RDAP: Frontier between protocol specification and implementation

As DNS stands for "Domain Name System", our research focuses on the study of domain names. Domain names are an integral part of our daily lives. You’ve already come across domain names such as "google.com", "univ-grenoble-alpes.fr", or "amazon.com". But what about "support-tech-apple.com", "bank-of-america-help.com" or even "paypall.com"? All of these are fictitious malicious domain names whose purpose is to mislead the user for phishing purposes.

By studying domain names, we can improve Internet security. One of our team’s previous projects, COMAR, enables us to differentiate between compromised and malicious domain names. For example, if the domain name "univ-grenoble-alpes.fr" hosts malicious content, should it be deleted? And what about paypall.com? Comar suggests distinguishing between a compromised domain (in our case univ-grenoble-alpes.fr), for which the administrator should be notified, and paypall.com, for which the solution would be to take action against the domain name.

Internship description:

This internship is a first introduction to the world of research. The internship aims to explore in depth the RDAP protocol and its associated specification. The RDAP protocol, designed to replace the WHOIS protocol, has become a major standard for accessing domain name registration information. The aim of this internship is to develop an in-depth understanding of how the RDAP protocol works and its usefulness in today’s Internet context, in order to propose a more "human-friendly" tool.

Missions :
- Creation of an open-source tool in Python for retrieving RDAP data.
- Creation of a tool to check RDAP/RFC 7483 conformence.
- Check that RDAP services follow the specifications

Profile required:

Student in the final year of Master 2 in Computer Science (MOSIG, CYBERSEC, ...), with a strong interest in research and a desire to continue in the academic world. The candidate must demonstrate a strong curiosity: the desire to understand, discover and criticize. The position is also open to highly motivated M1 students.

How to apply :

Interested candidates are invited to send their application, including CV, covering letter and any other information deemed of interest, to Maciej KORCZYNSKI (maciej.korczynski at univ-grenoble-alpes.fr) and Olivier HUREAU (olivier.hureau at univ-grenoble-alpes.fr)

References :

RFC 7482 : Registration Data Access Protocol (RDAP) Query Format (https://datatracker.ietf.org/doc/html/rfc7482)
RFC 7483 :JSON Responses for the Registration Data Access Protocol (RDAP) (https://datatracker.ietf.org/doc/html/rfc7483)
[1] Aruna Prem Bianzino, Davide Pezzuolo, and Gianluca Mazzini. 2014. Who Is Whois? An Analysis of Results Consistence.
[2] Suqi Liu, Ian Foster, Stefan Savage, Geoffrey M. Voelker, and Lawrence K. Saul. 2015. Who Is .Com?: Learning to Parse WHOIS Records.
[3] Chaoyi Lu, Baojun Liu, Yiming Zhang, Zhou Li, Fenglu Zhang, Haixin Duan, Ying Liu, Joann Qiongna Chen, Jinjin Liang, Zaifeng Zhang, Shuang Hao, and Min Yang. 2021. From WHOIS to WHOWAS: A Large-Scale Measurement Study of Domain Registration Privacy under the GDPR.