Article

CleanDNS Snapshots: ICANN81 General Meeting

ICANN81 SSAC and GAC Joint Session Discussion on DNS Abuse Amendments

Article publication date: 27 November 2024.

Earlier this month the CleanDNS team attended the ICANN81 Annual General Meeting in Istanbul, Turkey. During the Security and Stability Advisory Council (SSAC) and Governmental Advisory Committee (GAC) joint session, CleanDNS CEO Jeff Bedser contributed to a panel presentation on aspects of DNS abuse mitigation in the industry. The panel discussion covered a range of topics on progress made, lessons learned, and continuing impact of the DNS abuse amendments which went live in April of 2024.

Jeff Bedser, who is part of SSAC Leadership, presented on The Impact of the (New) DNS Abuse Amendments. As noted by another participant of the panel, CleanDNS has the unique ability to gain a broad view of DNS abuse trends industry-wide. With this birds-eye view, CleanDNS provided an overview of the increased mitigation efforts and the fluctuation of reporting since the amendments went into effect. Using data comparison of the broad volumes of DNS abuse to demonstrate this perspective, Bedser discussed the increase in volume of reports since the amendments went live 7 months prior. Since the DNS abuse amendments, the volume of reports CleanDNS receives has increased by around 16% monthly, with the total number of reports received in the hundreds of thousands. Additionally, CleanDNS has observed an increase in reports received for parties that have been historically non-compliant with abuse mitigation efforts, and/or have received formal notice from ICANN itself.

The presentation also emphasized the need for measurement of additional datapoints to look further beneath the surface than sheer volume of reports. These additional datapoints include:

  • Number of reports that were evidenced adequately for mitigation/action
    • While knowing the total number of reports received is necessary, understanding the actionable evidence levels of those reports is even more vital in gaining a broader context—and disrupting the harms.
  • Length of time the harm was active (from delegation, to detection/report, to mitigation/action)
    • This number is specifically important because the shorter the lifecycle of the harm, the fewer the victims. The current mean for this lifecycle is around 48hours. With advanced techniques and evidencing approaches, CleanDNS believes that the report/validate/mitigate time could be significantly cut to reduce victimization.
  • Investigate how effective the mitigation was at reducing overall volume of abuse, and/or behavior of bad actors responsible for the abuse
  • Learn what is necessary and involved in getting a ‘non-compliant’ party to move into compliance on abuse mitigation and management

As a whole, the discussion emphasized the importance of understanding how the amendments are changing behaviors and thus changing victimization through DNS abuse. When discussing DNS abuse mitigation efforts, it is essential to consider the bigger picture, in particular how these efforts have affected systemic versus specific abuse cases.

The SSAC session at ICANN81 covered a wide range of areas on DNS abuse mitigation and management, featuring presentations by industry leaders and a look to the future of online harm management and a continued commitment to best practices and progress. The CleanDNS team was thrilled to take part in the joint discussion between SSAC and the GAC, and we look forward to the continuing work on the topic.

Read more:

ICANN81 Session: Joint Meeting GAC and SSAC

The Evolution of DNS Abuse and Online Harm Mitigation: Emphasizing Evidence Over Inference

Facilitating Compliance with New DNS Abuse Amendments