{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T10:28:18Z","timestamp":1766485698416,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,11,4]],"date-time":"2024-11-04T00:00:00Z","timestamp":1730678400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-sa\/4.0\/"}],"funder":[{"name":"National Science Foundation (NSF)","award":["OAC-2131987"],"award-info":[{"award-number":["OAC-2131987"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,11,4]]},"DOI":"10.1145\/3646547.3689021","type":"proceedings-article","created":{"date-parts":[[2024,11,1]],"date-time":"2024-11-01T09:40:26Z","timestamp":1730454026000},"page":"454-461","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["DarkDNS: Revisiting the Value of Rapid Zone Update"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3484-9259","authenticated-orcid":false,"given":"Raffaele","family":"Sommese","sequence":"first","affiliation":[{"name":"University of Twente, Enschede, Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1359-1722","authenticated-orcid":false,"given":"Gautam","family":"Akiwate","sequence":"additional","affiliation":[{"name":"Stanford University, Stanford, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3948-7720","authenticated-orcid":false,"given":"Antonia","family":"Affinito","sequence":"additional","affiliation":[{"name":"University of Twente, Enschede, Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3771-5451","authenticated-orcid":false,"given":"Moritz","family":"Muller","sequence":"additional","affiliation":[{"name":"SIDN Labs & University of Twente, Arnhem, Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5174-9140","authenticated-orcid":false,"given":"Mattijs","family":"Jonker","sequence":"additional","affiliation":[{"name":"University of Twente, Enschede, Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4824-3493","authenticated-orcid":false,"given":"kc","family":"claffy","sequence":"additional","affiliation":[{"name":"CAIDA\/UC San Diego, San Diego, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,11,4]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2023. Phishing Landscape 2023: A Study of the Scope and Distribution of Phishing. https:\/\/www.cybercrimeinfocenter.org\/phishing-landscape-2023."},{"key":"e_1_3_2_1_2_1","unstructured":"2024. Cybercrime-tracker. https:\/\/cybercrime-tracker.net\/."},{"key":"e_1_3_2_1_3_1","unstructured":"2024. DigitalSide Threat-Intel Repository. https:\/\/osint.digitalside.it\/."},{"key":"e_1_3_2_1_4_1","unstructured":"2024. Domain Blocklist (DBL). https:\/\/www.spamhaus.org\/blocklists\/domainblocklist\/."},{"key":"e_1_3_2_1_5_1","unstructured":"2024. Openphish. https:\/\/openphish.com\/."},{"key":"e_1_3_2_1_6_1","unstructured":"2024. Oracle. DynDNS.org Malware Feeds. http:\/\/security-research.dyndns.org\/pub\/malware-feeds\/."},{"key":"e_1_3_2_1_7_1","unstructured":"2024. Phishingarmy. https:\/\/phishing.army\/."},{"key":"e_1_3_2_1_8_1","unstructured":"2024. PhishTank. https:\/\/phishtank.org\/."},{"key":"e_1_3_2_1_9_1","unstructured":"2024. QuidsUp - NoTrack - Block List. https:\/\/quidsup.net\/notrack\/blocklist.php."},{"key":"e_1_3_2_1_10_1","unstructured":"2024. Tolouse. https:\/\/dsi.ut-capitole.fr\/blacklists\/."},{"key":"e_1_3_2_1_11_1","unstructured":"2024. Vxvault. http:\/\/vxvault.net\/ViriList.php."},{"key":"e_1_3_2_1_12_1","unstructured":"Akamai. 2024. Flagging 13 Million Malicious Domains in 1 Month with Newly Observed Domains. (2024). www.akamai.com\/blog\/security-research\/newlyobserved-domains-discovered-13-million-malicious-domains."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3419394.3423623"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487816"},{"key":"e_1_3_2_1_15_1","volume-title":"Voelker and Alessio Botta and Mattijs Jonker","author":"Affinito Antonia","year":"2022","unstructured":"Antonia Affinito and Raffaele Sommese and Gautam Akiwate and Stefan Savage and Kimberly Claffy and Geoffrey M. Voelker and Alessio Botta and Mattijs Jonker. 2022. Domain Name Lifetimes: Baseline and Threats. In Traffic and Measurement Analysis."},{"key":"e_1_3_2_1_16_1","volume-title":"22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID","author":"Barron Timothy","year":"2019","unstructured":"Timothy Barron, Najmeh Miramirkhani, and Nick Nikiforakis. 2019. Now You See It, Now You Don't: A Large-scale Analysis of Early Domain Deletions. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019)."},{"key":"e_1_3_2_1_17_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Bouwman Xander","year":"2022","unstructured":"Xander Bouwman, Victor Le Pochat, Pawel Foremski, Tom Van Goethem, Carlos H. Ganan, Giovane C. M. Moura, Samaneh Tajalizadehkhoob, Wouter Joosen, and Michel van Eeten. 2022. Helping hands: Measuring the impact of a large threat intelligence sharing community. In 31st USENIX Security Symposium (USENIX Security 22)."},{"key":"e_1_3_2_1_18_1","unstructured":"Calidog. 2024. CertStream. https:\/\/certstream.calidog.io\/."},{"key":"e_1_3_2_1_19_1","unstructured":"Zhanhao Chen and Jun Javier Wang. 2022. Newly Registered Domains: Malicious Abuse by Bad Actors. (2022). unit42.paloaltonetworks.com\/newly-registereddomains-malicious-abuse-by-bad-actors\/."},{"key":"e_1_3_2_1_20_1","unstructured":"Dave Piscatello and Colin Strutt. 2023. Cybercrime Supply Chain 2023: Measurements and Assessments of Cyber Attack Resources and Where Criminals Acquire Them. Technical Report. Interisle. https:\/\/interisle.net\/s\/CybercrimeSupplyChain2023.pdf."},{"key":"e_1_3_2_1_21_1","unstructured":"Domain Tools. 2024. Security Information Exchange Newly Observed Domains. https:\/\/www.domaintools.com\/resources\/user-guides\/newly-observeddomains-nod\/."},{"key":"e_1_3_2_1_22_1","unstructured":"CA\/Browser Forum. 2024. Baseline Requirements for the Issuance and Management of Publicly-Trusted TLS Server Certificates - Version 2.0.2. https:\/\/cabforum.org\/uploads\/CA-Browser-Forum-TLS-BRs-v2.0.2.pdf."},{"key":"e_1_3_2_1_23_1","unstructured":"I Foster and R Koga. 2024. DZDB. https:\/\/catalog.caida.org\/dataset\/dzdb."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2504730.2504753"},{"key":"e_1_3_2_1_25_1","unstructured":"ICANN. 2007. VeriSign Application for Registry Service: 'Rapid Zone Updates'. https:\/\/www.icann.org\/en\/system\/files\/files\/memo-dns-update-service.pdf."},{"key":"e_1_3_2_1_26_1","unstructured":"ICANN. 2023. Registration Data Request Service (RDRS). https: \/\/www.icann.org\/en\/blogs\/details\/icann-launches-rdrs-releases-first-metricsreport-17-01-2024-en."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196548"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"crossref","unstructured":"B. Laurie A. Langley and E. Kasper. 2013. Certificate Transparency. RFC 6962. IETF. http:\/\/tools.ietf.org\/rfc\/rfc6962.txt","DOI":"10.17487\/rfc6962"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3618257.3624802"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"crossref","unstructured":"A. Newton and S. Hollenbeck. 2015. Registration Data Access Protocol (RDAP) Query Format. RFC 7482. IETF. http:\/\/tools.ietf.org\/rfc\/rfc7482.txt","DOI":"10.17487\/rfc7482"},{"key":"e_1_3_2_1_31_1","volume-title":"PhishTime: Continuous Longitudinal Measurement of the Effectiveness of Anti-phishing Blacklists. In 29th USENIX Security Symposium.","author":"Oest Adam","year":"2020","unstructured":"Adam Oest, Yeganeh Safaei, Penghui Zhang, Brad Wardman, Kevin Tyers, Yan Shoshitaishvili, and Adam Doup\u00e9. 2020. PhishTime: Continuous Longitudinal Measurement of the Effectiveness of Anti-phishing Blacklists. In 29th USENIX Security Symposium."},{"key":"e_1_3_2_1_32_1","volume-title":"29th USENIX Security Symposium).","author":"Oest Adam","year":"2020","unstructured":"Adam Oest, Penghui Zhang, Brad Wardman, Eric Nunes, Jakub Burgis, Ali Zand, Kurt Thomas, Adam Doup\u00e9, and Gail-Joon Ahn. 2020. Sunrise to Sunset: Analyzing the End-to-end Life Cycle and Effectiveness of Phishing Attacks at Scale. In 29th USENIX Security Symposium)."},{"key":"e_1_3_2_1_33_1","unstructured":"OpenINTEL. 2024. Zonestream. https:\/\/zonestream.openintel.nl\/."},{"key":"e_1_3_2_1_34_1","unstructured":"Pawel Foremski and Paul Vixie. 2018. The Modality of Mortality in Domain Names. https:\/\/www.virusbulletin.com\/uploads\/pdf\/magazine\/2018\/VB2018-Vixie.pdf."},{"key":"e_1_3_2_1_35_1","unstructured":"Security and Stability Advisory Committee. 2024. SSAC Report on Registrar Nameserver Management. Technical Report. ICANN. https:\/\/itp.cdn.icann.org\/en\/files\/security-and-stability-advisory-committeessac-reports\/sac-125-09-05-2024-en.pdf."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3687234.3687236"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2016.2558918"}],"event":{"name":"IMC '24: ACM Internet Measurement Conference","sponsor":["SIGMETRICS ACM Special Interest Group on Measurement and Evaluation","SIGCOMM ACM Special Interest Group on Data Communication"],"location":"Madrid Spain","acronym":"IMC '24"},"container-title":["Proceedings of the 2024 ACM on Internet Measurement Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3646547.3689021","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3646547.3689021","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T11:53:18Z","timestamp":1755863598000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3646547.3689021"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,4]]},"references-count":37,"alternative-id":["10.1145\/3646547.3689021","10.1145\/3646547"],"URL":"https:\/\/doi.org\/10.1145\/3646547.3689021","relation":{},"subject":[],"published":{"date-parts":[[2024,11,4]]},"assertion":[{"value":"2024-11-04","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}