3. 3
ICANN
is
a
global
organiza0on
that
coordinates
the
Internet’s
unique
iden0fier
systems
for
worldwide
public
benefit,
enabling
a
single
interoperable
Internet.
4. 4
+ Domain Name System (DNS)
+ Internet Protocol (IP) Address Allocation
+ Protocol-Parameter Registry
+ Root Server Systems
+ Generic Top-Level Domain Names (gTLD) system
management
+ Country-code Top-Level Domain Name (ccTLD)
DNS
+ Time Zone Database Management
Functions that ICANN Coordinates!
5. SSR
Framework
• Security
–
the
capacity
to
protect
and
prevent
misuse
of
Internet
unique
iden;fiers.
• Stability
–
the
capacity
to
ensure
that
the
system
operates
as
expected,
and
that
users
of
the
unique
iden;fiers
have
confidence
that
the
system
operates
as
expected.
• Resiliency
–
the
capacity
of
the
unique
iden;fier
system
to
effec;vely
withstand/tolerate/survive
malicious
aCacks
and
other
disrup;ve
events
without
disrup;on
or
cessa;on
of
service.
6. The
Challenge
• Misuse
of
and
aCacks
against
the
DNS
and
global
networks
challenge
overall
unique
iden;fier
security
– Affect
the
broad
range
of
users,
individuals,
businesses,
civil
society
and
governments
• Security
in
the
context
of
the
Internet's
unique
iden;fiers
should
be
addressed
through
a
healthy
Internet
ecosystem.
– an
Internet
that
is
sustainable
or
healthy,
stable
and
resilient
6
7. Coordina;on
&
Collabora;on
• Generic
Top
Level
Domain
Operators
(gTLDs)
– .com,
.net,
.org
etc.
• Country
Code
Top
Level
Domain
Operators
(ccTLDs)
– .bd,
.in,
.sg
etc.
• CERTs
• Regional
Internet
Registries
(RIRs)
• Governments
/
Law
Enforcement
• Interna;onal
Organisa;ons
• Research
Organisa;ons
/
Experts
• Etc.
7
9. Iden;fier
Systems
Threat
Awareness
• Exchange
of
threat
intelligence
rela;ng
to
security
events
of
global
nature
involving
iden;fier
systems
• Par;cipa;on
in
response
to
threats
or
aCacks
against
iden;fier
systems,
see
hCps://www.icann.org/en/about/staff/security/
vulnerability-‐disclosure-‐05aug13-‐en.pdf
Threat
Awareness
and
Response
Threat
Intelligence
• Trust
networks
Coordinated
Response
• Vulnerability
Disclosure
• Facilita;on
10. • Ac;ve
engagement
with
global
actors
who
monitor
DNS
health
or
iden;fy
imminent
threats
• DNS
vulnerability
iden;fica;on,
repor;ng,
and
resolu;on
• Examples
– ACacks
against
ccTLDs,
registrars
– Root
system
DDoS
(Anonymous)
Threat
awareness
and
response
11. Iden;fier
SSR
Analy;cs
• Projects
in
infancy
• Develop
metrics
and
analy;cs
for
iden;fier
systems,
e.g.,
– Root
system
measurements,
analysis
– Analysis
of
DNS
or
registra;on
abuse
or
misuse
– Crea;ve
uses
of
DNS
data
Iden;fier
SSR
Analy;cs
Metrics
•
“CVEs”
• Root
System
analy;cs
• Incidents
12. Trust-‐based
Collabora;on
• Global
Cybersecurity
coopera;on
– Coordinate
engagement
through
ICANN
Global
Stakeholder
Engagement
– Coordinate
cybersecurity
message
with
Global
Stakeholder
Engagement
• Global
Security
&
Opera;ons
– Daily
interac;on
on
DNS
abuse/misuse
maCers
with
first
responders,
law
enforcement,
operators
– Coopera;on
with
DNS
research
ac;vi;es
• Examples
– Engage
with
registrars
and
repor;ng
par;es
to
mi;gate
DNS
abuse/misuse
– Lend
subject
maCer
exper;se
during
incident
response
Trust-‐based
Collabora;on
Global
SecOps
• An;Phishing
• An;spam
• An;crime
• Opera;ons
Research
Global
CyberSec
• CCI
• OECD
13. Capability
Building
• DNS
training
– Security,
opera;ons,
and
DNSSEC
deployment
training
for
TLD
registry
operators
– Informa;on
gathering
to
iden;fy
DNS
abuse/
misuse
– Delivered
by
contracted
par;es,
ICANN
staff
(digital
delivery
under
study)
• Training
for
Law
Enforcement
bodies
• Knowledge
Transfer
– Exchange
of
informa;on
gathering
or
inves;ga;ng
techniques
Capability
Building
DNS
Training
• Security
• OAM
• Abuse/
Misuse
Knowledge
Transfer
• Europol
• Interpol
• RIRs
14. Ac;vi;es
in
Malaysia
• Suppor;ng
Network
Opera;onal
and
Technical
Communi;es
– MyNOG,
APRICOT,
APT
Cyber
Security
Forum
etc.
• Collabora;on
with
Malaysian
Communica;ons
and
Mul;media
Commission
(MCMC)
– Online
Safety,
Security
Educa;on
&
Awareness
Ini;a;ves
– Capacity
building
and
Outreach
14
15. Ac;vi;es
in
Malaysia
• MyNIC
(ccTLD)
– Encouraging
DNSSEC
Deployment
• Registrars,
ISPs
etc.
– IDN
delega;on
• Poten;al
L-‐root
Server
instance
15
16. 16
Growing the Asia Pacific Network!
• ICANN APAC Hub
• apachub@icann.org
• SSR issues:
• champika.wijayatunga@icann.org
Thank You!