The fourth publication for the TIDE project. The FIRST talk (see here) has
been extended into a journal paper for Digital Threats: Research and Practice
(DTRAP). In this paper we argue that we, as a security community, should move
towards proactive security. However, we shed light on both sides of the coin. We
think the ‘optimal’ way is to combine the reactive and proactive methods, to
make use of the best of both worlds.

For the last couple of months Ramin Yazdani has been looking into phishing
domains using Unicode characters to appear like the target domain. In this
process he developed a new ‘confusables’ table of Unicode characters which can
easily be mistaken for their ASCII counterpart. The table is based on the
‘Unicode Confusables list’ and the ‘Unicode Similarity List’.

Last week was the FIRST conference in Edinburgh. TIDE was presenting a talk on
“Proactive Threat Detection”. The idea we presented at FIRST was, since a
proactive approach works well in the field of DNS, that we need to expand on
proactive detection of threats. It fit well with the theme of the conference,
Defending the Castle. Through proactive threat detection defenders are able to
mount a defense against upcoming attacks rather than getting notified when the
castle is already on…