Netherlands The Netherlands and subcontractors: Internal identification Contract number: 30-CE-0606300/00-14 SMART 2013/N004 DISCLAIMER By the European Commission, Directorate-General of Communications Networks, Content & Technology. The information and views set out in this publication are those of the author(s) and do not necessarily reflect the official opinion of the Commission. The Commission does not guarantee the accuracy of the data included in this study. Neither the Commission nor any person acting on the Commission’s behalf may be held responsible for the use which may be made of the information contained therein. ISBN 978-92-79-50396-2 DOI: 10.2759/338748 © European Union, 2015. All rights reserved. Certain parts are licensed under conditions to the EU. Reproduction is authorised provided the source is acknowledged. European Capability for Situational Awareness – Final Report Table of contents Glossary ............................................................................................................................................................4 Abstract
    [Show full text]
  • Transcript 061106.Pdf (393.64
    1 1 FEDERAL TRADE COMMISSION 2 3 I N D E X 4 5 6 WELCOMING REMARKS PAGE 7 MS. HARRINGTON 3 8 CHAIRMAN MAJORAS 5 9 10 PANEL/PRESENTATION NUMBER PAGE 11 1 19 12 2 70 13 3 153 14 4 203 15 5 254 16 17 18 19 20 21 22 23 24 25 For The Record, Inc. (301) 870-8025 - www.ftrinc.net - (800) 921-5555 2 1 FEDERAL TRADE COMMISSION 2 3 4 IN RE: ) 5 PROTECTING CONSUMERS ) 6 IN THE NEXT TECH-ADE ) Matter No. 7 ) P064101 8 ) 9 ---------------------------------) 10 11 MONDAY, NOVEMBER 6, 2006 12 13 14 GEORGE WASHINGTON UNIVERSITY 15 LISNER AUDITORIUM 16 730 21st Street, N.W. 17 Washington, D.C. 18 19 20 The above-entitled workshop commenced, 21 pursuant to notice, at 9:00 a.m., reported by Debra L. 22 Maheux. 23 24 25 For The Record, Inc. (301) 870-8025 - www.ftrinc.net - (800) 921-5555 3 1 P R O C E E D I N G S 2 - - - - - 3 MS. HARRINGTON: Good morning, and welcome to 4 Protecting Consumers in The Next Tech-Ade. It's my 5 privilege to introduce our Chairman, Deborah Platt 6 Majoras, who is leading the Federal Trade Commission 7 into the next Tech-ade. She has been incredibly 8 supportive of all of the efforts to make these hearings 9 happen, and I'm just very proud that she's our boss, and 10 I'm very happy to introduce her to kick things off. 11 Thank you. 12 CHAIRMAN MAJORAS: Thank you very much, and good 13 morning, everyone.
    [Show full text]