SlideShare uma empresa Scribd logo

DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve Intermediary Incentives

Splend
Splend

Intermediaries such as registries, registrars, DNS providers and hosting providers are responsible for the security of domains. However, it can be hard to hold any one of them directly responsible for any domain. In this presentation, we analyze the interplay between these four actors. We also provide some evidence that the concentrations of maliciously registered and hacked domains are due to some attackers’ profit maximizing behaviors such as abusing free hosting and domain registration services, hacking more easily available targets like shared hosting, and hosting a few resilient name server.

Tecnologia
1 de 22
Baixar para ler offline
REMEDI3S-TLD: Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs A project in collaboration with SIDN and NCSC Maciej Korczy ski Delft University of Technology Contact: maciej.korczynski@tudelft.nl DHPA Techday 21 May 2015, The Hague
REMEDI3S-TLD
REMEDI3S-TLD
REMEDI3S-TLD
REMEDI3S-TLD
Agenda •  REMEDI3S-TLD •  Security incidents •  Types of security metrics •  Security metrics for TLDs •  Security metrics for hosting providers •  Practical application •  Summary
Security incidents •  Blacklists •  APWG •  Shadowserver (botnet C&C, Sandbox URLs, etc.) •  ESET, Sophos, Fortinet •  Google's Safe browsing appeals •  Malware Must Die •  Phishtank •  Zeus tracker •  Dutch child pornography hotline •  Etc. •  Farsight security (dns-db)
Types of security metrics •  Different layers of security metrics: •  Top Level Domains (TLDs) •  Market players related to the TLD (infrastructure providers): registrars, hosting providers, DNS service providers •  Network resources managed by each of the players, such as resolvers, name servers
Security metrics for TLDs •  Size estimate for different market players, e.g. TLDs •  Problem: access to zone files of all TLDs •  Solution: zone files, APWG reports, DNS-DB
•  Type of reputation metrics •  Problem: estimation of the amount of badness •  Solutions (TLDs): a)  Number of unique domains b)  Number of FQDN c)  Number of URLs Security metrics for TLDs
•  Type of reputation metrics •  Problem: up-times of maliciously registered/compromised domains •  Solutions: a)  DNS-based scanner b)  Content-based scanner Security metrics for TLDs
Results •  Estimation of the amount of badness for TLD •  Datasets: suitability, coverage
Results •  Estimation of the amount of badness
Results •  Estimation of the amount of badness
Results •  Estimation of the amount of badness
Security metrics for hosting providers 1.  Count badness per AS across different data sources 2.  Normalize for the size of the AS (in 3 ways) Abuse&Feeds& p*DNS&/&IP& Rou3ng& •  Shadow'Server'Compromise' •  Shadow'Server'Sandbox'URL' •  Zeustracker'C&Cs' •  MLAT'requests' •  APWG' •  StopBadware' •  …' ' #"Advertised"IPs" #"IPs"in"p/DNS" #"Domains"Hosted" Abuse&Mapping& Size&Mapping& •  Farsight'Security'pHDNS'Data' •  Internet'IP'RouLng'Data' ' #"Unique"Abuse"/"AS" Abuse&Maps& PhishTank' AS#1'!'"''100'' AS#2'!'"''200' MLAT' AS#1'!'"''50' AS#2'!'"''73' Size&Maps& AdverLsed'IPs' AS#1'!'"''256' AS#2'!'"''1024' 'Domains'Hosted' AS#1'!'"''23' AS#2'!'"''1232' Normaliza3on& Normalized& Abuse& PhishTank'/'Advrt.'IPs' AS#1'!'"''0.39' AS#2'!'"''0.19' PhishTank'/'Domains' Hosted' AS#1'!'"''4.34' AS#2'!'"''0.16' MLAT'/'Advrt.'IPs' AS#1'!'"''0.19' AS#2'!'"''0.07' MLAT'/'Domains'Hosted' AS#1'!'"''2.17' AS#2'!'"''0.05' •  #"Abuse"/"Size"
3.  Rank ASes on amount of badness 4.  Aggregate rankings (Borda count) 5.  Identify ASes with consistently high concentrations of badness Rank& Abuse&Ranking& PhishTank'Ranking'1' AS#1'!'"''834' AS#2'!'"''833' PhishTank'Ranking'2' AS#1'!'"''834' AS#2'!'"''833' MLAT'Ranking'1' AS#1'!'"''235' AS#2'!'"''234' MLAT'Ranking'2' AS#1'!'"''235' AS#2'!'"''234' Combine& Ranks& Sort"Rank"" High"!"Low" Borda"Count" Overall&Ranking& Borda'Count'Ranking' AS#1'!'"''2354' AS#2'!'"''1834' AS#3'!'"''1542' AS#4'!'"''1322' Normalized& Abuse& PhishTank'/'Advrt.'IPs' AS#1'!'"''0.39' AS#2'!'"''0.19' PhishTank'/'Domains' Hosted' AS#1'!'"''4.34' AS#2'!'"''0.16' MLAT'/'Advrt.'IPs' AS#1'!'"''0.19' AS#2'!'"''0.07' MLAT'/'Domains'Hosted' AS#1'!'"''2.17' AS#2'!'"''0.05' Security metrics for hosting providers
Practical application •  Incentive structures that drive the DNS ecosystem •  “Clean Netherlands”: Enhance self cleansing ability of the Dutch hosting market by •  promoting best practices and awareness •  pressuring the rotten apples
Summary •  REMEDI3S-TLD •  Security metrics for TLDs •  Security metrics for hosting providers •  Practical application
ACKNOWLEDGEMENTS The research leading to these results was funded by SIDN (www.sidn.nl)

Recomendados

Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
 
Basic ethical hacking and cyber security
Basic ethical hacking and cyber securityBasic ethical hacking and cyber security
Basic ethical hacking and cyber securityFaysal Ahmed
 
How to Protect Your Organization from the Ransomware Epidemic
How to Protect Your Organization from the Ransomware EpidemicHow to Protect Your Organization from the Ransomware Epidemic
How to Protect Your Organization from the Ransomware EpidemicTripwire
 
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On LabPHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On LabTeymur Kheirkhabarov
 
Hunting before a Known Incident
Hunting before a Known IncidentHunting before a Known Incident
Hunting before a Known IncidentEndgameInc
 
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016Danny Akacki
 
TTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesTTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesDragos, Inc.
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheapAnjum Ahuja
 

Recomendados

Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
 
Basic ethical hacking and cyber security
Basic ethical hacking and cyber securityBasic ethical hacking and cyber security
Basic ethical hacking and cyber securityFaysal Ahmed
 
How to Protect Your Organization from the Ransomware Epidemic
How to Protect Your Organization from the Ransomware EpidemicHow to Protect Your Organization from the Ransomware Epidemic
How to Protect Your Organization from the Ransomware EpidemicTripwire
 
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On LabPHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On LabTeymur Kheirkhabarov
 
Hunting before a Known Incident
Hunting before a Known IncidentHunting before a Known Incident
Hunting before a Known IncidentEndgameInc
 
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016Danny Akacki
 
TTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesTTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesDragos, Inc.
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheapAnjum Ahuja
 
Billions & Billions of Logs
Billions & Billions of LogsBillions & Billions of Logs
Billions & Billions of LogsJack Crook
 
EmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
EmPOW: Integrating Attack Behavior Intelligence into Logstash PluginsEmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
EmPOW: Integrating Attack Behavior Intelligence into Logstash PluginsFaithWestdorp
 
Discover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiDiscover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiJeremy Li
 
Threat Intelligence Ops In-Depth at Massive Enterprise
Threat Intelligence Ops In-Depth at Massive EnterpriseThreat Intelligence Ops In-Depth at Massive Enterprise
Threat Intelligence Ops In-Depth at Massive EnterpriseJeremy Li
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
 
SplunkLive! London - Scoping Infections and Disrupting Breaches breakout
SplunkLive! London - Scoping Infections and Disrupting Breaches breakoutSplunkLive! London - Scoping Infections and Disrupting Breaches breakout
SplunkLive! London - Scoping Infections and Disrupting Breaches breakoutSplunk
 
Extracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseExtracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseAshwini Almad
 
Talos
TalosTalos
TalosMuhammad ilyas
 
Network Information And Security
Network Information And SecurityNetwork Information And Security
Network Information And Securityanandk10
 
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...Core Security
 
The 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypseThe 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypseChristiaan Beek
 
Anatomy Of Hack
Anatomy Of HackAnatomy Of Hack
Anatomy Of HackAgnel Chittilappilly
 
Minimizing Dwell Time On Networks In IR With Tapio
Minimizing Dwell Time On Networks In IR With TapioMinimizing Dwell Time On Networks In IR With Tapio
Minimizing Dwell Time On Networks In IR With TapioInvincea, Inc.
 
Threat hunting on the wire
Threat hunting on the wireThreat hunting on the wire
Threat hunting on the wireInfoSec Addicts
 
Base Metal Forensics
Base Metal ForensicsBase Metal Forensics
Base Metal ForensicsNapier University
 
JAKU Botnet Analysis
JAKU Botnet AnalysisJAKU Botnet Analysis
JAKU Botnet AnalysisNapier University
 
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...MITRE - ATT&CKcon
 
2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronis2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronisLiza Charalambous
 
Worst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are DetectedWorst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are DetectedAshwini Almad
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareTzar Umang
 
Attaining data security in cloud computing
Attaining data security in cloud computingAttaining data security in cloud computing
Attaining data security in cloud computingGopinath Muthusamy
 

Mais conteúdo relacionado

Mais procurados

Billions & Billions of Logs
Billions & Billions of LogsBillions & Billions of Logs
Billions & Billions of LogsJack Crook
 
EmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
EmPOW: Integrating Attack Behavior Intelligence into Logstash PluginsEmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
EmPOW: Integrating Attack Behavior Intelligence into Logstash PluginsFaithWestdorp
 
Discover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiDiscover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiJeremy Li
 
Threat Intelligence Ops In-Depth at Massive Enterprise
Threat Intelligence Ops In-Depth at Massive EnterpriseThreat Intelligence Ops In-Depth at Massive Enterprise
Threat Intelligence Ops In-Depth at Massive EnterpriseJeremy Li
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
 
SplunkLive! London - Scoping Infections and Disrupting Breaches breakout
SplunkLive! London - Scoping Infections and Disrupting Breaches breakoutSplunkLive! London - Scoping Infections and Disrupting Breaches breakout
SplunkLive! London - Scoping Infections and Disrupting Breaches breakoutSplunk
 
Extracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseExtracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseAshwini Almad
 
Network Information And Security
Network Information And SecurityNetwork Information And Security
Network Information And Securityanandk10
 
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...Core Security
 
The 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypseThe 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypseChristiaan Beek
 
Minimizing Dwell Time On Networks In IR With Tapio
Minimizing Dwell Time On Networks In IR With TapioMinimizing Dwell Time On Networks In IR With Tapio
Minimizing Dwell Time On Networks In IR With TapioInvincea, Inc.
 
Threat hunting on the wire
Threat hunting on the wireThreat hunting on the wire
Threat hunting on the wireInfoSec Addicts
 
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...MITRE - ATT&CKcon
 
2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronis2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronisLiza Charalambous
 
Worst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are DetectedWorst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are DetectedAshwini Almad
 

Mais procurados (20)

Billions & Billions of Logs
Billions & Billions of LogsBillions & Billions of Logs
Billions & Billions of Logs
 
EmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
EmPOW: Integrating Attack Behavior Intelligence into Logstash PluginsEmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
EmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
 
Discover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiDiscover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy Li
 
Threat Intelligence Ops In-Depth at Massive Enterprise
Threat Intelligence Ops In-Depth at Massive EnterpriseThreat Intelligence Ops In-Depth at Massive Enterprise
Threat Intelligence Ops In-Depth at Massive Enterprise
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing
 
SplunkLive! London - Scoping Infections and Disrupting Breaches breakout
SplunkLive! London - Scoping Infections and Disrupting Breaches breakoutSplunkLive! London - Scoping Infections and Disrupting Breaches breakout
SplunkLive! London - Scoping Infections and Disrupting Breaches breakout
 
Extracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseExtracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet Noise
 
Talos
TalosTalos
Talos
 
Network Information And Security
Network Information And SecurityNetwork Information And Security
Network Information And Security
 
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
 
The 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypseThe 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypse
 
Anatomy Of Hack
Anatomy Of HackAnatomy Of Hack
Anatomy Of Hack
 
Minimizing Dwell Time On Networks In IR With Tapio
Minimizing Dwell Time On Networks In IR With TapioMinimizing Dwell Time On Networks In IR With Tapio
Minimizing Dwell Time On Networks In IR With Tapio
 
Threat hunting on the wire
Threat hunting on the wireThreat hunting on the wire
Threat hunting on the wire
 
Base Metal Forensics
Base Metal ForensicsBase Metal Forensics
Base Metal Forensics
 
JAKU Botnet Analysis
JAKU Botnet AnalysisJAKU Botnet Analysis
JAKU Botnet Analysis
 
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
 
2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronis2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronis
 
Worst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are DetectedWorst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are Detected
 

Semelhante a DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve Intermediary Incentives

Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareTzar Umang
 
Attaining data security in cloud computing
Attaining data security in cloud computingAttaining data security in cloud computing
Attaining data security in cloud computingGopinath Muthusamy
 
Extending Your Network Cloud Security to AWS
Extending Your Network Cloud Security to AWSExtending Your Network Cloud Security to AWS
Extending Your Network Cloud Security to AWSFidelis Cybersecurity
 
Malicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine LearningMalicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine Learningsecurityxploded
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Alert Logic
 
Secure and Privacy-Preserving Big-Data Processing
Secure and Privacy-Preserving Big-Data ProcessingSecure and Privacy-Preserving Big-Data Processing
Secure and Privacy-Preserving Big-Data ProcessingShantanu Sharma
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
 
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...MongoDB
 
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse TeamsUsing GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse TeamsAndrew Morris
 
RISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notesRISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notesRISC-V International
 
Offensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agendaOffensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agendaShivamSharma909
 
Offensive cyber security engineer
Offensive cyber security engineerOffensive cyber security engineer
Offensive cyber security engineerShivamSharma909
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updatedInfosecTrain
 
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Ruby Meditation
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough? Zscaler
 
1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale1. Network Security Monitoring Rationale
1. Network Security Monitoring RationaleSam Bowne
 

Semelhante a DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve Intermediary Incentives (20)

Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
 
Attaining data security in cloud computing
Attaining data security in cloud computingAttaining data security in cloud computing
Attaining data security in cloud computing
 
Extending Your Network Cloud Security to AWS
Extending Your Network Cloud Security to AWSExtending Your Network Cloud Security to AWS
Extending Your Network Cloud Security to AWS
 
Malicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine LearningMalicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine Learning
 
Malicious Client Detection using Machine learning
Malicious Client Detection using Machine learningMalicious Client Detection using Machine learning
Malicious Client Detection using Machine learning
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud
 
Secure and Privacy-Preserving Big-Data Processing
Secure and Privacy-Preserving Big-Data ProcessingSecure and Privacy-Preserving Big-Data Processing
Secure and Privacy-Preserving Big-Data Processing
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 
SIEM.pdf
SIEM.pdfSIEM.pdf
SIEM.pdf
 
ION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSEC
 
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
 
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse TeamsUsing GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
 
RISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notesRISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notes
 
Data trustworthiness at the edge
Data trustworthiness at the edgeData trustworthiness at the edge
Data trustworthiness at the edge
 
Offensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agendaOffensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agenda
 
Offensive cyber security engineer
Offensive cyber security engineerOffensive cyber security engineer
Offensive cyber security engineer
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
 
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough?
 
1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale
 

Mais de Splend

Fiber Vakdag 2019 - Gerben Roseboom - MapXact
Fiber Vakdag 2019 - Gerben Roseboom - MapXactFiber Vakdag 2019 - Gerben Roseboom - MapXact
Fiber Vakdag 2019 - Gerben Roseboom - MapXactSplend
 
Fiber Vakdag 2019 - Lex Wils - FCA
Fiber Vakdag 2019 - Lex Wils - FCAFiber Vakdag 2019 - Lex Wils - FCA
Fiber Vakdag 2019 - Lex Wils - FCASplend
 
Martin Pels - NLNog ring
Martin Pels - NLNog ringMartin Pels - NLNog ring
Martin Pels - NLNog ringSplend
 
Wido den Hollander - IPv6
Wido den Hollander - IPv6Wido den Hollander - IPv6
Wido den Hollander - IPv6Splend
 
Pim van Stam - BGP
Pim van Stam - BGPPim van Stam - BGP
Pim van Stam - BGPSplend
 
Bart Lageweg - Ansible/Cobbler
Bart Lageweg - Ansible/CobblerBart Lageweg - Ansible/Cobbler
Bart Lageweg - Ansible/CobblerSplend
 
6projects - Eyle Brinkhuis - SURFnet - Virtuele Netwerkfuncties
6projects - Eyle Brinkhuis - SURFnet - Virtuele Netwerkfuncties6projects - Eyle Brinkhuis - SURFnet - Virtuele Netwerkfuncties
6projects - Eyle Brinkhuis - SURFnet - Virtuele NetwerkfunctiesSplend
 
HSB15 - Dr. Michel van Eeten - TU Delft
HSB15 - Dr. Michel van Eeten - TU DelftHSB15 - Dr. Michel van Eeten - TU Delft
HSB15 - Dr. Michel van Eeten - TU DelftSplend
 
HSB15 - Xander Jansen - SURFnet
HSB15 - Xander Jansen - SURFnetHSB15 - Xander Jansen - SURFnet
HSB15 - Xander Jansen - SURFnetSplend
 
HSB15 - 0xDUDE
HSB15 - 0xDUDEHSB15 - 0xDUDE
HSB15 - 0xDUDESplend
 
HSB15 - Pavel Minarik - INVEATECH
HSB15 - Pavel Minarik - INVEATECHHSB15 - Pavel Minarik - INVEATECH
HSB15 - Pavel Minarik - INVEATECHSplend
 
HSB15 - Aiko Pras - TU Twente
HSB15 - Aiko Pras - TU TwenteHSB15 - Aiko Pras - TU Twente
HSB15 - Aiko Pras - TU TwenteSplend
 
HSB15 - Lennert den Teuling - ISPConnect
HSB15 - Lennert den Teuling - ISPConnectHSB15 - Lennert den Teuling - ISPConnect
HSB15 - Lennert den Teuling - ISPConnectSplend
 
HSB15 - Thijs Bosschert - Radically Open Security
HSB15 - Thijs Bosschert - Radically Open SecurityHSB15 - Thijs Bosschert - Radically Open Security
HSB15 - Thijs Bosschert - Radically Open SecuritySplend
 
HSB15 - Richard Bosboom - HackerOne
HSB15 - Richard Bosboom - HackerOneHSB15 - Richard Bosboom - HackerOne
HSB15 - Richard Bosboom - HackerOneSplend
 
DHPA Techday 2015 - Patrick Savalle - Are you out of your mind?
DHPA Techday 2015 - Patrick Savalle - Are you out of your mind?DHPA Techday 2015 - Patrick Savalle - Are you out of your mind?
DHPA Techday 2015 - Patrick Savalle - Are you out of your mind?Splend
 
DHPA Techday 2015 - Patrick Savalle - Disruptive Technology
DHPA Techday 2015 - Patrick Savalle - Disruptive TechnologyDHPA Techday 2015 - Patrick Savalle - Disruptive Technology
DHPA Techday 2015 - Patrick Savalle - Disruptive TechnologySplend
 
DHPA Techday 2015 - Ger Apeldoorn - Deep dive into Puppet
DHPA Techday 2015 - Ger Apeldoorn - Deep dive into PuppetDHPA Techday 2015 - Ger Apeldoorn - Deep dive into Puppet
DHPA Techday 2015 - Ger Apeldoorn - Deep dive into PuppetSplend
 
DHPA Techday 2015 - Johan Benning - HP Mobility
DHPA Techday 2015 - Johan Benning - HP MobilityDHPA Techday 2015 - Johan Benning - HP Mobility
DHPA Techday 2015 - Johan Benning - HP MobilitySplend
 
DHPA Techday 2015 - Arjen Zonneveld - Jelte Jansen - DNSSEC College
DHPA Techday 2015 - Arjen Zonneveld - Jelte Jansen - DNSSEC CollegeDHPA Techday 2015 - Arjen Zonneveld - Jelte Jansen - DNSSEC College
DHPA Techday 2015 - Arjen Zonneveld - Jelte Jansen - DNSSEC CollegeSplend
 

Mais de Splend (20)

Fiber Vakdag 2019 - Gerben Roseboom - MapXact
Fiber Vakdag 2019 - Gerben Roseboom - MapXactFiber Vakdag 2019 - Gerben Roseboom - MapXact
Fiber Vakdag 2019 - Gerben Roseboom - MapXact
 
Fiber Vakdag 2019 - Lex Wils - FCA
Fiber Vakdag 2019 - Lex Wils - FCAFiber Vakdag 2019 - Lex Wils - FCA
Fiber Vakdag 2019 - Lex Wils - FCA
 
Martin Pels - NLNog ring
Martin Pels - NLNog ringMartin Pels - NLNog ring
Martin Pels - NLNog ring
 
Wido den Hollander - IPv6
Wido den Hollander - IPv6Wido den Hollander - IPv6
Wido den Hollander - IPv6
 
Pim van Stam - BGP
Pim van Stam - BGPPim van Stam - BGP
Pim van Stam - BGP
 
Bart Lageweg - Ansible/Cobbler
Bart Lageweg - Ansible/CobblerBart Lageweg - Ansible/Cobbler
Bart Lageweg - Ansible/Cobbler
 
6projects - Eyle Brinkhuis - SURFnet - Virtuele Netwerkfuncties
6projects - Eyle Brinkhuis - SURFnet - Virtuele Netwerkfuncties6projects - Eyle Brinkhuis - SURFnet - Virtuele Netwerkfuncties
6projects - Eyle Brinkhuis - SURFnet - Virtuele Netwerkfuncties
 
HSB15 - Dr. Michel van Eeten - TU Delft
HSB15 - Dr. Michel van Eeten - TU DelftHSB15 - Dr. Michel van Eeten - TU Delft
HSB15 - Dr. Michel van Eeten - TU Delft
 
HSB15 - Xander Jansen - SURFnet
HSB15 - Xander Jansen - SURFnetHSB15 - Xander Jansen - SURFnet
HSB15 - Xander Jansen - SURFnet
 
HSB15 - 0xDUDE
HSB15 - 0xDUDEHSB15 - 0xDUDE
HSB15 - 0xDUDE
 
HSB15 - Pavel Minarik - INVEATECH
HSB15 - Pavel Minarik - INVEATECHHSB15 - Pavel Minarik - INVEATECH
HSB15 - Pavel Minarik - INVEATECH
 
HSB15 - Aiko Pras - TU Twente
HSB15 - Aiko Pras - TU TwenteHSB15 - Aiko Pras - TU Twente
HSB15 - Aiko Pras - TU Twente
 
HSB15 - Lennert den Teuling - ISPConnect
HSB15 - Lennert den Teuling - ISPConnectHSB15 - Lennert den Teuling - ISPConnect
HSB15 - Lennert den Teuling - ISPConnect
 
HSB15 - Thijs Bosschert - Radically Open Security
HSB15 - Thijs Bosschert - Radically Open SecurityHSB15 - Thijs Bosschert - Radically Open Security
HSB15 - Thijs Bosschert - Radically Open Security
 
HSB15 - Richard Bosboom - HackerOne
HSB15 - Richard Bosboom - HackerOneHSB15 - Richard Bosboom - HackerOne
HSB15 - Richard Bosboom - HackerOne
 
DHPA Techday 2015 - Patrick Savalle - Are you out of your mind?
DHPA Techday 2015 - Patrick Savalle - Are you out of your mind?DHPA Techday 2015 - Patrick Savalle - Are you out of your mind?
DHPA Techday 2015 - Patrick Savalle - Are you out of your mind?
 
DHPA Techday 2015 - Patrick Savalle - Disruptive Technology
DHPA Techday 2015 - Patrick Savalle - Disruptive TechnologyDHPA Techday 2015 - Patrick Savalle - Disruptive Technology
DHPA Techday 2015 - Patrick Savalle - Disruptive Technology
 
DHPA Techday 2015 - Ger Apeldoorn - Deep dive into Puppet
DHPA Techday 2015 - Ger Apeldoorn - Deep dive into PuppetDHPA Techday 2015 - Ger Apeldoorn - Deep dive into Puppet
DHPA Techday 2015 - Ger Apeldoorn - Deep dive into Puppet
 
DHPA Techday 2015 - Johan Benning - HP Mobility
DHPA Techday 2015 - Johan Benning - HP MobilityDHPA Techday 2015 - Johan Benning - HP Mobility
DHPA Techday 2015 - Johan Benning - HP Mobility
 
DHPA Techday 2015 - Arjen Zonneveld - Jelte Jansen - DNSSEC College
DHPA Techday 2015 - Arjen Zonneveld - Jelte Jansen - DNSSEC CollegeDHPA Techday 2015 - Arjen Zonneveld - Jelte Jansen - DNSSEC College
DHPA Techday 2015 - Arjen Zonneveld - Jelte Jansen - DNSSEC College
 

Último

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 

Último (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve Intermediary Incentives

  • 1. REMEDI3S-TLD: Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs A project in collaboration with SIDN and NCSC Maciej Korczy ski Delft University of Technology Contact: maciej.korczynski@tudelft.nl DHPA Techday 21 May 2015, The Hague
  • 6. Agenda •  REMEDI3S-TLD •  Security incidents •  Types of security metrics •  Security metrics for TLDs •  Security metrics for hosting providers •  Practical application •  Summary
  • 7. Security incidents •  Blacklists •  APWG •  Shadowserver (botnet C&C, Sandbox URLs, etc.) •  ESET, Sophos, Fortinet •  Google's Safe browsing appeals •  Malware Must Die •  Phishtank •  Zeus tracker •  Dutch child pornography hotline •  Etc. •  Farsight security (dns-db)
  • 8. Types of security metrics •  Different layers of security metrics: •  Top Level Domains (TLDs) •  Market players related to the TLD (infrastructure providers): registrars, hosting providers, DNS service providers •  Network resources managed by each of the players, such as resolvers, name servers
  • 9. Security metrics for TLDs •  Size estimate for different market players, e.g. TLDs •  Problem: access to zone files of all TLDs •  Solution: zone files, APWG reports, DNS-DB
  • 10. •  Type of reputation metrics •  Problem: estimation of the amount of badness •  Solutions (TLDs): a)  Number of unique domains b)  Number of FQDN c)  Number of URLs Security metrics for TLDs
  • 11. •  Type of reputation metrics •  Problem: up-times of maliciously registered/compromised domains •  Solutions: a)  DNS-based scanner b)  Content-based scanner Security metrics for TLDs
  • 12. Results •  Estimation of the amount of badness for TLD •  Datasets: suitability, coverage
  • 13. Results •  Estimation of the amount of badness
  • 14. Results •  Estimation of the amount of badness
  • 15. Results •  Estimation of the amount of badness
  • 16. Security metrics for hosting providers 1.  Count badness per AS across different data sources 2.  Normalize for the size of the AS (in 3 ways) Abuse&Feeds& p*DNS&/&IP& Rou3ng& •  Shadow'Server'Compromise' •  Shadow'Server'Sandbox'URL' •  Zeustracker'C&Cs' •  MLAT'requests' •  APWG' •  StopBadware' •  …' ' #"Advertised"IPs" #"IPs"in"p/DNS" #"Domains"Hosted" Abuse&Mapping& Size&Mapping& •  Farsight'Security'pHDNS'Data' •  Internet'IP'RouLng'Data' ' #"Unique"Abuse"/"AS" Abuse&Maps& PhishTank' AS#1'!'"''100'' AS#2'!'"''200' MLAT' AS#1'!'"''50' AS#2'!'"''73' Size&Maps& AdverLsed'IPs' AS#1'!'"''256' AS#2'!'"''1024' 'Domains'Hosted' AS#1'!'"''23' AS#2'!'"''1232' Normaliza3on& Normalized& Abuse& PhishTank'/'Advrt.'IPs' AS#1'!'"''0.39' AS#2'!'"''0.19' PhishTank'/'Domains' Hosted' AS#1'!'"''4.34' AS#2'!'"''0.16' MLAT'/'Advrt.'IPs' AS#1'!'"''0.19' AS#2'!'"''0.07' MLAT'/'Domains'Hosted' AS#1'!'"''2.17' AS#2'!'"''0.05' •  #"Abuse"/"Size"
  • 17. 3.  Rank ASes on amount of badness 4.  Aggregate rankings (Borda count) 5.  Identify ASes with consistently high concentrations of badness Rank& Abuse&Ranking& PhishTank'Ranking'1' AS#1'!'"''834' AS#2'!'"''833' PhishTank'Ranking'2' AS#1'!'"''834' AS#2'!'"''833' MLAT'Ranking'1' AS#1'!'"''235' AS#2'!'"''234' MLAT'Ranking'2' AS#1'!'"''235' AS#2'!'"''234' Combine& Ranks& Sort"Rank"" High"!"Low" Borda"Count" Overall&Ranking& Borda'Count'Ranking' AS#1'!'"''2354' AS#2'!'"''1834' AS#3'!'"''1542' AS#4'!'"''1322' Normalized& Abuse& PhishTank'/'Advrt.'IPs' AS#1'!'"''0.39' AS#2'!'"''0.19' PhishTank'/'Domains' Hosted' AS#1'!'"''4.34' AS#2'!'"''0.16' MLAT'/'Advrt.'IPs' AS#1'!'"''0.19' AS#2'!'"''0.07' MLAT'/'Domains'Hosted' AS#1'!'"''2.17' AS#2'!'"''0.05' Security metrics for hosting providers
  • 18.
  • 19.
  • 20. Practical application •  Incentive structures that drive the DNS ecosystem •  “Clean Netherlands”: Enhance self cleansing ability of the Dutch hosting market by •  promoting best practices and awareness •  pressuring the rotten apples
  • 21. Summary •  REMEDI3S-TLD •  Security metrics for TLDs •  Security metrics for hosting providers •  Practical application
  • 22. ACKNOWLEDGEMENTS The research leading to these results was funded by SIDN (www.sidn.nl)