Secure IoT Home Gateway
As more items become internet-connected – items that form the Internet of Things (IoT) – cybersecurity risks around them grow. With this in mind, CIRA Labs is working on a secure home gateway to mitigate the risks these devices pose to their users as well as larger internet systems (including .CA) that can be attacked through them. Learn more.
Collection and ingestion of queries from .CA servers
Individual queries and responses from our .CA servers are captured in raw format and sent to CIRA Labs to be processed and analyzed to better secure .CA from malicious activities. The challenge is the high rate of data, or packets captured (PCAP). Globally, .CA servers receive over 10,000 queries per second. This ingestion engine based on SIDN Entrada processes the data that comes from servers and enables CIRA Labs to better understand the information, analyze trends and flag locations where malicious activities may be happening to help prevent cyber attacks.
.CA server traffic dashboard
This dashboard provides a graphical visibility into the packets captured data (PCAP) to view long-term DNS trends with a real-time stream. This takes the data from .CA servers in the ingestion engine and enables CIRA Labs to make quicker decisions about trends and malicious activities by being able to view the graphs in real time.
This project measures the popularity of a domain based on a logarithmic scale. We use this to determine the popularity of .CA domains. We’re working on refining this methodology developed by nic.at Alexander Mayrhofer.
Malicious Domain Registrations (MDR)
This project is about leveraging machine learning and other related technologies to detect malicious domain registrations, ranging from DGA (Domain Generation Algorithm) Detection, Domain Reputation Scoring (DRS) and Bulk Malicious Domain Registrations (BMDR). This will enable CIRA to detect domains destined for malicious purposes at the time of registration, and prevent those domains from being used in production.