ICANN or ICANT: is WHOIS an enabler of cybercrime?

Paul A. Watters, Aaron Herps, Robert Layton, Stephen McCombie

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

13 Citations (Scopus)


WHOIS acts as a registry for organisations or individuals who 'own' or take responsibility for domains. For any registry to be functional, its integrity needs to be assured. Unfortunately, WHOIS data does not appear to meet basic integrity requirements in many cases, reducing the effectiveness of law enforcement and rightsholders in requesting takedowns for phishing kits, zombie hosts that are part of a botnet, or infringing content. In this paper, we illustrate the problem using a case study from trademark protection, where investigators attempt to trace fake goods being advertised on Facebook. The results indicate that ICANN needs to at least introduce minimum verification standards for WHOIS records vis-à-vis integrity, and optimally, develop a system for rapid takedowns in the event that a domain is being misused.

Original languageEnglish
Title of host publicationProceedings - 4th Cybercrime and Trustworthy Computing Workshop, CTC 2013
Place of PublicationPiscataway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages6
Publication statusPublished - 2014
EventCybercrime and Trustworthy Computing Workshop (4th : 2013) - Sydney, NSW, Australia
Duration: 21 Nov 201322 Nov 2013


OtherCybercrime and Trustworthy Computing Workshop (4th : 2013)
Abbreviated titleCTC 2013
CitySydney, NSW


  • policy
  • online advertising
  • intellectual property


Dive into the research topics of 'ICANN or ICANT: is WHOIS an enabler of cybercrime?'. Together they form a unique fingerprint.

Cite this