Statistical Analysis of DNS Abuse in gTLDs



SADAG (Statistical Analysis of DNS Abuse in gTLDs) is a joint research project by a consortium formed by SIDN Labs and Delft University of Technology. This consortium was selected by ICANN to study the rate of abuse for both legacy and new gTLDs.

The new Generic Top-Level Domain (gTLD) Program has enabled over 1 thousand new generic top-level domains to enter into the domain name system (DNS) since the first delegations occurred in October 2013.

A number of safeguards were built into the new gTLD Program that were intended to mitigate rates of abusive, malicious, and criminal activity in these new gTLDs, such as phishing, spam, malware distribution, and botnet command-and-control.

A multi-stakeholder community review team will make use of the findings of this study as one input into its review of ICANN’s New gTLD Program and its impact on competition, consumer trust, and consumer choice. This DNS Abuse study will serve as a gauge for the extent of DNS abuse occurring in new gTLDs, which in turn will help inform the review team’s mission to assess the New gTLD Program’s impact on consumer trust.



Start of the study.


The SADAG website is online.


The SADAG final report delivered to ICANN.


For more information, please contact any of the following project members.

Maarten Wullink maarten . wullink AT sidn .nl SIDN Labs
Giovane C. M. Moura giovane . moura AT sidn .nl SIDN Labs
Maciej Korczynski maciej . korczynski AT TU Delft
Prof.dr. M.J.G. (Michel) van Eeten m . j . g . vaneeten AT TU Delft