An investigation into the legal status of internet domain names

Al Ramahi, Mohammad

January 2014

The thesis takes as its central object and problematic the contentious status of domain names in global and domestic legal systems. It considers the manner in which advances in technology have blurred the legal rights between domain names and the existing laws of trademark, contract, copyright and property. As it stands, domain names are presented as a secondary right attached to other legal rights such as trademark or contract law, rather than as a new form, or species, of intellectual property. And yet, domain names represent a valuable, distinct and scarce commodity, which, in so far as they are capable of exclusive and excludable use, control and “ownership”, exhibit regularities common to forms of property. This thesis seeks to justify the application of legal frameworks with respect to domain name registration and use to prepare the way for a discussion of the highly qualified recognition of domain names as legal property in United States courts and, to some extent, by arbitral tribunals acting under the Internet Corporation for Assigned Names and Numbers ICANN mandated Uniform Dispute Resolution Mechanism. By means of a detailed exploration of the legal and practical challenges accompanying the meteoric rise of Internet technology and commerce, the thesis intends to clarify the fundamental reasons for some of the current controversies. The thesis proceeds, in a first step, to identify several “gaps” in the current framework of domain name regulation, drawing the readers’ attention to the, arguably, flawed treatment of the legal issue surrounding domain name use, control and ownership by courts and tribunals against the background of the accelerating monetisation and commoditisation of domain names. In capsule, this thesis aims to conduct a review into existing scholarship and case law on trademarks and domain names, in addition to contract and property law. It focuses on the associated legal frameworks for each, supported by cases that demonstrate their legal standing as a newly emergent property-based right. Moreover, the thesis sets these reflections against a broader discussion of doctrinal developments in the area of trademark law, the emerging role of ICANN as a custodian of the technical domain name allocation functions; the origins and theory behind the concept of property as distinct from the law of contract and, finally, the relevance of property rights to the legal standing of domain names. The thesis concludes by arguing that domain names should be treated as expressions of contract and property law, and that the relationship between domain names and trademark law be critically assessed and not confused. Further, it is argued that courts should take account of this duality towards the development of a revised framework for the regulation and adjudication of domain name assignment and use. A movement in this direction would stabilise expectations around the rights owed to, and by, domain name “owners”, alleviating the uncertainty that remains as to their status under law, while reducing the scope for dispute. By taking these issues one by one, this thesis aspires to make a small but important critical contribution to the intellectual and political debate on the future development and enforcement of domain name law.

346.04

Anti-phishing system : Detecting phishing e-mail

Mei, Yuanxun

January 2008

Because of the development of the Internet and the rapid increase of the electronic commercial, the incidents on stealing the consumers' personal identify data and financial account credentials are becoming more and more common. This phenomenon is called phishing. Now phishing is so popular that web sites such as papal , eBay, MSN, Best Buy, and America Online are frequently spoofed by phishers. What’s more, the amount of the phishing sites is increasing at a high rate. The aim of the report is to analyze different phishing phenomenon and help the readers to identify phishing attempts. Another goal is to design an anti-phishing system which can detect the phishing e-mails and then perform some operations to protect the users. Since this is a big project, I will focus on the mail detecting part that is to analyze the detected phishing emails and extract details from these mails. A list of the most important information of this phishing mail is extracted, which contains “mail subject”, “ mail received date”, “targeted user”, “the links”, and “expiration and creation date of the domain”. The system can presently extract this information from 40% of analyzed e-mails.

Phishing

Anti-phishing

Pharming

Email

Domain name

Computer Sciences

Datavetenskap (datalogi)

Internetová nehmotná aktiva: Typologie doménových jmen a souvisejících nehmotných statků pro účely ocenění / Internet intangible assets: the typology of domain names and related intangible assets for valuation purposes

Karolová, Michaela

January 2013

Diploma thesis focuses on the analysis of the functions of domain names by the methods of website monetization. The individual types of domain names are associated with the effects resulting from the domain operation and other intangible assets that usually cooperate with the domain as a whole. Conclusions of the thesis are demonstrated in the analysis of intangible assets of the company ADSL s.r.o.

Nasazení DNSSEC na klientské straně / Client side DNSSEC deployment

Nekuža, Karel

January 2018

Diplomová práce se zabývá problémem přístupu koncového uživatele k odpovědím ověřeným pomocí protokolu DNSSEC. Práce posuzuje možnosti nasazení a nastavování resolveru za účelem zlepšení bezpečnosti pro koncové uživatele. V práci je navrhnuto řešení problému pro operační systém Fedora Workstation. Navrhnuté řešení je realizováno a porovnáno s již existujícím řesením.

Die Ressource IP-Adresse

Richter, Frank

02 July 2003

Workshop Mensch-Computer-Vernetzung Vergabe der IP-Adressen

info:eu-repo/classification/ddc/004

ddc:004

Domain-Name

IP-Adress-Vergabe

Attacking and securing Network Time Protocol

Malhotra, Aanchal

14 February 2020

Network Time Protocol (NTP) is used to synchronize time between computer systems communicating over unreliable, variable-latency, and untrusted network paths. Time is critical for many applications; in particular it is heavily utilized by cryptographic protocols. Despite its importance, the community still lacks visibility into the robustness of the NTP ecosystem itself, the integrity of the timing information transmitted by NTP, and the impact that any error in NTP might have upon the security of other protocols that rely on timing information. In this thesis, we seek to accomplish the following broad goals: 1. Demonstrate that the current design presents a security risk, by showing that network attackers can exploit NTP and then use it to attack other core Internet protocols that rely on time. 2. Improve NTP to make it more robust, and rigorously analyze the security of the improved protocol. 3. Establish formal and precise security requirements that should be satisfied by a network time-synchronization protocol, and prove that these are sufficient for the security of other protocols that rely on time. We take the following approach to achieve our goals incrementally. 1. We begin by (a) scrutinizing NTP's core protocol (RFC 5905) and (b) statically analyzing code of its reference implementation to identify vulnerabilities in protocol design, ambiguities in specifications, and flaws in reference implementations. We then leverage these observations to show several off- and on-path denial-of-service and time-shifting attacks on NTP clients. We then show cache-flushing and cache-sticking attacks on DNS(SEC) that leverage NTP. We quantify the attack surface using Internet measurements, and suggest simple countermeasures that can improve the security of NTP and DNS(SEC). 2. Next we move beyond identifying attacks and leverage ideas from Universal Composability (UC) security framework to develop a cryptographic model for attacks on NTP's datagram protocol. We use this model to prove the security of a new backwards-compatible protocol that correctly synchronizes time in the face of both off- and on-path network attackers. 3. Next, we propose general security notions for network time-synchronization protocols within the UC framework and formulate ideal functionalities that capture a number of prevalent forms of time measurement within existing systems. We show how they can be realized by real-world protocols (including but not limited to NTP), and how they can be used to assert security of time-reliant applications-specifically, cryptographic certificates with revocation and expiration times. Our security framework allows for a clear and modular treatment of the use of time in security-sensitive systems. Our work makes the core NTP protocol and its implementations more robust and secure, thus improving the security of applications and protocols that rely on time.

Computer science

Cryptography

Domain name system (DNS)

Network attacks

Network protocols

Network Time Protocol

Security

The Onion Name System: Tor-Powered Distributed DNS for Tor Hidden Services

Victors, Jesse

01 May 2015

Tor hidden services are anonymous servers of unknown location and ownership who can be accessed through any Tor-enabled web browser. They have gained popularity over the years, but still suer from major usability challenges due to their cryptographicallygenerated non-memorable addresses. In response to this difficulty, in this work we introduce the Onion Name System (OnioNS), a privacy-enhanced distributed DNS that allows users to reference a hidden service by a meaningful globally-unique veriable domain name chosen by the hidden service operator. We introduce a new distributed self-healing public ledger and construct OnioNS as an optional backwards-compatible plugin for Tor on top of existing hidden service infrastructure. We simplify our design and threat model by embedding OnioNS within the Tor network and provide mechanisms for authenticated denial-of-existence with minimal networking costs. Our reference implementation demonstrates that OnioNS successfully addresses the major usability issue that has been with Tor hidden services since their introduction in 2002.

Tor-enabled web browser

privacy-enhanced distributed DNS

globally-unique verifiable domain name

Computer Sciences

The DNS Bake Sale: Advertising DNS Cookie Support for DDoS Protection

Davis, Jacob

02 April 2021

The Domain Name System (DNS) has been frequently abused for Distributed Denial of Service (DDoS) attacks and cache poisoning because it relies on the User Datagram Protocol (UDP). Since UDP is connection-less, it is trivial for an attacker to spoof the source of a DNS query or response. DNS Cookies, a protocol standardized in 2016, add pseudo-random values to DNS packets to provide identity management and prevent spoofing attacks. This work finds that 30% of popular authoritative servers and open recursive resolvers fully support cookies and that 10% of recursive clients send cookies. Despite this, DNS cookie use is rarely enforced as it is non-trivial to ascertain whether a given client intends to fully support cookies. We also show that 80% of clients and 99% of servers do not change their behavior when encountering a missing or illegitimate cookie. This paper presents a new protocol to allow cookie enforcement: DNS Protocol Advertisement Records (DPAR). Advertisement records allow DNS clients intending to use cookies to post a public record in the reverse DNS zone stating their intent. DNS servers may then lookup this record and require a client to use cookies as directed, in turn preventing an attacker from sending spoofed messages without a cookie. In this paper, we define the specification for DNS Protocol Advertisement Records, considerations that were made, and comparisons to alternative approaches. We additionally estimate the effectiveness of advertisements in preventing DDoS attacks and the expected burden to DNS servers. Advertisement records are designed as the next step to strengthen the existing support of DNS Cookies by enabling strict enforcement of client cookies.

Domain Name System

DNS Cookies

Internet Measurement

Cybersecurity

Internet Protocols

Physical Sciences and Mathematics

Improving internet usability - a framework for domain name policy evaluation.

Rowe, Joshua Luke, josh@email.nu

January 2009

A domain name is a unique alphanumeric designation that facilitates reference to sets of numbers which actually locate a particular computer on the Internet. Domain names are a fundamental part of the Internet's user interface. Improving the usability of the Internet depends upon effective domain name policy. This study is intended to contribute to improvement in Internet usability for the end users of domain names. Benefits of more usable domain names include: higher sales, customer satisfaction and productivity, and reduced support costs. Domain name policies worldwide vary considerably. Consequently, end users are inconvenienced by contradictory domain name policies, diminishing the predictability of an entity's domain name, and thus decreasing usability for end users. The study objective was to develop criteria with which policy makers can evaluate their domain name policies, in order to improve the usability of domain names for end users. The main research question posed was: What are the criteria for an effective domain name policy? The research methodology included a literature review, domain name policy examination and an ethnographic narrative. The literature review found existing research examining either domain names or usability in isolation. However, research examining the intersection of the two is scarce. The existing research describes domain names as part of the web user interface. In practical terms, this is about how people use domain names to access web sites, email addresses and other Internet resources. It was established that the predictability (and thus usability) of domain names relies on effective domain name policy. The non-standardised and widely delegated process of domain name policy development leads to unpredictable and inconsistent domain names. The narrative recollection presented the researcher's inside perspective on the domain name industry, with a focus on domain name usability. The researcher provided first-hand insights into the evolution of the industry and policy development process, from Australian and international perspectives. To address the problem of poor domain name usability, a framework for domain name policy evaluation is proposed. The framework extends the current research that treats domain names as a user interface by proposing criteria which address usability concerns. The framework allows policy makers to critically assess domain name policies with end users in mind. Examples of the criteria include: understanding who are its intended and untended users, and whether it's consistent with other domain names. The framework has the potential to set an international standard for the critical evaluation of domain name policy, and become the basis for further research. This study was developed from the researcher's perspective as a participant in the domain name industry. A secondary lens regarding the usability of domain names was then applied. This study has only scraped the surface in terms of how the research fields of domain names and usability may be considered together. The research methodology for this study was primarily qualitative and interpretive. A quantitative study of domain name policies globally could provide further insight into areas including: the differences in second level country code domain names, and language implications of domain names.

Domain name usability

domain names

usability

Internet governanance

Internet politics

Internet economics

electronic identifiers

telecommunications

Internet standards

domain name policy

intellectual property

trademarks

Internet security

Internet privacy

web site design

web site usability

human-computer interaction

online marketing

online brands.

Ocenění doménového jména/internetového portálu / Valuation of domain name/internet portal

Kratochvíl, Petr

January 2010

The aim of the thesis is valuation of the domain name heureka.cz on the date 1.7.2010. The thesis consists of strategic analysis, financial analysis, analysis and prognosis of generators of value and financial plan. The value of the domain name is determined by the excess earnings method and as additional method is used residual method based on DCF equity and market coparison.