Artificial Intelligence and Machine Learning in DNS Security: Advanced DNS Abuse Threat Detection & Mitigation
Article publication date: 21 June 2024.
Last week, the CleanDNS team attended the ICANN80 Policy forum in Kigali, Rwanda. During the Security and Stability Advisory Council (SSAC) meeting on Tuesday the 11th of June, CleanDNS CEO Jeffrey Bedser chaired a panel discussion on the use of machine learning and artificial intelligence in DNS abuse detection and mitigation. CleanDNS Director of Governmental Engagement & Internet Abuse Mitigation, Chris Lewis-Evans discussed how CleanDNS utilizes machine learning (ML) to support our ability to fully evidence abuse reports at a large scale.
CleanDNS has an evidence-based approach to abuse mitigation, meaning we highly encourage reports to be submitted with evidence such as screenshots of abuse, malware hashes, email headers, third-party verification sites, and code. However, out of the multitude of abuse reports CleanDNS, receives many of them are submitted without the proper evidence. In these cases, CleanDNS is able to use ML to extract the evidence and identify areas in which an extra screenshot is needed, as well as determine the geolocation of the viable screenshot, or spot DGA patterns for potential abuse, and provide further pivot points.
CleanDNS currently uses ML to validate and analyze a portion of the nearly 1.5 million abuse reports we receive per month. This use of ML in our platform is vital in validating abuse reports at a large scale, as well as producing recommended courses of action and categorizing abuse types, all while in keeping with our evidence-based approach. In addition, the use of ML allows us to protect our analysts in abuse verification with the ability to blur violent images in submitted reports.
The SSAC session at ICANN80 covered a wide range of areas on Advanced DNS Abuse Threat Detection & Mitigation, featuring presentations by industry leaders, and a look into the current landscape of AI and ML in DNS Security, as well as the future research and possibilities.
The CleanDNS team was thrilled to both chair and present in this presentation, and we look forward to the continuing research on the topic AI and ML in DNS security. The full session recording can be viewed here.
Join us in Cleaning Up the Internet for Good!