February 13, 2024

Measuring the Impact of the ICANN DNS Abuse Amendments


On January 21, 2024, the ICANN Board approved new contractual obligations for registries and registrars related to DNS Abuse. This is a tremendous achievement, and ICANN, the participating registries and registrars, and the ICANN community deserve recognition for this work. While these amendments are not yet active, we’ve heard considerable discussion about how we, the community of people interested in DNS Abuse, can assess their effectiveness. 

Understanding the impact of the amendments on both the rates of DNS Abuse, as well as to the industry itself, is crucial for continuing to move forward. The amendments were intended as the first step within the ICANN community to reduce DNS Abuse. As a next step, it is crucial that we focus on the right metrics to determine what problems remain to be solved after the  implementation of these amendments and to help inform possible solutions. 

The NetBeacon Institute is well-positioned and deeply committed to helping the community move forward on the issue. Nearly two years ago we launched NetBeacon Measurement and Analytics  Platform (MAP) (formerly DNSAI:Compass)  to measure abuse across the domain name system with an academically robust and transparent methodology.  

The NetBeacon Institute, with our partner KOR Labs, has been collecting important data since May 2022 that will be crucial to measuring the impact of the amendments. Some of this information is already shared in our public monthly reporting, including overall trends in rates of malware and phishing, median times to mitigation, and overall mitigation rates. We also hold additional data that we intend to provide to the community over the coming months. 

Over time, we will seek to help answer a number of key questions compared to our pre-amendment baseline data:

  • How are rates of DNS Abuse changing, and are they different from before the amendment?
  • Are DNS Abuse concentration rates changing (e.g., between different registrars, from gTLDs to ccTLDs, and others)?
  • How are abuse mitigation rates changing for maliciously registered domain names?
  • Is the amount of time for abuse to be mitigated changing? 
  • Are the rates of malicious registrations vs. compromised websites changing?

Over the next few months, we will be adding more details to our existing reporting, and will provide our analysis on the changes to the data that have emerged which could indicate the impact of the amendments. 

In the meantime, please see our existing NetBeacon MAP reporting and explore our methodology. Compass currently publishes observed aggregate data on the trends of phishing and malware over time, as well as the mitigation rates, median registrar mitigation time and registration type (malicious or compromised). Registries and registrars are able to access data specific to their zones in the form of a freely provided NetBeacon MAP: Dashboards

You can also read our lists of registrars and TLDs with the highest and lowest relative rates of malicious domain name registration in their Domains Under Management or new registrations in our NetBeacon MAP: Monthly Analysis reports. 

Latest News

Read about the latest news and research concerning DNS Abuse.