m 3 aawg lacnic update developing an anti abuse community
play

M 3 AAWG @ LACNIC Update: Developing an Anti-Abuse Community Jesse - PowerPoint PPT Presentation

Apr 12, 2023 •150 likes •398 views

M 3 AAWG @ LACNIC Update: Developing an Anti-Abuse Community Jesse Sowell, PhD Special Advisor to M 3 AAWG Cybersecurity Fellow at Stanford Center for International Security and Cooperation 27 September 2016 LACNIC 26, San Jose, Costa Rica

  1. M 3 AAWG @ LACNIC Update: Developing an Anti-Abuse Community Jesse Sowell, PhD Special Advisor to M 3 AAWG Cybersecurity Fellow at Stanford Center for International Security and Cooperation 27 September 2016 LACNIC 26, San Jose, Costa Rica LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  2. LACNIC-M 3 AAWG Partnership Why Are We Here? LACNIC 26 | San Jose, Costa Rica | 27 September 2016 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  3. LACNIC-M 3 AAWG Partnership Why Are We Here? Esta interacción continua permitirá que el M 3 AAWG tenga acceso a expertos regionales en tendencias operacionales y antiabuso y les dará la oportunidad de desarrollar soluciones conjuntas relevantes que aborden las tendencias actuales en el área de la ciberseguridad y la ciberdelincuencia. LACNIC 26 | San Jose, Costa Rica | 27 September 2016 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  4. Developing a LAC Anti-Abuse Community Presentations This Week Title Presenters Time Location M 3 AAWG Best Dennis Dayman, M3AAWG Board 1800-1900 Greco Common Practices and Vice-Chair Tuesday 27 September Economics of Abuse Tobias Knecht, CEO Abusix 1630-1800 Aguamarina Jesse Sowell, M 3 AAWG, Stanford Operations: Wednesday Matthew Stith, M 3 AAWG, Rackspace Concepts and 28 September Application to Hosting LACNIC 26 | San Jose, Costa Rica | 27 September 2016 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  5. Developing a LAC Anti-Abuse Community Presentations This Week Title Presenters Time Location M 3 AAWG Best Dennis Dayman, M3AAWG Board 1800-1900 Greco Common Practices and Vice-Chair Tuesday 27 September Economics of Abuse Tobias Knecht, CEO Abusix 1630-1800 Aguamarina Jesse Sowell, M 3 AAWG, Stanford Operations: Wednesday Matthew Stith, M 3 AAWG, Rackspace Concepts and 28 September Application to Hosting LACNIC 26 | San Jose, Costa Rica | 27 September 2016 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  6. Overview ➔ What abuse and anti-abuse? ➔ What is M 3 AAWG? ➔ What is M 3 AAWG’s role in anti-abuse? ➔ How to contribute! 6 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  7. Anti-Abuse Dynamics 7 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  8. Anti-Abuse and Attribution The Blame Game Unraveling precisely why a network is on a blocking list is not always easy What are the pragmatics of anti-abuse and attribution? ➔ What constitutes abuse? ➔ How have abuse indicators evolved? ➔ Fundamental economics of abuse and anti-abuse operations 8 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  9. Anti-Abuse and Attribution Prescriptive Ethos “all information exchanges on the Internet should be consensual , and unless you choose to receive [traffic] from a third party, you should not have to accept it” 1 Just because there is a legitimate route to a destination doesn’t mean all traffic using that route is legitimate Provides a prescriptive ethos , but doesn’t help with practical application 9 1 Adapted from an early definition by MAPS LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  10. Anti-Abuse and Attribution Evolution, Issues, and Pragmatics “abuse is what customers complain about” 2 1. Subjective → Objective indicators 2. Indicators are always error-prone 3. Continuous development and evaluation of indicator performance 4. Focus has shifted from inbound to outbound (attribution) 5. Who bears the burden? 6. Economics of indicators and anti-abuse operations 10 2 Definition offered by Dave Crocker LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  11. M 3 AAWG Overview 11 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  12. Who is M 3 AAWG? Industry Anti-Abuse Organization “The Messaging, Malware and Mobile Anti-Abuse Working Group (M 3 AAWG) is where the industry comes together to work against botnets, malware, spam, viruses, DoS attacks and other online exploitation” ➔ 200 member orgs worldwide ➔ 300-400 conference participants ➔ technology-neutral, non-political working body focusing on operational issues of Internet abuse – Supporting technologies – Industry collaboration – Informing Public Policy 12 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  13. Who is M 3 AAWG? We Need LAC Contributions Not enough global voices, “The Messaging, Malware and not enough LAC voices! Mobile Anti-Abuse Working Group (M 3 AAWG) is where the industry comes together to work against botnets, malware, spam, viruses, DoS attacks and other online exploitation” ➔ 200 member orgs worldwide ➔ 300-400 conference participants ➔ technology-neutral, non-political working body focusing on operational issues of Internet abuse Too many US voices – Supporting technologies – Industry collaboration – Informing Public Policy 13 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  14. What Does M 3 AAWG Do? Distill Industry Knowledge into BCPs The “M” cubed : ➔ Messaging: abuse on any messaging platform, from e-mail to SMS texting ➔ Malware: abuse is often just a symptom and vector for viruses and malicious code ➔ Mobile: addressing messaging and malware issues emerging on mobile as an increasingly ubiquitous platform Develop and Publish: Best practice papers ➔ ➔ Position statements Training and educational videos ➔ Public Policy and Industry Guidelines https://www.m3aawg.org/for-the-industry/published-comments The Anti-Bot Code of Conduct for Internet Service Providers https://www.m3aawg.org/abcs-for-ISP-code 14 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  15. What Does M 3 AAWG Do? Distill Industry Knowledge into BCPs Latest BCPs M 3 AAWG Best Current Practices For ➔ Building and Operating a Spamtrap, Ver. 1.2.0 Using Generic Top Level Domain ➔ Registration Information (WHOIS Data) in Anti-Abuse Operations M 3 AAWG Introduction to Traffic ➔ Analysis Ongoing Work DDoS Protection for All ➔ DDoS Victim Preparation Guide ➔ 15 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  16. What Does M 3 AAWG Do? Who Do We Work With? ➔ Unsolicited Commercial Enforcement Net – Operation Safety Net ➔ Internet Society – Provided training material ➔ i 2 Coalition – Hosting BCP ➔ EastWest Institute – 2013 Cyber Security Award for China & India Work ➔ Anti-Phishing Working Group (APWG) – Anti-Phishing Best Practices for ISPs and Mailbox Providers ➔ LACNIC! – Looking forward to updating BCPs to reflect dynamics in the LAC region 16 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  17. Anti-Abuse Community Development 17 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  18. Developing and Anti-Abuse Community Fostering Collaboration M 3 AAWG’s work relies on: ➔ working group participation , in the spirit of ➔ cooperation , to create ➔ effective and efficient anti-abuse outcomes ➔ in a trusted environment 18 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  19. Chatham House Rules Community Trust and Safety Trust is key to all of M 3 AAWG’s activities ➔ Respect M 3 AAWG anonymity: Blogging, tweeting, posting, and publishing content from M 3 AAWG requires permission from presenters and M 3 AAWG ➔ Outcome: M 3 AAWG participants can safely share information critical to solving technical abuse problems without fear of retribution from other industry actors or criminals whose illegitimate businesses impacted by anti-abuse efforts 19 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  20. Chatham House Rules Ongoing Reminder What occurs in a M 3 AAWG meeting cannot be shared outside the membership • New! Attendees can blog, tweet and post about selected, pre-approved sessions only. These sessions open with a GREEN LIGHT slide. No posting or external communications from all sessions with a RED LIGHT slide when the session is closed. Please reference @maawg or #m3aawg37 where we are also tweeting. In all cases, respect M 3 AAWG anonymity: No publishing people or company names, except • as cited on the official M 3 AAWG channels: @maawg, facebook.com/maawg, google plus No use of Wireshark or similar products on the M 3 AAWG network • • No photography - No video - No audio recording • Any exception requires written permission from the Executive Director and may require permission from the session members All meeting attendees must wear and have their M 3 AAWG badge visible at all times • during the meeting • Please silence all electronic devices; be courteous to those listening to the presentations • DO NOT LEAVE YOUR BELONGINGS UNATTENDED. Be aware and cautious at all times Treat all attendees respectfully in and out of sessions. No less will be tolerated. Please review our meeting Conduct Policy at http://www.m3aawg.org/page/m3aawg-conduct-policy For questions, please contact Jerry Upton at: jerry.upton@m3aawg.org 20 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

  21. Committees, SIGs, and BoFs Where the Work is Done Technical Messaging Malware Mobile DDoS SIG Internet of Things BoF Collaboration Committee Abuse Desk SIG Anti-Phishing SIG Public Policy Committee Information Sharing SIG Bot & Messaging Metrics Senders Committee Hosting Committee Pervasive Monitoring SIG Identity Management SIG Voice & Telephony Abuse SIG Brands SIG 21 LACNIC 26 | San Jose, Costa Rica | 27 September 2016

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Use and abuse of anti-arbitration injunctions: strategies in dealing with anti-arbitration

Use and abuse of anti-arbitration injunctions: strategies in dealing with anti-arbitration

Use and abuse of anti-arbitration injunctions: strategies in dealing with anti-arbitration injunctions ASA Below 40 Seminar: Court assistance in international arbitration how to use it wisely and efficiently Anti-suit and anti-arbitration

359 views • 10 slides
Services Sergio Rojas sergio@lacnic.net About LACNIC LACNIC, the Latin American and

Services Sergio Rojas sergio@lacnic.net About LACNIC LACNIC, the Latin American and

Membership and Registration Services Sergio Rojas sergio@lacnic.net About LACNIC LACNIC, the Latin American and Caribbean Internet Addresses Registry, is an international non- government organization established in Uruguay in 2002.

468 views • 17 slides
AfriN AfriNIC 11 IC 11 No Novemb ember er 200 2009 AfriNIC Anti-Abuse Group S. Moonesamy

AfriN AfriNIC 11 IC 11 No Novemb ember er 200 2009 AfriNIC Anti-Abuse Group S. Moonesamy

AfriN AfriNIC 11 IC 11 No Novemb ember er 200 2009 AfriNIC Anti-Abuse Group S. Moonesamy sm+afrinic@elandsys.com 1 Whats the AAAG? Open to networks in the AfriNIC region No membership or other fees Stop email abuse Senders and

842 views • 8 slides
LACNIC Network Security and Stability Ini7a7ves Carlos M.

LACNIC Network Security and Stability Ini7a7ves Carlos M.

LACNIC Network Security and Stability Ini7a7ves Carlos M. Mar7nez carlos @ lacnic.net @carlosm3011 LACNIC Internet Resources Management LACNICs main

283 views • 10 slides
LACNIC Report LACNIC We are still growing in number of resources being allocated

LACNIC Report LACNIC We are still growing in number of resources being allocated

LACNIC Report LACNIC We are still growing in number of resources being allocated Membership number, also growing. Reached 1000 members! Staff increasing every year (22 at the moment) Membership evolution Registration Services Data.

477 views • 16 slides
Implications of SIE Paul Vixie, ISC ISC/CAIDA Workshop @M 3 AAWG October 2012 SIE

Implications of SIE Paul Vixie, ISC ISC/CAIDA Workshop @M 3 AAWG October 2012 SIE

Implications of SIE Paul Vixie, ISC ISC/CAIDA Workshop @M 3 AAWG October 2012 SIE Characteristics History: conceived in 2007, piloted in 2008 (NCAP), formally launched in ~2009 (NMSG) General purpose, scalable, distributed data

236 views • 11 slides
LACNIC LACNIC Regional Registry at your services Regional Registry at your services

LACNIC LACNIC Regional Registry at your services Regional Registry at your services

LACNIC LACNIC Regional Registry at your services Regional Registry at your services Sergio Rojas. Sergio Rojas. sergio@lacnic.net sergio@lacnic.net How the Internet work? Is a network of connected devices The

617 views • 16 slides
Anti-Reward Transmitters Implicated in the Motivational Effects of Drugs of Abuse Dynorphin

Anti-Reward Transmitters Implicated in the Motivational Effects of Drugs of Abuse Dynorphin

Anti-Reward Transmitters Implicated in the Motivational Effects of Drugs of Abuse Dynorphin dysphoria CRF stress Norepinephrine stress CNS Actions of Corticotropin-Releasing Factor (CRF) Major CRF-Immunoreactive Cell Groups

352 views • 21 slides
2017 DNSSEC KSK Rollover Carlos Martnez | LACNIC | LACNIC 27, Foz Do Iguass Purpose of this

2017 DNSSEC KSK Rollover Carlos Martnez | LACNIC | LACNIC 27, Foz Do Iguass Purpose of this

2017 DNSSEC KSK Rollover Carlos Martnez | LACNIC | LACNIC 27, Foz Do Iguass Purpose of this Talk 2 1 3 Provide status, Provide helpful To publicize the upcoming events, resources on new Root Zone and contact the KSK roll DNSSEC KSK

384 views • 21 slides
CHILD ABUSE PREVENTION AND PERMANENCY PLAN Monthl hly Updat ate May 14, 2019 AGENDA

CHILD ABUSE PREVENTION AND PERMANENCY PLAN Monthl hly Updat ate May 14, 2019 AGENDA

CHILD ABUSE PREVENTION AND PERMANENCY PLAN Monthl hly Updat ate May 14, 2019 AGENDA Florida Children and Youth Cabinet Update Florida Faith-Based and Community-Based Advisory Council Update Child Abuse Prevention Month Recap

424 views • 11 slides
LACNIC Regional Registry at your services Sergio Rojas. sergio@lacnic.net How the Internet

LACNIC Regional Registry at your services Sergio Rojas. sergio@lacnic.net How the Internet

LACNIC Regional Registry at your services Sergio Rojas. sergio@lacnic.net How the Internet work? Is a network of connected devices The goal, move information from one point to another point 2 What is an IP address. ? They are the

306 views • 17 slides
The Baltimore Experience Caroline Griffin Esq. Chair Mayors Anti -Animal Abuse Advisory

The Baltimore Experience Caroline Griffin Esq. Chair Mayors Anti -Animal Abuse Advisory

Combating Animal Cruelty: The Baltimore Experience Caroline Griffin Esq. Chair Mayors Anti -Animal Abuse Advisory Commission Sande Riesett Outlaw Advertising, LLC Randall Lockwood American Society for the Prevention of Cruelty to Animals

652 views • 62 slides
The Texas General Land Office Community Development and Revitalization Division (GLO-CDR)

The Texas General Land Office Community Development and Revitalization Division (GLO-CDR)

CDR The Texas General Land Office Community Development and Revitalization Division (GLO-CDR) Anti-Fraud, Waste, and Abuse Training We w ork to rebuild com m unities, to put Texans back in their hom es, and to help businesses recover

543 views • 29 slides
CHILD ABUSE PREVENTION AND PERMANENCY PLAN Monthl hly Updat ate January 8, 2019 AGENDA

CHILD ABUSE PREVENTION AND PERMANENCY PLAN Monthl hly Updat ate January 8, 2019 AGENDA

CHILD ABUSE PREVENTION AND PERMANENCY PLAN Monthl hly Updat ate January 8, 2019 AGENDA 2018 OACP Annual Progress Report Florida Children and Youth Cabinet Update Florida Faith-Based and Community-Based Advisory Council Update

650 views • 32 slides
Anti-abuse sections 68, 69 & Benami Law Jagdish T Punjabi April 14, 2018 What do

Anti-abuse sections 68, 69 & Benami Law Jagdish T Punjabi April 14, 2018 What do

Anti-abuse sections 68, 69 & Benami Law Jagdish T Punjabi April 14, 2018 What do specified sections deal with? Sections 68, 69, 69A, 69B, 69C and 69D of the Act deal with Section Heading of the Section 68 Cash Credits 69

978 views • 84 slides
Economics of Abuse Operations: Application to Hosting Matthew C. Stith September 28, 2016 San

Economics of Abuse Operations: Application to Hosting Matthew C. Stith September 28, 2016 San

Economics of Abuse Operations: Application to Hosting Matthew C. Stith September 28, 2016 San Jose, Costa Rica LACNIC 26 | San Jose | September 2016 About the presenter 8 Years at Rackspace Rackspaces Acceptable Use Team and

444 views • 20 slides
Hyperconverged Infrastructure Internet as a global system Seamless integration of compute,

Hyperconverged Infrastructure Internet as a global system Seamless integration of compute,

Hyperconverged Infrastructure Internet as a global system Seamless integration of compute, network and storage Performance vs. Layering New technologies New Applications CSci8211: Introduction 1 Subjects

682 views • 50 slides
WEIRDS Status Update Murray Kucherawy <superuser@gmail.com> The

WEIRDS Status Update Murray Kucherawy <superuser@gmail.com> The

WEIRDS Status Update Murray Kucherawy <superuser@gmail.com> The Story So Far WHOIS is a rudimentary protocol that originated in the early days of

268 views • 5 slides
Stack Buffer Overflows Deian Stefan Some slides adopted from Kirill Levchenko and Stefan Savage

Stack Buffer Overflows Deian Stefan Some slides adopted from Kirill Levchenko and Stefan Savage

CSE 127: Computer Security Stack Buffer Overflows Deian Stefan Some slides adopted from Kirill Levchenko and Stefan Savage When is a program secure? When it does exactly what it should? Not more Not less But how do we know what

1.42k views • 119 slides
CS241 Computer Organization Spring 2015 Buffer Overflow 4-022015 Outline Linking

CS241 Computer Organization Spring 2015 Buffer Overflow 4-022015 Outline Linking

CS241 Computer Organization Spring 2015 Buffer Overflow 4-022015 Outline Linking & Loading, continued Buffer Overflow Read: CSAPP2: section 3.12: out-of-bounds memory references & buffer overflow K&R:

775 views • 43 slides
ABSTRACT zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA quality of service

ABSTRACT zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA quality of service

ABSTRACT zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA quality of service zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA QoS that they require. zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA they receive the end-to-end

657 views • 7 slides
ELEC / COMP 177 Fall 2012 Some slides from Kurose

ELEC / COMP 177 Fall 2012 Some slides from Kurose

ELEC / COMP 177 Fall 2012 Some slides from Kurose and Ross, Computer Networking , 5 th Edition Tuesday, December 11 th 8am-11am Short

897 views • 78 slides
rvores e rvores Binrias Siang Wun Song - Universidade de So Paulo - IME/USP MAC 5710 -

rvores e rvores Binrias Siang Wun Song - Universidade de So Paulo - IME/USP MAC 5710 -

rvores e rvores Binrias Siang Wun Song - Universidade de So Paulo - IME/USP MAC 5710 - Estruturas de Dados - 2008 Siang Wun Song - Universidade de So Paulo - IME/USP rvores e rvores Binrias Referncia bibliogrfica Os slides

794 views • 37 slides
Recursos Humanos I Administrao de Salrios Planos de Benefcios Sociais

Recursos Humanos I Administrao de Salrios Planos de Benefcios Sociais

Recursos Humanos I Administrao de Salrios Planos de Benefcios Sociais Administrao de Salrios Recursos Naturais + Dinheiro Acumulado + Trabalho = Riqueza ou Capital Processo Produtivo = Participao conjunta de

732 views • 38 slides

More recommend