Jeffrey Spaulding

In this paper, we systematically explore the attack surface of the Blockchain technology, with an emphasis on public Blockchains. Expand

Domain typosquatting provides a great avenue to cybercriminals to conduct their crimes, including phishing, spam, hit and traffic stealing, online scams, among others. Expand

We introduce DRIFT, a system for detecting command and control (C2) domain names in Internet of Things–scale botnets. Expand

We review the various activities in the research community on DNS operation, security, and privacy, and outline various challenges and open research directions that need to be tackled. Expand

In this paper, we systematically explore the attack surface of the Blockchain technology, including selfish mining, the 51% attack, DNS attacks, distributed denial-of-service (DDoS) attacks, consensus delay, orphaned and stale blocks, block ingestion, wallet thefts, smart contract attacks, and privacy attacks. Expand

The nefarious practice of Typosquatting involves deliberately registering Internet domain names containing typographical errors that primarily target popular domain names, in an effort to redirect users to unintended destinations or stealing traffic. Expand

Using an intrinsic feature of malicious domain name queries prior to their registration (perhaps due to clock drift), we devise a difference-based lightweight feature for malicious domainName detection. Expand

In this work, we present a system called D-FENS (DNS Filtering & Extraction Network System) which works in tandem with blacklists and features a live DNS server and binary classifier to accurately predict unreported malicious domain names. Expand

The deceitful practice of Typosquatting involves deliberately registering Internet domain names containing typographical errors that primarily target popular domain names, in an effort to redirect users to unintended destinations or steal traffic. Expand