Dr. Han Zhang (Salesforce)
Cyber security constitutes one of the most serious threats to the current society, costing billions of dollars each year. Botnets is a very important way to perform many attacks. In botnets, the botmaster and bots exchange information through C&C channels, which can be implemented using many protocols. HTTP-based botnets are very common as they are easy to implement and maintain. To improve...
Mr. Edward LEWIS (ICANN)
While collecting data in the name of research, an operational "guffaw" is detected, or suspected? What is the appropriate next step? Name and shame has been one next step, but is questionable on many fronts. Contacting the operator directly may face many obstacles including, lack of attentiveness, lack of proper registered contact addresses, organization barriers, and so on. Once a...
Mr. Yuriy Yuzifovich (Nominum)
A “core” domain, aka an “effective 2nd level domain” (e2LD) usually captures domain ownership (www.example1.com, www.example2.co.uk) and is thus a useful marker for analysis of DNS data. New core domains, are particularly interesting, since they’re highly correlated with malicious activity. For the past 5 years we’ve been tracking new core domains and last year undertook a project to greatly...
Matthew Pounsett (Rightside)
Mr. Vincent Levigneron (AFNIC)
In order to test how our organization was able to deal with DDoS attacks, we put in place a full-scale test program, the first of which took place a month ago. We know that it is not possible alone to counter this type of attack, but we must be prepared, as an organization, to make the best decisions when this kind of event happen. The primary goal of this first exercise was not only to test...