introduction of introduction of apcert apcert
play

Introduction of Introduction of APCERT APCERT Yurie Ito, - PowerPoint PPT Presentation

Aug 14, 2023 •332 likes •446 views

Introduction of Introduction of APCERT APCERT Yurie Ito, JPCERT/CC Yurie Ito, JPCERT/CC (On behalf of the APCERT Secretariat) (On behalf of the APCERT Secretariat) 2005 (C) JPCERT/CC, APCERT APCERT APCERT APCERT APCERT (Asia Pacific

  1. Introduction of Introduction of APCERT APCERT Yurie Ito, JPCERT/CC Yurie Ito, JPCERT/CC (On behalf of the APCERT Secretariat) (On behalf of the APCERT Secretariat) 2005 (C) JPCERT/CC, APCERT

  2. APCERT APCERT � APCERT APCERT (Asia Pacific Computer Emergency (Asia Pacific Computer Emergency � Response Team) is a coalition of the forum of is a coalition of the forum of Response Team) CSIRTs (Computer Security Incident Response Teams) (Computer Security Incident Response Teams) . . CSIRTs The organization was established to encourage The organization was established to encourage and support the activity of CSIRTs CSIRTs in the Asia in the Asia and support the activity of Pacific region. Pacific region. � Started from 15 teams from 12 economies Started from 15 teams from 12 economies � � Now 17 teams from 13 economies � Now 17 teams from 13 economies 2005 (C) JPCERT/CC, APCERT

  3. Objectives Objectives � Encourage and support regional and international cooperation Encourage and support regional and international cooperation � on information security in the Asia Pacific region, on information security in the Asia Pacific region, � Jointly develop measures to deal with large Jointly develop measures to deal with large- -scale or regional scale or regional � network security incidents, network security incidents, � Facilitate info sharing and technology exchange, including info Facilitate info sharing and technology exchange, including info � security, computer virus and malicious code, among its members, security, computer virus and malicious code, among its members, � Promote collaborative research and development on subjects of Promote collaborative research and development on subjects of � interest to its members, interest to its members, � Assist other Assist other CERTs CERTs and and CSIRTs CSIRTs in the region to conduct in the region to conduct � efficient and effective computer emergency response capability, efficient and effective computer emergency response capability, � Provide inputs and/or recommendations to help address legal Provide inputs and/or recommendations to help address legal � issues related to info security and emergency response across issues related to info security and emergency response across regional boundaries, regional boundaries, � Organize an annual conference (APSIRC) to raise awareness on Organize an annual conference (APSIRC) to raise awareness on � computer security incident responses and trends. computer security incident responses and trends. 2005 (C) JPCERT/CC, APCERT

  4. Members Members Full Members (15) Full Members (15) AusCERT AusCERT (Australian Computer Emergency Response Team) (Australian Computer Emergency Response Team) – – Australia Australia � � BKIS BKIS (Bach (Bach Khoa Khoa Internetwork Internetwork Security Center) Security Center) – – Vietnam Vietnam � � CCERT CCERT (CERNET Computer Emergency Response Team) (CERNET Computer Emergency Response Team) – – People's Republic of China People's Republic of China � � CNCERT/CC CNCERT/CC (National Computer network Emergency Response technical Team / C (National Computer network Emergency Response technical Team / Coordination oordination � � Center of China) – – People's Republic of China People's Republic of China Center of China) HKCERT/CC (Hong Kong Computer Emergency Response Team Coordination Center) (Hong Kong Computer Emergency Response Team Coordination Center) – – Hong Kong, Hong Kong, HKCERT/CC � � China China IDCERT (Indonesia Computer Emergency Response Team) (Indonesia Computer Emergency Response Team) – – Indonesia Indonesia IDCERT � � JPCERT/CC (Japan Computer Emergency Response Team / Coordination Center) (Japan Computer Emergency Response Team / Coordination Center) – – Japan Japan JPCERT/CC � � KrCERT/CC /CC (Korea (Korea Computer Emergency Response Team Coordination Center, Korea Int Computer Emergency Response Team Coordination Center, Korea Internet ernet KrCERT � � Security Center, KISA) – Security Center, KISA) – Korea Korea MyCERT MyCERT (Malaysian Computer Emergency Response Team) (Malaysian Computer Emergency Response Team) – – Malaysia Malaysia � � PH- PH -CERT CERT (Philippine Computer Emergency Response Team) (Philippine Computer Emergency Response Team) – – Philippine Philippine � � SecurityMap.Net SecurityMap.Net CERT CERT ( (Securitymap Securitymap Networks Computer Emergency Response Center) Networks Computer Emergency Response Center) – – Korea Korea � � SingCERT (Singapore Computer Emergency Response Team) SingCERT (Singapore Computer Emergency Response Team) – – Singapore Singapore � � ThaiCERT ThaiCERT (Thai Computer Emergency Response Team) (Thai Computer Emergency Response Team) – – Thailand Thailand � � TWCERT/CC TWCERT/CC (Taiwan Computer Emergency Response Team / Coordination Center) (Taiwan Computer Emergency Response Team / Coordination Center) – – Chinese Taipei Chinese Taipei � � TWNCERT TWNCERT (Taiwan National Computer Emergency Response Team) (Taiwan National Computer Emergency Response Team) – – Chinese Taipei Chinese Taipei � � General Members (2) General Members (2) BruCERT (Brunei Computer Emergency Response Team) (Brunei Computer Emergency Response Team) – – Negara Brunei Darussalam Negara Brunei Darussalam BruCERT � � GCSIRT (Government Computer Security and Incident Response Team) (Government Computer Security and Incident Response Team) – – Philippine Philippine GCSIRT � � 2005 (C) JPCERT/CC, APCERT

  5. Cyber security Incident is changing Cyber security Incident is changing Specific Targeted – Large scale, wide spreading incident Pin point incident, (e.g. virus, worm out break, ) using powerful tool (e.g. Botnet) Script Kiddies, Manias Professionals, Criminals Motivation: for Fun - Motivation: Specific. Stopping – e.g. Denial of service Stealing – ID, money, information Motivation: for Fame, Recognition (e.g. Phishing, ID theft … ) - e.g. Web defacement 2005 (C) JPCERT/CC, APCERT

  6. Incident Handling among members Incident Handling among members is changing is changing - Start handling more complicating incidents Start handling more complicating incidents - 2002- 2002 -2003 (when APCERT was 2003 (when APCERT was 2004- -2005 (recent incident response) 2005 (recent incident response) 2004 � � � � formed) formed) � Response to the Response to the “ Specific Targeted ” “ Specific Targeted ” � � Response to the Wide Response to the Wide- -spreading spreading � – pin point attack pin point attack Incident Incident – � Slammer incident response Slammer incident response � Members sharing info Members sharing info � � case case e.g. public monitoring information e.g. public monitoring information � Reporting network traffic flow, Reporting network traffic flow, � attack announcement, targeted site, attack announcement, targeted site, updating local activities updating local activities attacking tool information to help attacking tool information to help � Sharing technical information and Sharing technical information and � each team to protect constituency each team to protect constituency vendor ’ s notes vendor ’ s notes � Recent China Recent China – – Japan Japan – Korea – Korea � collaboration case collaboration case � Phishing Phishing site coordination site coordination � 2005 (C) JPCERT/CC, APCERT

  7. How does APCERT work ? How does APCERT work ? CSIRT � � Computer Security Incident Response Team Computer Security Incident Response Team ’ s incident response CSIRT ’ s incident response � � Independent from politics, market, industry Independent from politics, market, industry � � Do not focus on WHO (attribute) and WHY (motivation) Do not focus on WHO (attribute) and WHY (motivation) � � Focus on technically what is happening, how to stop the incident, , Focus on technically what is happening, how to stop the incident � � how to prevent it, From technical perspective coordination how to prevent it, From technical perspective coordination CSIRT Common Policy CSIRT Common Policy � � My security is Depending on your security My security is Depending on your security � � Web of trust – Web of trust – CSIRT trust relationship is developed based on a long CSIRT trust relationship is developed based on a long � � time operation collaboration relationship time operation collaboration relationship Systematic Handling – – with repeatable procedure, POC agreement with repeatable procedure, POC agreement Systematic Handling � � Timely manner Timely manner � � Each teams has appropriate domestic contacts to handle/response Each teams has appropriate domestic contacts to handle/response � � incidents. (ISPs, critical infrastructure, government … ) incidents. (ISPs, critical infrastructure, government … ) Reaching to disconnected place using CSIRT network, where is Reaching to disconnected place using CSIRT network, where is � � difficult to reach difficult to reach 2005 (C) JPCERT/CC, APCERT

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION

INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION

TRAINING COURSE ON SOCIAL PROTECTION & FORMALIZATION TRINIDAD AND TOBAGO MARCH 15, 2017 INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION Design of the NIS Assistance from the

547 views • 23 slides
INTRODUCTION Introduction 2/42 INTRODUCTION Alternations I am giving bread to the

INTRODUCTION Introduction 2/42 INTRODUCTION Alternations I am giving bread to the

Patterns of variation in the expression of case and agreement Andrs Brny Leiden University Centre for Linguistics 9 November 2019, BaSIS Workshop a.barany@hum.leidenuniv.nl INTRODUCTION Introduction 2/42 INTRODUCTION

1.37k views • 42 slides
Introduction Introduction Introduction Introduction Outline Motivation Failures

Introduction Introduction Introduction Introduction Outline Motivation Failures

Introduction Introduction Introduction Introduction Outline Motivation Failures Definition and concepts Process and product properties Principles SE Approaches Motivation Software and the economy The economies of

1.03k views • 49 slides
Introduction Introduction Introduction Nationwide Cause for Concern 1

Introduction Introduction Introduction Nationwide Cause for Concern 1

Introduction Introduction Introduction Nationwide Cause for Concern 1 https://www.cdc.gov/std/stats17/infographic.htm Introduction Epidemiology in Western Colorado CPHE Surveillance Data Report, May 2018 Chlamydia Epidemiology in Western

977 views • 39 slides
DAQ introduction Purpose of this talk : (1) Introduction for those who have not been in every

DAQ introduction Purpose of this talk : (1) Introduction for those who have not been in every

DAQ introduction Purpose of this talk : (1) Introduction for those who have not been in every meeting (2) Some ideas of diagrams for section 7.1 (Introduction) of TP. Giles Barr 25 Jan 2018, Pembroke College On DUNE, the reality is there is a

474 views • 10 slides
INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT

INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT

ADVANCED COMPUTER SECURITY INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT IS SECURITY? A systems security policies describe What the system is supposed to do Store and provide access

479 views • 16 slides
Overview Introduction to SMIL Introduction to W3C and XML Introduction to SMIL

Overview Introduction to SMIL Introduction to W3C and XML Introduction to SMIL

Overview Introduction to SMIL Introduction to W3C and XML Introduction to SMIL Writing a SMIL file Adding Media Objects Martin Halvey Clipping media files January 2008 Timing and Synchronising Layout World Wide

387 views • 14 slides
14 Introduction Introduction Bad guys can put malware into Example: hosts

14 Introduction Introduction Bad guys can put malware into Example: hosts

Introduction Introduction source Encapsulation ISO/OSI reference model message M application segment H t H t M transport network datagram H n H n H t M presentation: allow applications to frame link H l H n H t M interpret

583 views • 4 slides
Previous Lecture Introduction to SMIL 2 Introduction to W3C and XML Introduction to SMIL

Previous Lecture Introduction to SMIL 2 Introduction to W3C and XML Introduction to SMIL

Previous Lecture Introduction to SMIL 2 Introduction to W3C and XML Introduction to SMIL Writing a SMIL file Adding Media Objects Martin Halvey Clipping media files January 2008 Timing and Synchronising Layout

322 views • 8 slides
Lecture 1 Andreas Habegger Introduction Zynq Introduction Zynq Introduction Zynq PS vs. PL

Lecture 1 Andreas Habegger Introduction Zynq Introduction Zynq Introduction Zynq PS vs. PL

Introduction Zynq Lecture 1 Andreas Habegger Introduction Zynq Introduction Zynq Introduction Zynq PS vs. PL Processing System Processor Peripherals Data Buses AXI Bus Conclusion BTE5380 - Embedded Systems Octobre 2014 Andreas Habegger

1.81k views • 30 slides
2018.06 01 SMILE5 Introduction S E 5 02 Alpha Cloud M I L 03 Company Introduction 04

2018.06 01 SMILE5 Introduction S E 5 02 Alpha Cloud M I L 03 Company Introduction 04

2018.06 01 SMILE5 Introduction S E 5 02 Alpha Cloud M I L 03 Company Introduction 04 Project References S E 5 PART.1 SMILE5 Introduction M I L Introduction STORION-SMILE5 Residential Energy Storage System Inverter 5kW Output Input

1.06k views • 25 slides
Introduction to CICS Course introduction Course introduction What is CICS? What is an

Introduction to CICS Course introduction Course introduction What is CICS? What is an

Introduction to CICS Course introduction Course introduction What is CICS? What is an application server? Why use an application server? Course introduction Services provided by CICS How CICS applications are defined Scaling CICS to meet

1.84k views • 146 slides
Network Visualization Introduction Presented by Shahed Introduction Introduction Basic

Network Visualization Introduction Presented by Shahed Introduction Introduction Basic

Network Visualization Introduction Presented by Shahed Introduction Introduction Basic building blocks Node Links (relationship between nodes) Spatial information Network data

584 views • 9 slides
Introduction Introduction (1) Main argument of the paper: universities are not only

Introduction Introduction (1) Main argument of the paper: universities are not only

Le jugement des pairs comme outil de management des universits Peer-review as a management tool Christine Musselin (CSO, Sciences Po et CNRS) Avril 2013, Lirrsistible ascension du capitalisme acadmique Introduction Introduction (1)

590 views • 28 slides
Introduction Introduction to storage and to storage and filesystems filesystems Introduction

Introduction Introduction to storage and to storage and filesystems filesystems Introduction

Moreno Baricevic Gilberto Daz Axel Kohlmeyer Stefano Cozzini ULA ICTP CNR-IOM DEMOCRITOS Merida, VENEZUELA Trieste, ITALY Trieste, ITALY Introduction Introduction to storage and to storage and filesystems filesystems Introduction

1.19k views • 51 slides
JABLOTRON JA-100 introduction November 2011 Introduction Todays goals First introduction of

JABLOTRON JA-100 introduction November 2011 Introduction Todays goals First introduction of

JABLOTRON JA-100 introduction November 2011 Introduction Todays goals First introduction of the brand new JA-100 alarm system Visions Basic architecture System components Setting Help us with final validations You are the FIRST ones

1.69k views • 111 slides
Zero-Knowledge Arguments for Lattice-Based Accumulators: Logarithmic-Size Ring Signatures and

Zero-Knowledge Arguments for Lattice-Based Accumulators: Logarithmic-Size Ring Signatures and

Zero-Knowledge Arguments for Lattice-Based Accumulators: Logarithmic-Size Ring Signatures and Group Signatures without Trapdoors t Libert 1 San Ling 2 Khoa Nguyen 2 Huaxiong Wang 2 Beno 1 Ecole Normale Sup erieure de Lyon (France) 2

681 views • 33 slides
Lattice-Based Zero-Knowledge Arguments for Integer Relations t Libert 1 San Ling 2 Khoa Nguyen 2

Lattice-Based Zero-Knowledge Arguments for Integer Relations t Libert 1 San Ling 2 Khoa Nguyen 2

Lattice-Based Zero-Knowledge Arguments for Integer Relations t Libert 1 San Ling 2 Khoa Nguyen 2 Huaxiong Wang 2 Beno 1 CNRS and ENS Lyon, France 2 Nanyang Technological University, Singapore CRYPTO 2018, 20 August 2018 Zero-Knowledge

422 views • 30 slides
DAY-2 PRACTICE (ORALLY)

DAY-2 PRACTICE (ORALLY)

DAY-2 PRACTICE (ORALLY) PRACTICE (ORALLY) WRITE IN HINDI 1.Ghaak 2.Kaak

715 views • 23 slides
Diet monitoring is a big issue in many health- related topics, so there has been many

Diet monitoring is a big issue in many health- related topics, so there has been many

Hamid Hassannejad, Guido Matrella, Monica Mordonini, and Stefano Cagnoni 14 th Conference of the Italian Association for Artificial Intelligence September 2015 Diet monitoring is a big issue in many health- related topics, so there has been

262 views • 13 slides
HCMUS at the NTCIR-14 Lifelog-3 Task Nguyen-Khang Le, Dieu-Hien Nguyen, Trung-Hieu Hoang,

HCMUS at the NTCIR-14 Lifelog-3 Task Nguyen-Khang Le, Dieu-Hien Nguyen, Trung-Hieu Hoang,

HCMUS at the NTCIR-14 Lifelog-3 Task Nguyen-Khang Le, Dieu-Hien Nguyen, Trung-Hieu Hoang, Thanh-An Nguyen, Thanh-Dat Truong, Duy-Tung Dinh, Quoc-An Luong, Viet-Khoa Vo-Ho Vinh-Tiep Nguyen, Minh-Triet Tran University of Science, VNU-HCM, Ho Chi

821 views • 24 slides
A Mathematics Learning Community on Inclusive Teaching P . Gavin LaRose Department of

A Mathematics Learning Community on Inclusive Teaching P . Gavin LaRose Department of

A Mathematics Learning Community on Inclusive Teaching P . Gavin LaRose Department of Mathematics University of Michigan glarose@umich.edu 11 December, 2018 2018 Gavin LaRose c A Mathematics Learning Community on Inclusive Teaching 1 /

649 views • 19 slides
Intergenerational mobility of education in Vietnam: Evidence from the Vietnam War Khoa Vu 1,2

Intergenerational mobility of education in Vietnam: Evidence from the Vietnam War Khoa Vu 1,2

Intergenerational mobility of education in Vietnam: Evidence from the Vietnam War Khoa Vu 1,2 Maria Lo Bue 2 1 University of Minnesota 2 UNU-WIDER May 2019 1 / 51 Table of Contents Research motivation 1 Research question 2 Data and

1.09k views • 54 slides
PCIeHLS Malte Vesper, Dirk Koch and Khoa Pham High level synthesis half a solution Easy

PCIeHLS Malte Vesper, Dirk Koch and Khoa Pham High level synthesis half a solution Easy

PCIeHLS Malte Vesper, Dirk Koch and Khoa Pham High level synthesis half a solution Easy generation of kernels from popular languages Good results require tuning with knowledge about FPGA architecture No infrastructure for kernel C

906 views • 25 slides

More recommend