remedi3s tld reputation metrics design to improve
play

REMEDI3S-TLD: Reputation Metrics Design to Improve Intermediary - PowerPoint PPT Presentation

Apr 06, 2023 •358 likes •605 views

REMEDI3S-TLD: Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs A project in collaboration with SIDN and NCSC Maciej Korczy ski Delft University of Technology Contact: maciej.korczynski@tudelft.nl ICANN 54

  1. REMEDI3S-TLD: Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs A project in collaboration with SIDN and NCSC Maciej Korczy ń ski Delft University of Technology Contact: maciej.korczynski@tudelft.nl ICANN 54 Techday 19 October 2015, Dublin

  2. REMEDI3S-TLD

  3. REMEDI3S-TLD

  4. REMEDI3S-TLD

  5. REMEDI3S-TLD

  6. Agenda • Types of security metrics • Security metrics for TLDs • Security metrics for hosting providers • Discussion

  7. Types of security metrics • Different layers of security metrics: • Top Level Domains (TLDs) • Market players related to the TLD (infrastructure providers): registrars, hosting providers, DNS service providers • Network resources managed by each of the players, such as resolvers, name servers

  8. Security metrics for TLDs

  9. Security metrics for TLDs • Type of reputation metrics • Concentration of malicious content: a) Number of unique domains b) Number of FQDN c) Number of URLs

  10. Security metrics for TLDs • Type of reputation metrics • Concentration of malicious content: a) Number of unique domains b) Number of FQDN c) Number of URLs • Size matters!

  11. Security metrics for TLDs • Type of reputation metrics (example)

  12. Security metrics for TLDs • Type of reputation metrics Up-times of maliciously registered/compromised domains •

  13. Security metrics for hosting providers

  14. Security metrics for hosting providers 1. Count badness per AS across different data sources 2. Normalize for the size of the AS (in 3 ways) Abuse ¡Maps ¡ Abuse ¡Feeds ¡ Normalized ¡ Abuse ¡Mapping ¡ Abuse ¡ Shadow ¡Server ¡Compromise ¡ • PhishTank ¡ Shadow ¡Server ¡Sandbox ¡URL ¡ • AS#1 ¡ ß ¡ à ¡ ¡100 ¡ ¡ # ¡Unique ¡Abuse ¡/ ¡AS ¡ Zeustracker ¡C&Cs ¡ AS#2 ¡ ß ¡ à ¡ ¡200 ¡ • PhishTank ¡/ ¡Advrt. ¡IPs ¡ MLAT ¡requests ¡ • AS#1 ¡ ß ¡ à ¡ ¡0.39 ¡ APWG ¡ • MLAT ¡ AS#2 ¡ ß ¡ à ¡ ¡0.19 ¡ StopBadware ¡ • AS#1 ¡ ß ¡ à ¡ ¡50 ¡ Normaliza3on ¡ … ¡ • AS#2 ¡ ß ¡ à ¡ ¡73 ¡ PhishTank ¡/ ¡Domains ¡ ¡ Hosted ¡ • AS#1 ¡ ß ¡ à ¡ ¡4.34 ¡ # ¡Abuse ¡/ ¡Size ¡ AS#2 ¡ ß ¡ à ¡ ¡0.16 ¡ p-­‑DNS ¡/ ¡IP ¡ Size ¡Maps ¡ MLAT ¡/ ¡Advrt. ¡IPs ¡ Size ¡Mapping ¡ AS#1 ¡ ß ¡ à ¡ ¡0.19 ¡ Rou3ng ¡ AdverLsed ¡IPs ¡ AS#2 ¡ ß ¡ à ¡ ¡0.07 ¡ AS#1 ¡ ß ¡ à ¡ ¡256 ¡ # ¡Advertised ¡IPs ¡ AS#2 ¡ ß ¡ à ¡ ¡1024 ¡ # ¡IPs ¡in ¡p-­‑DNS ¡ MLAT ¡/ ¡Domains ¡Hosted ¡ # ¡Domains ¡Hosted ¡ AS#1 ¡ ß ¡ à ¡ ¡2.17 ¡ Farsight ¡Security ¡p-­‑DNS ¡Data ¡ • ¡Domains ¡Hosted ¡ AS#2 ¡ ß ¡ à ¡ ¡0.05 ¡ Internet ¡IP ¡RouLng ¡Data ¡ • AS#1 ¡ ß ¡ à ¡ ¡23 ¡ ¡ AS#2 ¡ ß ¡ à ¡ ¡1232 ¡

  15. Security metrics for hosting providers 3. Rank ASes on amount of badness 4. Aggregate rankings 5. Identify ASes with consistently high concentrations of badness Abuse ¡Ranking ¡ Normalized ¡ Abuse ¡ PhishTank ¡Ranking ¡1 ¡ PhishTank ¡/ ¡Advrt. ¡IPs ¡ AS#1 ¡ ß ¡ à ¡ ¡834 ¡ AS#1 ¡ ß ¡ à ¡ ¡0.39 ¡ Overall ¡Ranking ¡ AS#2 ¡ ß ¡ à ¡ ¡833 ¡ AS#2 ¡ ß ¡ à ¡ ¡0.19 ¡ Rank ¡ Combine ¡ PhishTank ¡/ ¡Domains ¡ PhishTank ¡Ranking ¡2 ¡ Borda ¡Count ¡Ranking ¡ Ranks ¡ Hosted ¡ AS#1 ¡ ß ¡ à ¡ ¡834 ¡ AS#1 ¡ ß ¡ à ¡ ¡2354 ¡ Sort ¡Rank ¡ ¡ AS#1 ¡ ß ¡ à ¡ ¡4.34 ¡ AS#2 ¡ ß ¡ à ¡ ¡833 ¡ AS#2 ¡ ß ¡ à ¡ ¡1834 ¡ Borda ¡Count ¡ High ¡ à ¡Low ¡ AS#2 ¡ ß ¡ à ¡ ¡0.16 ¡ AS#3 ¡ ß ¡ à ¡ ¡1542 ¡ AS#4 ¡ ß ¡ à ¡ ¡1322 ¡ MLAT ¡Ranking ¡1 ¡ MLAT ¡/ ¡Advrt. ¡IPs ¡ AS#1 ¡ ß ¡ à ¡ ¡235 ¡ AS#1 ¡ ß ¡ à ¡ ¡0.19 ¡ AS#2 ¡ ß ¡ à ¡ ¡234 ¡ AS#2 ¡ ß ¡ à ¡ ¡0.07 ¡ MLAT ¡Ranking ¡2 ¡ MLAT ¡/ ¡Domains ¡Hosted ¡ AS#1 ¡ ß ¡ à ¡ ¡235 ¡ AS#1 ¡ ß ¡ à ¡ ¡2.17 ¡ AS#2 ¡ ß ¡ à ¡ ¡234 ¡ AS#2 ¡ ß ¡ à ¡ ¡0.05 ¡

  16. Practical application • “Clean Netherlands”: Enhance self cleansing ability of the Dutch hosting market by • promoting best practices and awareness • pressuring the rotten apples

  17. Discussion • Compare your TLD against the market • Driving factors (why the attackers are more interested in certain types of domains?) • Let us know about policy changes, pricing

  18. Discussion • Limitations: metrics for smaller TLDs are more sensitive to individual security incidents • Abuse handling initiatives

  19. Discussion • Limited access to: • Domain WHOIS (classifier between maliciously registered and legitimate domains, metrics for registrars) • Datasets, e.g. shadow server reports • Feedback

  20. ACKNOWLEDGEMENTS The research leading to these results was funded by SIDN (www.sidn.nl) Many thanks to: Cristian Hesselman (SIDN Labs), Paul Vixie (Farsight Security), and Thorsten Kraft ( Cyscon )

  21. Contact information: Maciej Korczy ń ski Delft University of Technology maciej.korczynski@tudelft.nl

  22. Security metrics for TLDs • Type of reputation metrics

Recommend

From weak online reputation metrics to standardized attack-resistant trust metrics Dr. Jean-Marc

From weak online reputation metrics to standardized attack-resistant trust metrics Dr. Jean-Marc

ITU Workshop on Future Trust and Knowledge Infrastructure, Phase 2 Geneva, Switzerland 1 July 2016 From weak online reputation metrics to standardized attack-resistant trust metrics Dr. Jean-Marc Seigneur President at Rputaction SAS,

599 views • 26 slides
Identifying interventions to improve NMHS capacities based on GFCS pillars and associated metrics

Identifying interventions to improve NMHS capacities based on GFCS pillars and associated metrics

Identifying interventions to improve NMHS capacities based on GFCS pillars and associated metrics Mark Tadross, Anna Steynor, Christopher Lennard, Kate Kloppers, Luleka Dlamini (CSAG) Methodological steps assessing capacity Metrics associated

330 views • 11 slides
What we learned from Community Metrics Agenda Why are metrics used? How metrics are used

What we learned from Community Metrics Agenda Why are metrics used? How metrics are used

What we learned from Community Metrics Agenda Why are metrics used? How metrics are used in two Open Source communities Common pitfalls and ways to avoid them Why use Metrics? Transparency Who is contributing to the

166 views • 14 slides
Possible Incentive Metrics: Public Health Recommendations Katrina Hedberg, MD, MPH Health

Possible Incentive Metrics: Public Health Recommendations Katrina Hedberg, MD, MPH Health

Possible Incentive Metrics: Public Health Recommendations Katrina Hedberg, MD, MPH Health Officer & State Epidemiologist April 18, 2014 Context Improve population health, improve care, lower (long-term) costs Address leading

627 views • 43 slides
The Metrics Design Pattern Metrics Driven Development Stephanie Kaiser & Horia Dragomir

The Metrics Design Pattern Metrics Driven Development Stephanie Kaiser & Horia Dragomir

The Metrics Design Pattern Metrics Driven Development Stephanie Kaiser & Horia Dragomir Stephanie Kaiser & Horia Dragomir wooga wooga The Metrics Design Pattern A story about a game Monster World DAU 1.200.000 1.000.000 800.000

827 views • 64 slides
Reputation Systems Reputation systems: quantify the trust between different users. Application:

Reputation Systems Reputation systems: quantify the trust between different users. Application:

Formal Verification of e-Reputation Protocols 1 Ali Kassem 2 , Pascal Lafourcade 1 , Yassine Lakhnech 2 1 University dAuvergne, LIMOS 2 Universit Grenoble Alpes, CNRS, VERIMAG The 7th International Symposium on Foundations & Practice of

583 views • 33 slides
Online Reputation Security It takes 20 years to build a reputation and five minutes to ruin

Online Reputation Security It takes 20 years to build a reputation and five minutes to ruin

Online Reputation Security It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, youll do things differently Warren Buffett NASDAQ ABC Stock after Roseanne Barrs Tweet and Show

698 views • 51 slides
Aucklands DNA Rollout Process Place DNA Reputation Themes Final Reputation Framework

Aucklands DNA Rollout Process Place DNA Reputation Themes Final Reputation Framework

Aucklands DNA Rollout Process Place DNA Reputation Themes Final Reputation Framework Framework 3 Reputation Storybook Themes 1 Destination reputation 2 The power of stories 3 The importance of themes 4 Aucklands Place DNA

663 views • 64 slides
Reputation Management Destroy or Salvage Reputation? Through their actions following a crisis,

Reputation Management Destroy or Salvage Reputation? Through their actions following a crisis,

Reputation Management Destroy or Salvage Reputation? Through their actions following a crisis, brands decide if they destroy or salvage their reputations. And of course, their partners matter too specifically their PR firms. DO YOU DESERVE

475 views • 28 slides
Schools & Reputation Management Overview Introductions The Importance of managing

Schools & Reputation Management Overview Introductions The Importance of managing

Schools & Reputation Management Overview Introductions The Importance of managing your schools reputation How can social media affect your schools reputation? The press Legal issues Case studies

321 views • 13 slides
AGENCY OPERATIONS METRICS The Metrics of Me The Metrics of Me x 159 13,006 5 days old books

AGENCY OPERATIONS METRICS The Metrics of Me The Metrics of Me x 159 13,006 5 days old books

Dont trust your gut AGENCY OPERATIONS METRICS The Metrics of Me The Metrics of Me x 159 13,006 5 days old books read so far in 2018 The Metrics of Me 6.3 4.5 4 0 hours of sleep hours in dance class hours cooking hours commuting

549 views • 20 slides
Robert Pohnke Plan 1. Problem Description 2. Canal mechanism 3. Results 4. Q&A Reputation

Robert Pohnke Plan 1. Problem Description 2. Canal mechanism 3. Results 4. Q&A Reputation

Canal: Scaling Social Network-Based Sybil Tolerance Schemes Robert Pohnke Plan 1. Problem Description 2. Canal mechanism 3. Results 4. Q&A Reputation systems A reputation system computes and publishes reputation scores for a set of

649 views • 25 slides
Proposal Metrics Dashboard What Gets Measured Gets Done Topics Why Keep Metrics? What

Proposal Metrics Dashboard What Gets Measured Gets Done Topics Why Keep Metrics? What

Proposal Metrics Dashboard What Gets Measured Gets Done Topics Why Keep Metrics? What Metrics Should We Keep? What is the Easiest Way to Collect Metrics? What is the Easiest Way to Report Metrics? Tips and Tricks to Building a

578 views • 16 slides
Software Metrics Chapter 4 1 SW Metrics SW process and product metrics are quantitative

Software Metrics Chapter 4 1 SW Metrics SW process and product metrics are quantitative

Click here to review OO Testing Strategies Software Metrics Chapter 4 1 SW Metrics SW process and product metrics are quantitative measures that enable SW people to gain insight into the efficacy of SW process and the projects that are

897 views • 44 slides
Software Metrics Denition The measurement of the software development process and its

Software Metrics Denition The measurement of the software development process and its

Object-Oriented Software Engineering Extra Chapter: Software Metrics Lecture 14 Why Measure Software? Projects often Go over budget Miss deadlines Exhibit poor quality Measurements can be used to improve the process and quality

526 views • 14 slides
Rapid, Collaborative 3D Modeling: Techniques to Improve Buy In During Design Chris Kitts, MWH

Rapid, Collaborative 3D Modeling: Techniques to Improve Buy In During Design Chris Kitts, MWH

PNWS AWWA CONFERENCE Rapid, Collaborative 3D Modeling: Techniques to Improve Buy In During Design Chris Kitts, MWH MAY 8, 2014 Conceptual Design Detailed Design Construction To begin with the end in mind means to start with a clear

513 views • 18 slides
UMBC A B M A L T F O U M B C I M Y O R T 1 (9/9/04) I E S R C E O V U

UMBC A B M A L T F O U M B C I M Y O R T 1 (9/9/04) I E S R C E O V U

Advanced VLSI Design Quality Metrics of a Digital Design I CMPE 640 Basic Properties of a Digital Design These help quantify the quality of a design from different perspectives: Cost Functionality Robustness Performance

427 views • 14 slides
Detailed Design Review Key Objectives? Catch mistakes and improve design Verify

Detailed Design Review Key Objectives? Catch mistakes and improve design Verify

Detailed Design Review Key Objectives? Catch mistakes and improve design Verify readiness to spend money and build prototype: Specs (needs) are addressed Risks are addressed Participants? Guide, TA, and all team members

380 views • 11 slides
Take control of your reputation. Don't let negative online content affect your professional and

Take control of your reputation. Don't let negative online content affect your professional and

Take control of your reputation. Don't let negative online content affect your professional and personal life. Who are we? Part 1 is the leader in the online reputation management and digital privacy space. Founded in 2006, we pioneered the

406 views • 13 slides
THE REPUTATION BOOSTING MACHINE By The HOTH This Is For YOU Local Business, Online

THE REPUTATION BOOSTING MACHINE By The HOTH This Is For YOU Local Business, Online

STARTING SHORTLY: THE REPUTATION BOOSTING MACHINE By The HOTH This Is For YOU Local Business, Online Business, Agency Youre looking to get more 5 star reviews - FAST You want to build a BULLETPROOF awesome reputation

1.7k views • 110 slides
Content-Driven Author Reputation and Text Trust for the Wikipedia Luca de Alfaro UC Santa Cruz

Content-Driven Author Reputation and Text Trust for the Wikipedia Luca de Alfaro UC Santa Cruz

Content-Driven Author Reputation and Text Trust for the Wikipedia Luca de Alfaro UC Santa Cruz Joint work with Bo Adler , Ian Pye, Caitlin Sadowski (UCSC) Wikimania, August 2007 Author Reputation and Text Trust Author Reputation: Goal:

905 views • 44 slides
Vodacom Sustainability Strategy 1 C2 General WHY Sustainability Building good reputation

Vodacom Sustainability Strategy 1 C2 General WHY Sustainability Building good reputation

Vodacom Sustainability Strategy 1 C2 General WHY Sustainability Building good reputation Increasing revenues Improved reputation and trust Opportunity for new products & (trusted by the public be known services (e.g. Thetha

328 views • 21 slides
Partnering to Improve Cancer Prevention, Treatment, & Outcomes Lisa Piercey, MD, MBA, FAAP |

Partnering to Improve Cancer Prevention, Treatment, & Outcomes Lisa Piercey, MD, MBA, FAAP |

Partnering to Improve Cancer Prevention, Treatment, & Outcomes Lisa Piercey, MD, MBA, FAAP | February 28, 2020 TDHs Strategic Plan PREVENTION Engage county health councils to improve local health metrics Decrease youth obesity

505 views • 39 slides
SOCIAL MEDIA MARKETING & REPUTATION BOLD IDEAS, THAT WORK. ADVERTISING DIGITAL &

SOCIAL MEDIA MARKETING & REPUTATION BOLD IDEAS, THAT WORK. ADVERTISING DIGITAL &

27.03.18 SOCIAL MEDIA MARKETING & REPUTATION BOLD IDEAS, THAT WORK. ADVERTISING DIGITAL & SOCIAL DESIGN & BRANDING EXPERIENTIAL DIRECT MARKETING PLANNING & DATA CONSUMER RESEARCH THE 3% #1 KEEPING CHANNELS ACTIVE

513 views • 48 slides

More recommend