60,000 .EU Registrations Correctly Identified As Malicious By APEWS

Since its launch in December 2019, EURid’s Project APEWS –
Advanced Prevention and Early Warning System – has correctly detected over 60,000
malicious .eu domain name registrations. While this is only 1.67% of the more
than 3.6 million .eu domains registered, it’s still a significant amount and
has undoubtedly had an impact on reducing cybercrime in the .eu space.

EURid, the organisation that manages the .eu top-level domain,
launched their award winning AI-driven system that can detect which .eu domain
names will be used for malicious purposes, and automatically suspends them
before they can do any harm. It is the first ever system that can detect domain
name abuse before it takes place and bases its decisions on novel machine
learning algorithms developed at KU Leuven. EURid worked on APEWS alongside KU
Leuven for four years.

In 75% of the cases where the system flagged a domain name,
the prediction was confirmed by third-party abuse indicators.

“Creating a trustworthy .eu space is our primary goal,” said
CEO Marc Van Wesemael. “APEWS is the flagship of our prevention strategy. It
has a deterrent effect on cybercriminals, making .eu domains safer for its
users.”

In announcing the impact of APEWS, EURid explains how cybercriminals
use domain names to send spam, to distribute malware or to set up a botnet (a
network of private computers infected with malicious software and controlled as
a group). Until recently, blacklists were the best way to react to these
attacks. Subscribers could block incoming or outgoing communication with ‘bad’
domain names on the list. But blacklists can only be used once the harm has
already been done.

APEWS, on the other hand, kicks in at the very beginning:
when a .eu domain name is registered.

First, parts of the 3.6 million .eu domain names were
matched against blacklists. Every detail of the matching domain names was then
used to train the predictive model. This resulted in a comprehensive scoring
model.

APEWS now continuously watches over the safety of the .eu
cyberspace. Every newly registered domain name is scored on these predictive
indicators. If the score is too low, the domain name is automatically suspended
before it’s active.

This process discourages cybercriminals to use a .eu domain
name in the first place. The system continuously learns from previous
experience, making it more and more difficult for cybercriminals to avoid
detection.

The 2 awards won by EURid’s abuse prevention mechanism were,
firstly, the eco Domains
award
, and secondly EURid’s paper on Abuse Prevention and Early Warning
System won one of the two “Distinguished Paper Awards” at the Annual Computer
Security Applications Conference (ACSAC).

This latest Domain News has been posted from here: Source Link