Osaka Metropolitan University & WhoisXML API: Faster WHOIS Data Collection for DNS Security Research
About
Osaka Metropolitan University (OMU) is a public research institution in Japan, established in 2022 through the merger of Osaka City University and Osaka Prefecture University. As one of the country’s largest public universities, OMU promotes innovation across diverse fields, including engineering, medicine, and informatics.
At the Graduate School of Information Science, researcher Keiichiro Miyatake leads a project titled “A Study on the Deployment Status of DNS Cache Poisoning Countermeasures in Authoritative DNS Servers.” The research examines how well global DNS communications are protected against cache poisoning. The team measures current security practices across real-world authoritative DNS server deployments.
Highlights
-
Rate limits on standard WHOIS queries and traditional lookup methods prevented large-scale collection of DNS security data.
-
Bulk WHOIS API enabled asynchronous data retrieval through simple CSV uploads.
-
Processing time dropped from days to minutes while increasing data volume fourfold, enabling deeper statistical analysis of DNS vulnerabilities.
Manual WHOIS Commands Could Not Support Large-Scale Domain Analysis
To evaluate the security of DNS communications from multiple perspectives, the research team needed to identify which types of domains were most vulnerable. This required acquiring WHOIS data for a massive volume of domains to perform statistically meaningful analysis.
Initial attempts relied on automated scripts and standard WHOIS commands. However, rate limits and technical restrictions slowed the process.
Collecting enough data took more than three days, delaying the next stage of the research and putting it at risk.
Transitioning to Bulk WHOIS API Streamlined Data Collection
After finding that manual scripting and standard APIs could not provide the necessary scale, the team implemented WhoisXML API’s Bulk WHOIS API.
The researcher chose this solution because it allowed large-scale WHOIS queries without the strict rate limits typically imposed by conventional WHOIS services, which made it suitable for large-scale academic research.
The implementation proved highly efficient. The team used the tool’s asynchronous processing feature by simply uploading CSV files of domain lists. The system then returned the results automatically, which included key WHOIS data points:
-
Country of registration
-
Registrar details
-
Domain age
Using Bulk WHOIS API, the team avoided the implementation challenges they had experienced with other tools.
“The Whois API excelled in ease of use and response speed, and it contributed significantly to my research. It enabled me to analyze the characteristics of domains that are vulnerable to DNS cache poisoning attacks.”
Easy Data Retrieval and Organization Enabled Deeper and More Comprehensive Statistical Analysis
Using the Bulk WHOIS API significantly improved the team’s research workflow.
-
Drastic time reduction: Data collection time dropped from more than three days using conventional WHOIS queries to just a few minutes with the Bulk WHOIS API.
-
Superior data coverage: The team collected three to four times more WHOIS information per domain than with conventional methods.
-
Enhanced analytical capability: With richer data and faster access, the researchers were able to conduct deeper statistical analysis of DNS vulnerabilities.
Furthermore, CSV-formatted results also simplified data organization and post-processing.
The success of this integration has created a reliable research process for future informatics students at the university.