This page contains a Flash digital edition of a book.
NETWORK SECURITY


TRADEMARK PROTECTION WITH DNS DATA: TAKING CUES FROM NETWORK SECURITY


As cyber attacks and brand abuse become more sophisticated and damaging, monitoring and investigative tactics have to grow in scope to include DNS and Whois data, as Tim Chen explains.


Network security professionals have long been on the cutting edge of technology and the use of data to address compromises. Security breaches and cyber attacks can destroy incredible amounts of value in a very short time. A 2013 study by the Ponemon Institute showed that cyber attacks cost companies an average of $5.4 million per attack. By taking a deeper look at the methods and tools used by network security professionals, processes to improve online brand protection strategies can be identifi ed.


Network security starts with data. T e basic network security model involves installing sensors or other data collection points within the client network. Service providers will overlay deep data analytics and pattern recognition in order to detect abnormal network behaviours. Oſt en the terabytes of internal network data will


32


be augmented by sourcing signifi cant amounts of external data such as IP blacklists or spam domain lists.


Timely investigation of who is behind cyber attacks is vital for immediately mitigating threats as well as understanding possible related threat activity. Detailed research is


also important


for gathering evidence that can be used in prosecution. Most types of cyber attacks leave a trail of network signatures, including domain names, host names and Internet protocol (IP) addresses. When combined with Whois data, this domain name system (DNS) data can help identify the people behind these attacks, as well as associate other related resources that may be targeting a network or organisation.


Brand protection Trademarks Brands and the Internet Volume 2, Issue 3 professionals can deploy similar strategies to improve their eff ectiveness.


Traditional online brand protection strategies have involved tactics such as looking for typo domain names, knock-off ecommerce sites, unauthorised brand and logo use, and brand- abusing spam sites. T ere has been very little use of deeper DNS data. Incorporating this data, following the advanced strategies used in network security, provides a much more comprehensive approach to brand protection.


Simply defi ned, the DNS is the system that converts numerical network addresses (IP addresses) to host names (domain names). Under the bonnet it is a lot more complex. T e DNS records describe the relationship between domain names and IP addresses. Domain names, IP addresses and nameservers are associated with each other and with individual people and organisations via Whois records. And there are multiple layers to these relationships.


As information gets passed between DNS


resolver and various nameservers, in order to get your client an IP address, an enormous amount of data and information is created and passed through the DNS. It is the real-time availability of this data that is of particular value in brand protection and investigation.


www.worldipreview.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44