The University of Auckland DNS History Database Project (DHDB) is a collaboration between the University's Information Technology Services and the Computer Science Department.
Collect and analyse "interesting" or suspicious domain names observed in DNS requests at a site boundary, particularly for security analysis.
DHDB captures domain names and the addresses they map to at a given site, by observing DNS requests and responses crossing the site boundary. It builds up a database of them, and mines that database to find interesting behaviours such as domain names that appeared often but with different addresses, or domain names that are very similar to legitimate ones. After adding some dedicated hardware for a database, we now have collectors at seven sites around the world, and interest in the project continues to grow.
Teams interested in collaborating with us should read the standard Memorandum of Understanding and then contact us by email.