Working Group 7: Botnet Remediation March 6, 2013 Michael O’Reirdan (M 3 AAWG) - Chair Peter Fonash (DHS) – Vice-Chair.

Slides:

Advertisements

Similar presentations

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

Advertisements

Tips and Resources IASC Cluster/Sector Leadership Training

NATIONAL AERONAUTICS AND SPACE ADMINISTRATION 1 NASA Earth Science Data Systems (ESDS) Software Reuse Working Group CEOS WIGSS-22 Annapolis, MD September.

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

HISPC-Illinois II The Public-Private Partnership Moves Forward on Privacy and Security.

William H. Bowen School of Law. service – learning program of two schools UALR Bowen School of Law University of Arkansas Clinton School of Public Service.

An Introduction to the “new” NCDB …a webinar for the National Deaf-Blind TA Network November 13, 2013 November 15, 2013 Presented by:

State of Indiana Business One Stop (BOS) Program Roadmap Updated June 6, 2013 RFI ATTACHMENT D.

GUIDANCE INSTRUMENTS FOR RESPONSIBLE INVESTMENT IN AGRICULTURE: AN OVERVIEW Pascal Liu Trade and Markets Division Food and Agriculture Organization of.

ESW 7 - FCC Jeff Cohen Senior Legal Counsel Public Safety Bureau FCC Interests & Policy Around Geolocation.

Working Group 11: Consensus Cyber Security Controls March 14, 2013 Alan Paller, SANS Institute Marcus Sachs, Verizon Communications WG 11 Co-Chairs.

STANDARDS FOR SCHOOL LEADERS DR. Robert Buchanan Southeast Missouri State University.

(Geneva, Switzerland, September 2014)

Consumer Work Group Presentation Federal Health IT Strategic Plan January 9, 2015 Gretchen Wyatt Office of Planning, Evaluation, and Analysis.

Alabama GIS Executive Council November 17, Alabama GIS Executive Council Governor Bob Riley signs Executive Order No. 38 on November 27 th, 2007.

OPTIONS AND REQUIREMENTS FOR ENGAGEMENT OF CIVIL SOCIETY IN GEF PROJECTS AND PROGRAMMES presented by Faizal Parish Regional/Central Focal Point GEF NGO.

Justice Information Network Strategic Plan Development Justice Information Network Board March 18, 2008 Mo West, JIN Program Manager.

GEO Work Plan Symposium 2012 ID-05 Resource Mobilization for Capacity Building (individual, institutional & infrastructure)

International Telecommunication Union CHALLENGING POLICY STEPS TOWARDS IMPLEMENTING COMMON ALERTING PLATFORMS Orhan Osmani Emergency Telecommunications.

9/11/ SUPPORT THE WARFIGHTER DoD CIO 1 Sample Template Community of Interest (COI) Steering Committee Kick-off Date: POC: V1.0.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

Jeju, 13 – 16 May 2013Standards for Shared ICT CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart, Fellow.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

NSTC Smart Grid Subcommittee Overview and Goals for Ongoing Federal/State Collaboration By George Arnold, NIST & Jessica Zufolo, RUS NARUC Annual Convention,

CSRIC Working Group 7 Mike O’Reirdan. Mission Statement Working Group 7 – Botnet Remediation Chair – Michael O’Reirdan, Chairman, Messaging Anti-Abuse.

National Preparedness All Hazards Consortium Corey Gruber Assistant Deputy Administrator, National Preparedness National Preparedness.

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

PSCIOC XML Subcommittee Status Update — September 27, 2004 Dave Wallace (Chair) Corporate Chief Technology Officer Management Board Secretariat Ontario.

Working Group 7: Botnet Remediation Status Update June 6, 2012 Michael O’Reirdan (MAAWG) - Chair Peter Fonash (DHS) – Vice-Chair.

SALSA-NetAuth Joint Techs Vancouver, BC July 2005.

March 2015 Inter-American Network for the Prevention of Violence and Crime.

Copyright © 2004 by The Web Services Interoperability Organization (WS-I). All Rights Reserved 1 Interoperability: Ensuring the Success of Web Services.

Working Group In-progress Report to APNIC Member Meeting (AMM) APNIC 31, Hong Kong 25 th February 2011 Naveen Tandon – Chair Shyam Nair – Co-Chair Yi Lee.

1 The Federal Shared Youth Vision Partnership A Federal Partnership between the Corporation for National community Service;

Harnessing a multi-stakeholder platform for improved land governance in Malawi Ivy Luhanga – Principal Secretary, Paul Jere – Land Governance Consultant,

National Institute of Standards and Technology Information Technology Laboratory 1 USG Cloud Computing Technology Roadmap Next Steps NIST Mission: To promote.

Geneva, Switzerland, April 2012 Introduction to session 7 - “Advancing e-health standards: Roles and responsibilities of stakeholders” Marco Carugi.

Working Group 7: Botnet Remediation Status Update September 12, 2012 Michael O’Reirdan (MAAWG) - Chair Peter Fonash (DHS) – Vice-Chair.

The Development of BPR Pertemuan 6 Matakuliah: M0734-Business Process Reenginering Tahun: 2010.

1 The Federal Shared Youth Vision Partnership A Federal Partnership between the United States Departments of Education, Health.

Working Group 1: NG9-1-1 December 16, 2011 Laurie Flaherty Brian Fontes WG 1 Co-Chairs.

An overview of the MARPA Shared Services Best Practices Guidebook and Regionalization Best Practices Website BEST PRACTICES for SHARED SERVICES Merrimack.

Energy Efficiency Action Plan Kathleen Hogan Director, Climate Protection Partnerships Division U.S. Environmental Protection Agency NARUC Winter Meetings.

A Net-Centric DoD NII/CIO 1 Sample Template Community of Interest (COI) Steering Committee Kick-off Date: POC:

Evaluation Unit EuropeAid Martyn Pennington Head of Evaluation Unit- Devco B2 Workshop on Lessons Learned from International Joint Evaluations French Ministry.

Methodologies and Tools for Technology Needs Assessment: an Overview Zou Ji Dept. of environmental Economics and Management, Renmin University of China.

Slide: 1 CEOS SIT Technical Workshop |Caltech, Pasadena, California, USA| September 2013 CEOS Work Plan Section 6.1 G Dyke CEOS ad hoc Working Group.

NATIONAL SOCIETY FOR EARTHQUAKE TECHNOLOGY-NEPAL (NSET) ISDR Asia Partnership Meeting March 2011 Jakarta Indonesia Local Level Pilot HFA Workshop.

Working Group 2: Emergency Alerting Platforms Status Update December 3, 2015 Farrokh Khatibi, Co-Chair (Qualcomm) Francisco Sánchez, Jr., Co-Chair (Harris.

Working Group 5: Cybersecurity Information Sharing Status Update December 3, 2015 Christopher Boyer, Co-Chair (AT&T) Rod Rasmussen, Co-Chair (IID) Brian.

Educational Strategies Presented by: Christina Worrall Vice President, The Lewin Group, Inc PHDSC Annual Meeting March 18, 2004.

Federal Geographic Data Committee Update Karen Siderelis, Acting Chair Ivan B. DeLoatch, Executive Director NGAC Meeting March 24, 2010.

INTERGOVERNMENTAL PILOT PROGRAM: Update May 4,

ITU Regional Standardization Forum for Asia-Pacific (Jakarta, Indonesia, October 2015) TTA’s activities on bridging standardization gap Kihun Kim.

Working Group 3: Emergency Alert Systems Status Update March 16, 2016 Kelly Williams, Co-Chair National Association of Broadcasters Steve Johnson, Co-Chair.

NSF INCLUDES Inclusion Across the Nation of Learners of Underrepresented Discoverers in Engineering and Science AISL PI Meeting, March 1, 2016 Sylvia M.

Working Group 8: Priority Services CSRIC V Meeting March 16, 2016 Thomas Anderson, Co-Chair (Cisco) Bill Reidway, Co-Chair (Neustar)

Presented by Solomon Ingba David Afoenyi Afure Iloka Niteabai Domininc.

Financial Services Sector Coordinating Council (FSSCC) 2011 KEY FSSCC INITIATIVES 2011 Key FSSCC Initiatives Project Name: Project Description: All-Hazards.

Update from the United States Standards and Conformity Assessment Work in the Sub Committee on Standards and Conformance.

Who doesn’t need to be WISE? Bringing into reality global information security collaboration Alessandra Scicchitano GÉANT - Project Development Officer.

Strengthening Dialogue and Building Trust April 2017

Eric Peirano BRIDGE Support Team, Technofi

Update from the Faster Payments Task Force

Introduction to TransCelerate

SOCIAL DIALOGUE PLATFORM

Continuity Guidance Circular Webinar

Project overseer Song Yanqin May 11, 2004 Honolulu

San Francisco Bay Water Board

Presentation transcript:

Working Group 7: Botnet Remediation March 6, 2013 Michael O’Reirdan (M 3 AAWG) - Chair Peter Fonash (DHS) – Vice-Chair

2 WG 7 Objectives Working Group 7 – Botnet Remediation Description: This Working Group will review the efforts undertaken within the international community, such as the Australian Internet Industry Code of Practice, and among domestic stakeholder groups, such as IETF and the Messaging Anti-Abuse Working Group, for applicability to U.S. ISPs. Building on the work of CSRIC II Working Group 8 ISP Network Protection Practices, the Botnet Remediation Working Group shall propose a set of agreed-upon voluntary practices that would constitute the framework for an opt-in implementation model for ISPs. The Working Group will propose a method for ISPs to express their intent to op-into the framework proposed by the Working Group. The Working Group will also identify potential ISP implementation obstacles to the newly drafted Botnet Remediation business practices and identify steps the FCC can take that may help overcome these obstacles. Finally, the Working Group shall identify performance metrics to evaluate the effectiveness of the ISP Botnet Remediation Business Practices at curbing the spread of botnet infections.

3 WG 7 Members NameOrganization Michael O'Reirdan (Chair)M 3 AAWG Peter Fonash (Vice Chair)DHS Robert Thornberry (Editor)Alcatel-Lucent Uma ChandrashekharAlcatel-Lucent Michael Little Applied Communication Sciences Alex BobotekAT&T John DenningBank of Amer. Neil Schwartzman (Secretary)CAUCE Chris LewisCAUCE, Spamhaus Michael GlennCenturyLink Paul Diamond (Editor)CenturyLink Jay OppermanComcast Matt CarothersCox NameOrganization Gunter OllmannDamballa Brian DoneDHS Daniel BrightEMC Inc Mats Nilsson Ericsson Kurian JacobFCC Vern Mosley (Liaison)FCC Bill McInnisIID Chris SillsIID Tim RohrbaughIntersections Barry GreeneISC Merike KaeoISC Ed WhiteMcAfee Kevin SullivanMicrosoft Matthew TooleyNCTA Jon BoyensNIST Craig SpiezleOTA Bill SmithPayPal Gabe IovinoREN-ISAC NameOrganization Johannes UllrichSANS Institute Adam O'DonnellSourcefire Alfred HugerSourcefire Kevin FrankSprint Michael FiumanoSprint James HolgersonSprint Greg HolzapfelSprint Maxim WeinsteinStopBadware Patrick GardnerSymantec Tice MorganT-Mobile John GriffinTCS Chris RoosenraadTWC Joe St Sauver Univ of Oregon/Internet 2 Robert MayerUSTelecom Assoc. Eric OsterweilVerisign John St. ClairVerizon Timothy VogelVerizon

4 March 2012 Deliverable U.S. Anti-Bot Code of Conduct (ABCs) for Internet Service Providers (ISPs) completed – ISPs representing 94% of the U.S. residential subscriber market are either currently participating, or have agreed to participate, in the Code

5 March 2013 Deliverable Final Report: U.S. Anti-Bot Code of Conduct (ABCs) for Internet Service Providers (ISPs) - Barrier and Metric Considerations

6 Barriers to ISP Participation Technology Barriers – Barriers where current technical solutions insufficient to tackle botnet threat Consumer/Market Barriers – Barriers from implementation solutions viewed by customers as ineffective Operational Barriers – Barriers that could negatively impact organization’s primary mission and resources Financial Barriers – Barriers resulting from inability to quantify costs/benefits of participation Legal/Policy Barriers – Barriers associated with legal and/or policy constraints

7 Barriers Guide (Appendix 3) Provides ISPs guidance on Code implementation activities Guidance grouped according to – End-User Education – Detection – End-User Notification – Remediation – Collaboration And further sub-divided by – Technology Barriers – Consumer and Market Barriers – Operational Barriers – Financial Barriers – Legal/Regulatory/Policy Barriers

8 Bot Metrics Guide (Appendix 4) Expected Audience What is and is not a “bot” Counting botted “things” Questions about “bots” Statistical questions on botnet measurements ISPs as a potential source of botnet data Sinkholing, DNS-based methods, direct data collection and simulations Recommendations

9 March 2013 Deliverable cont. Metrics Glossary – Appendix 5 Related Industry Security and Metrics Activity – Appendix 6 – M 3 AAWG Bot Pilot Phase 1 Metrics – Japan’s Cyber Clean Center Metrics – Australia’s iCode Metrics – Germany Anti-Botnet Initiative Metrics – Ireland’s Anti-Botnet Initiative Metrics – Finland’s Anti-Botnet Initiative Metrics – Shadowserver Foundation Metrics – Spamhaus CBL Metrics

10 Conclusions WG7 delivered the U.S. Anti-Bot Code of Conduct for ISPs WG7 identified potential ISP implementation barriers WG7 identified steps FCC can take to help overcome barriers WG7 identified challenges to obtaining Code effectiveness metrics at the present time The Code, along with the Barriers and Metrics Guides, will require periodic updates from Code participants There is a need to: – Address the bot problem with an Internet ecosystem multi-stakeholder approach – Continue to focus on bot reduction and mitigation to reduce the spread of bot infections

11 Recommendations FCC, working in partnership with other federal government agencies and industry: – Facilitate ISP awareness of Code Barriers Guide and encourage ISPs to use Barriers Guide as a resource in planning and evaluating Code participation – Facilitate creation of case studies on bot mitigation activities to examine metrics created around particular bot remediation efforts, a good example being the recent Georgia Tech DNSChanger study presented at M 3 AAWG – Leverage industry-sponsored pilot programs to examine the collection and sharing of metrics around particular bot efforts – Facilitate research in bot metric development – Establish a vehicle, such as a workshop or webcast, to foster ongoing dialogue around these issues Include international participants

Call to Action ISPs End Users App Dev. AV Vendors Platform Vendors e-Commerce Orgs. Critical Infra. OS Vendors Enterprises Int’l Partners Research Inst. Gov’t D/As Regulators Web Hosts Content Providers Privacy Advocates WG7 believes the voluntary approach recommended will lead to further recommendations on Internet ecosystem multi- stakeholder approaches to best contain the spread of bot infections WG7 further believes by expeditiously taking voluntary action on the recommendations, the FCC will significantly contribute to, and facilitate development and implementation of, voluntary practices that can be followed by the Internet ecosystem multi- stakeholders to combat the spread of bot infections 12