April 5, 2022

Centralized Abuse Reporting Update

By Graeme Bunton, Director of the DNS Abuse Institute

The DNSAI has shared our work towards a centralized abuse reporting tool in a number of newsletters, but as we get closer to launching, we wanted to share some more information.  If you’re unfamiliar with our work, the DNSAI has been developing an abuse reporting tool meant to solve two problems:

  • For those impacted by DNS Abuse, reporting it is difficult, requires technical understanding, and has no standards across the DNS ecosystem.

  • For those who could mitigate DNS Abuse, often the reports they get are messy, duplicative, unevidenced, and most of the time are unactionable.

We’re solving these problems by developing an abuse reporting intermediary.  It improves the experience for people who want to report abuse by providing a single place to report DNS Abuse across the ecosystem in a simple, standardized fashion.  By taking those reports, standardizing them, and enriching them with useful, actionable information, we’re able to provide domain registrars and registries with the information they need to mitigate DNS Abuse quickly, and easily.  This centralized solution has been called for in several important cross-community outputs, including in the recommendations of the Second Security and Stability Review Team (SSR2) and in the SAC 115: Report on an Interoperable Approach to Addressing Abuse.  We’re confident that by centralizing and improving the abuse reporting process, we can fill this gap and help make a real difference on DNS Abuse.

A rough diagram for the service:

We’re currently putting the final touches on the service; cleaning up language, terms and conditions, refining reporting flows, and engaging in security audits, but as it stands, the service works.  The APIs are also up and running, with the ability for API-based abuse report submission, as well as an API for registries and registrars to pull their reports in. We’ll open up the service for registrars to test very shortly. The success of this tool is contingent on providing better DNS Abuse reports than what registrars are getting now, so getting registrars into the system early to ensure we’re meeting this goal is critical.

We’ll be integrating feedback from registrars and select abuse reporters, and improving the service between now and the planned public launch in early June.  Expect to hear a lot more about this in the coming weeks and months.

In previous updates, the DNSAI has been hinting that the Centralized Abuse Reporting Tool (CART) needed a new name.  We’ve spent a long time brainstorming names, investigating trademarks, and checking domain availability.  It turns out that branding is hard.  But perseverance pays off, and we’re very pleased to announce that we’ll be branding the CART as NetBeacon.  We’ll be getting logos and associated branding work completed over the coming months, so expect to see some changes.  By branding the service as NetBeacon (as opposed to the Centralized Abuse Reporting Tool from the DNS Abuse Institute), we’re hoping to reach as many people as possible, ensuring that anyone, anywhere, who encounters DNS Abuse has an easy path to reporting it.

Another important piece of NetBeacon’s story is how we went from a set of broad requirements to a beta program in less than eight months (!!).  Early on, we had conversations with a number of potential vendors to discuss our goals for the tool, and get an estimate of the timing and cost to build it.  One of these vendors was CleanDNS, which has an abuse monitoring and case management platform for the domain registration industry.  Jeff Bedser is the CEO of CleanDNS and serves on the PIR Board of Directors, and is also a strong supporter of the mission of the DNSAI. A number of key components of NetBeacon were already built as part of the CleanDNS platform. Jeff generously offered to provide those components at no cost, as well as the development time to adapt and expand them into what the DNSAI required.

Since Jeff is on the PIR Board, the Board reviewed the CleanDNS proposal to build NetBeacon at no cost under its conflict of interest policy (with Jeff Bedser recusing) and determined that the proposal was in the best interest of the Institute (and PIR) as it delivered significant cost savings together with  an accelerated delivery timeline.  As a result an agreement between the DNSAI and CleanDNS was signed and development of the NetBeacon tool began.

And so here we are, literally a year ahead of schedule thanks to CleanDNS, in the final weeks of development for NetBeacon V1, gearing up for important things like external security audits and opening our beta to registrars and registries.  Every day, we see NetBeacon getting closer to being ready for public use, and we’re very excited about its contribution to fight DNS Abuse. We know it’s going to provide real value to registries and registrars, and it’s going to simplify the work and greatly improve the experience for those who are reporting DNS Abuse.