The Domain Name System (DNS) is one of the fundamental protocols of the Internet infrastructure. Each machine on the Internet is reached via its Internet Protocol (IP) address, but this numerical address is unreadable for humans. Domain names were invented to help a human-readable identification of Internet resources. Domain names constitute the basis of web browsing and email, the most important applications on the Internet. But nowadays there is a substantial speculative market to register appealing new domain names or obtaining easy-to-remember domain names that expire. The ease of registration is also inviting miscreants to abuse the system. Because the price of registering a domain is extremely low and domain registrars loosely regulated, miscreants can register domain names in bulk. Experts suspect that most of the new domain names are malicious, but no evidence supports this claim. Our research aims at summarizing the few already existing studies in a general framework and also to extend them beyond their scope. We are interested in the generic categorization of domain registrations not neglecting the potential for abuse.
We aim at understanding the essence of current domain registration practices. We will develop the methodology and design solutions to categorize domain name registrations for various purposes. To achieve this goal, we will make use of various tools as well as a categorization framework supported by machine learning techniques. The major objective is to separate legitimate and malicious intentions and the design of a proactive prediction system that could support current security defense systems.