LOS ANGELES – The Internet Corporation for Assigned Names and Numbers (ICANN) announced in a press release that country code top-level domain (ccTLD) operators will now be able to actively participate in the Domain Abuse Activity Reporting (DAAR) system.
ICANN's DAAR system is used to study and report on domain name registration and security threat behavior across top-level domain (TLD) registries. The data is obtained from a curated list of Domain Name System (DNS) reputation providers.
Now, ccTLD operators can pull their own aggregated DAAR data via the Monitoring System Application Programing Interface (MoSAPI). The MoSAPI interface allows registry operators to retrieve information collected by the ICANN Service Level Agreement Monitoring (SLAM) system. While ccTLD operators will not be subject to the SLAs the SLAM system monitors, using MoSAPI will allow a consistent interface for all registries participating in DAAR. The aggregated data counts security threats broken down by threat type (e.g., phishing, botnet command and control, malware distribution, and spam) per TLD. These data sets will be similar to those of the generic top-level domains (gTLDs) that are currently provided via MoSAPI. Having access to such data will enable ccTLD operators to monitor the DAAR security threat levels per threat type per month in the same way as gTLD operators.
The ICANN organization invites all ccTLD operators to participate in the DAAR project to promote a greater understanding of DNS abuse across the global DNS.