Domijn: The Security of Domain Registrars and the Risk of a Domain Name Takeover
arXiv SecurityArchived May 21, 2026✓ Full text saved
arXiv:2605.20984v1 Announce Type: new Abstract: Domain names are key assets for organisation. They anchor an organisation's online presence and reputation, and serve as linking pin for web services and, e.g., email. Consequently, a malicious takeover of a domain can lead to significant damages. Organisations register domain names through so-called registrars, a type of business that plays a key role in the domain name industry. This implies that registrars play an important part in safeguarding
Full text archived locally
✦ AI Summary· Claude Sonnet
Computer Science > Cryptography and Security
[Submitted on 20 May 2026]
Domijn: The Security of Domain Registrars and the Risk of a Domain Name Takeover
Koen van Hove, Jeroen van der Ham-de Vos, Roland van Rijswijk-Deij
Domain names are key assets for organisation. They anchor an organisation's online presence and reputation, and serve as linking pin for web services and, e.g., email. Consequently, a malicious takeover of a domain can lead to significant damages. Organisations register domain names through so-called registrars, a type of business that plays a key role in the domain name industry. This implies that registrars play an important part in safeguarding against malicious takeovers of domains. In this paper we empirically study how registrars implement security controls to prevent against such takeovers. We focus on the top 10 most popular registrars for the .nl ccTLD. We present the results of this study in light of a model for the impact of domain takeovers, that analyses the possible consequence of a takeover. We contrast this against the impact of two other well-known threats: ransomware and DDoS attacks. We find that all registrars in our study implement relatively effective security measures, but that they fall short in more advanced security controls, such as the proper implementation of two-factor authentication. We also find that a domain takeover can have significant impact, potentially equalling that of a ransomware attack.
Comments: 16 pages, 9 figures
Subjects: Cryptography and Security (cs.CR); Networking and Internet Architecture (cs.NI)
Cite as: arXiv:2605.20984 [cs.CR]
(or arXiv:2605.20984v1 [cs.CR] for this version)
https://doi.org/10.48550/arXiv.2605.20984
Focus to learn more
Journal reference: Van Hove, K., Van der Ham-de Vos, J., & Van Rijswijk-Deij, R. (2026). Domijn: The security of domain registrars and the risk of a domain name takeover. In Proceedings of the Workshop on the Economics of Information Security 2026
Submission history
From: Koen van Hove [view email]
[v1] Wed, 20 May 2026 10:14:21 UTC (402 KB)
Access Paper:
HTML (experimental)
view license
Current browse context:
cs.CR
< prev | next >
new | recent | 2026-05
Change to browse by:
cs
cs.NI
References & Citations
NASA ADS
Google Scholar
Semantic Scholar
Export BibTeX Citation
Bookmark
Bibliographic Tools
Bibliographic and Citation Tools
Bibliographic Explorer Toggle
Bibliographic Explorer (What is the Explorer?)
Connected Papers Toggle
Connected Papers (What is Connected Papers?)
Litmaps Toggle
Litmaps (What is Litmaps?)
scite.ai Toggle
scite Smart Citations (What are Smart Citations?)
Code, Data, Media
Demos
Related Papers
About arXivLabs
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)