a secure, stable and resilient internet through ... · domain name system (dns) + security + the...
TRANSCRIPT
Contact :
Mr. Jia-Rong Low,
ICANN
Tel: +6591710081
Email: [email protected]
ASIA-PACIFIC TELECOMMUNITY
5th APT CYBERSECURITY FORUM (CSF-5)
26-28 May 2014, Ulaanbaatar, Mongolia
Document
CSF-5/INP-16
20 May 2014
Mr. Jia-Rong Low, ICANN
A SECURE, STABLE AND RESILIENT INTERNET THROUGH
COLLABORATION AND COORDINATION
!!!
Jia-Rong Low!Head, Strategy & Initiatives, Asia Pacific!
!
A secure, stable and resilient Internet through !Collaboration and Coordination !
2
+ ICANN
+ Cybersecurity and ICANN
+ Collaboration and Coordination in Security, Stability and Resiliency
+ Threat Awareness and Response
+ Trust-based Collaboration
+ Capability Building
+ Identifier SSR Analytics
Overview!!
3
Internet Corporation for Assigned Names and Numbers !
• IP address (111.223.127.96)
• Domain Names (www.apt.int)
4
ICANN’s multi-stakeholder community!
• Every stakeholder has an interest in how the Internet develops
• No single stakeholder is more important than any other
5
Connectivity Infrastructure!
6
Cybersecurity and ICANN!
Domain Name System (DNS)
+ Security
+ the capacity to protect and prevent misuse
+ Stability
+ DNS system operates as expected, and that users have confidence that it operates as expected
+ Resiliency
+ the capacity to effectively withstand/tolerate/survive malicious attacks without disruption
7
Security, Stability, & Resiliency (SSR)!
+ DNSSEC
+ WHOIS
+ L-Root Servers
Security
Stability
Resiliency
8
Coordination and Collaboration!
The Internet – our “Network of Networks”
• Generic Top Level Domain Operators (gTLD)
• .com, .net, .org etc
• Country Code Top Level Domain Operators (ccTLD)
• .mn, .sg, etc
• CERTs
• Regional Internet Registries
• Governments / Law Enforcement
• International Organisations
• Research organisations / experts
Threat Awareness and
Response
Iden8fier SSR Analy8cs
Trust-‐based Collabora8on
Capability Building
9
Threat Awareness and Response!
• Exchange of threat intelligence involving DNS – a living network
• Attacks against CCTLDs, registrars
• Root system DDoS (Anonymous)
• Coordinated response to threats
• Vulnerability disclosure
Threat Awareness and
Response
10
Trust-based Collaboration!
• Collaborate to look at specific issues
• Phishing - Research, target bad domains (Anti-Phishing Working Group)
• Spam - Work with Governments; Regional Internet Registries
• Crime- DNS abuse/misuse; DDoS attack- Work with Law Enforcement Agencies
• Global Cybersecurity Cybercrime Initiative- OECD, other academic institutions
Trust-‐based Collabora8on
We need to work together!
11
Capability Building!
• Training- TLD Registry Operators on Security, DNSSEC etc- Law Enforcement Agencies on DNS Basics, Mitigating DNS abuse/misuse- Face-to-face, Digital/remote delivery
• Knowledge exchange- Europol, Interpol
Capability Building
TLD Registry Training 2013!
One or more registry staff have aBended from countries
in blue
DNS Abuse/Misuse Training 2013!
One or more agents or staff have aBended from countries
in blue
14
Identifier SSR Analytics!
• Develop metrics and analytics for identifier systems- Root system measurements, analy- Analysis of DNS or registration abuse or misuse- Creative uses of DNS data
• Still in infancy
Iden8fier SSR Analy8cs
15
Growing the Asia Pacific Network!
• ICANN APAC Hub • [email protected]
• SSR issues: [email protected]
Thank You!