SlideShare a Scribd company logo

ISOC Efforts in Collaborative Responsibility Toward Internet Security and Resilience

Download as PPT, PDF
Internet Technology Matters (Internet Society)
Internet Technology Matters (Internet Society)

Presentation at LACNIC21 by Mat Ford on some Internet Society projects that are underway relating to the resilience and security of the Internet routing system.

Technology
1 of 20
www.internetsociety.org What do we know about routing resilience and how to make it better? Internet Society
The Challenge Economic factors – Externalities, information asymmetry, free riding Technical factors – Technology building blocks – Common understanding of the problem – Common understanding of solutions Social factors – Collective responsibility – Collaborative spirit
Global Internet Routing Infrastructure Our global commons – We all depend on and benefit from it Far reaching effects – Configuration errors, malicious actors – Example: Indosat event Interconnectivity and interdependence – “Inward” and “Outward” risks – Example: 300Gbps attack on Spamhaus
www.internetsociety.org Routing resilience survey
How “risky” is the global routing system? How often do incidents happen? – Routing Resilience Measurements Workshop http://www.internetsociety.org/doc/report-routing-resiliency-measurements- workshop – Frequency very much depends on the threshold for false positives What is the impact? – Data are missing, sensitive or not collected at all – Risk assessment is a guess at best Is your network affected? – Detect incidents – Eliminate false positives – Assess the impact Are you adequately protected?
https://www.internetsociety.org/rrs/
Data collection Network Information – Once, during the initial sign up. – Network type, connectivity, and practices used in mitigating routing security incidents. It should take approximately 10-15 minutes to fill out the registration form. Data related to routing security incidents via an automated monitoring effort – On first login a “historical” overview will be presented, listing detected suspicious events over last 6-12 months – After that once a week newly detected suspicious events are collected and displayed in the portal – Participants are asked to validate and classify these events Impact: severe, moderate, insignificant, not an incident Detection: monitoring system, customer call, this alert
Evidence based risk analysis 64500 64500 64500 64500 64500 64500
Evidence based risk analysis 64500 64500 64500 64500 64500 64500 Check and Classify
Confidentiality concerns We understand the sensitivity of some of the data involved in this effort. Therefore, the Internet Society is committed to ensuring participant-specific information remains confidential. All data collected is stored on Internet Society servers. Any information or analyses shared beyond a specific network will be fully anonymized.
Some statistics: participation 4 months 24 participants 311 networks 442 events registered 264 events classified
0 5 10 15 20 25 30 35 40 8/28/11 9/28/11 10/28/11 11/28/11 12/28/11 1/28/12 2/28/12 3/28/12 4/28/12 5/28/12 6/28/12 7/28/12 8/28/12 9/28/12 10/28/12 11/28/12 12/28/12 1/28/13 2/28/13 3/31/13 4/30/13 5/31/13 6/30/13 7/31/13 8/31/13 9/30/13 10/31/13 11/30/13 12/31/13 1/31/14 Unknown Not an incident Insignificant Moderate Severe Impact severity
Impact severity (II) 1%3% 6% 42% 48% Severe Moderate Insignifcant Unknown Not an incident
How did you learn about the event? NMS Alert Customer Call RRS Alert Not an incident
Interested in Participating? If you decide to participate, please send a request for the creation of your account to rrs-admin@isoc.org. In the request please indicate – your AS number and – e-mail address for notifications. You may also include AS numbers of your customers for which you would like to monitor and classify related security incidents.
www.internetsociety.org Collective responsibility and collaboration for Routing Resilience and Security
Routing Resilience Manifesto - Principles of addressing issues of routing resilience - Interdependence and reciprocity (including collaboration) - Commitment to Best Practices - Encouragement of customers and peers - Guidelines indicating the most important requirements - BGP Filtering - Anti-spoofing - Coordination and collaboration
Anti-spoofing movement spoofed traffi c normal traffi c Networksnot allowingIP-spoofing testing site
Objectives •Raise awareness and encourage actions by demonstrating commitment of the growing group of supporters •Demonstrate industry ability to address complex issues •Provide guidance
www.internetsociety.org Please contact us at: resilience@isoc.org Interested?

Recommended

Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...
Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...
Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...Internet Technology Matters (Internet Society)
 
Cybersecurity in Acquisition - Kristen J. Baldwin
Cybersecurity in Acquisition - Kristen J. BaldwinCybersecurity in Acquisition - Kristen J. Baldwin
Cybersecurity in Acquisition - Kristen J. Baldwinscoopnewsgroup
 
HPE Protect 2016 - Fearlessly Innovate
HPE Protect 2016 - Fearlessly InnovateHPE Protect 2016 - Fearlessly Innovate
HPE Protect 2016 - Fearlessly Innovatescoopnewsgroup
 
Containing the outbreak: The healthcare security pandemic
Containing the outbreak: The healthcare security pandemicContaining the outbreak: The healthcare security pandemic
Containing the outbreak: The healthcare security pandemicAvecto
 
A Hacker's perspective on ransomware
A Hacker's perspective on ransomwareA Hacker's perspective on ransomware
A Hacker's perspective on ransomwareAvecto
 
Cylance Information Security: Compromise Assessment Datasheet
Cylance Information Security: Compromise Assessment DatasheetCylance Information Security: Compromise Assessment Datasheet
Cylance Information Security: Compromise Assessment DatasheetInnovation Network Technologies: InNet
 
FEI Brisbane Lunch: Cybersecurity and the CFO
FEI Brisbane Lunch: Cybersecurity and the CFOFEI Brisbane Lunch: Cybersecurity and the CFO
FEI Brisbane Lunch: Cybersecurity and the CFOKate Mills
 
Embracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your DecisionEmbracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your DecisionCylance
 

Recommended

Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...
Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...
Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...Internet Technology Matters (Internet Society)
 
Cybersecurity in Acquisition - Kristen J. Baldwin
Cybersecurity in Acquisition - Kristen J. BaldwinCybersecurity in Acquisition - Kristen J. Baldwin
Cybersecurity in Acquisition - Kristen J. Baldwinscoopnewsgroup
 
HPE Protect 2016 - Fearlessly Innovate
HPE Protect 2016 - Fearlessly InnovateHPE Protect 2016 - Fearlessly Innovate
HPE Protect 2016 - Fearlessly Innovatescoopnewsgroup
 
Containing the outbreak: The healthcare security pandemic
Containing the outbreak: The healthcare security pandemicContaining the outbreak: The healthcare security pandemic
Containing the outbreak: The healthcare security pandemicAvecto
 
A Hacker's perspective on ransomware
A Hacker's perspective on ransomwareA Hacker's perspective on ransomware
A Hacker's perspective on ransomwareAvecto
 
Cylance Information Security: Compromise Assessment Datasheet
Cylance Information Security: Compromise Assessment DatasheetCylance Information Security: Compromise Assessment Datasheet
Cylance Information Security: Compromise Assessment DatasheetInnovation Network Technologies: InNet
 
FEI Brisbane Lunch: Cybersecurity and the CFO
FEI Brisbane Lunch: Cybersecurity and the CFOFEI Brisbane Lunch: Cybersecurity and the CFO
FEI Brisbane Lunch: Cybersecurity and the CFOKate Mills
 
Embracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your DecisionEmbracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your DecisionCylance
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationTripwire
 
Centralized Cybersecurity in a Decentralized World
Centralized Cybersecurity in a Decentralized WorldCentralized Cybersecurity in a Decentralized World
Centralized Cybersecurity in a Decentralized WorldBob Turner
 
Ri cyber-security-for-your-small-business
Ri cyber-security-for-your-small-businessRi cyber-security-for-your-small-business
Ri cyber-security-for-your-small-businessMeg Weber
 
Data Breaches Have IT Pros Feeling Vulnerable
Data Breaches Have IT Pros Feeling VulnerableData Breaches Have IT Pros Feeling Vulnerable
Data Breaches Have IT Pros Feeling VulnerableCygilant
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsWynyard Group
 
Data Science Transforming Security Operations
Data Science Transforming Security OperationsData Science Transforming Security Operations
Data Science Transforming Security OperationsPriyanka Aash
 
Penetration testing 5 reasons Why Organizations Should Adopt it
Penetration testing 5 reasons Why Organizations Should Adopt itPenetration testing 5 reasons Why Organizations Should Adopt it
Penetration testing 5 reasons Why Organizations Should Adopt itTestingXperts
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
SECURITY
SECURITYSECURITY
SECURITYTony Fanelli
 
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015Claus Cramon Houmann
 
The Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare IndustryThe Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare IndustryJeremiah Grossman
 
GBS - Prevent network security fires
GBS - Prevent network security firesGBS - Prevent network security fires
GBS - Prevent network security firesKristin Helgeson
 
Healthcare's Losing Battle Against the Hyper-Connected Machines
Healthcare's Losing Battle Against the Hyper-Connected MachinesHealthcare's Losing Battle Against the Hyper-Connected Machines
Healthcare's Losing Battle Against the Hyper-Connected MachinesKurt Hagerman
 
"Thinking Strategically About Testing" with Fiona Charles
"Thinking Strategically About Testing" with Fiona Charles"Thinking Strategically About Testing" with Fiona Charles
"Thinking Strategically About Testing" with Fiona CharlesTEST Huddle
 
MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...
MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...
MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...MITRE - ATT&CKcon
 
How to Enhance Vulnerability Management with Intelligence plus Analytics
How to Enhance Vulnerability Management with Intelligence plus AnalyticsHow to Enhance Vulnerability Management with Intelligence plus Analytics
How to Enhance Vulnerability Management with Intelligence plus AnalyticsAujas
 
Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Uday Mittal
 
MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...
MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...
MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...MITRE - ATT&CKcon
 
Evaluation Question 5
Evaluation Question 5Evaluation Question 5
Evaluation Question 5jameescook
 
Novedades abril 2014
Novedades abril 2014Novedades abril 2014
Novedades abril 2014bibliotecafranciscosota
 

More Related Content

What's hot

Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationTripwire
 
Centralized Cybersecurity in a Decentralized World
Centralized Cybersecurity in a Decentralized WorldCentralized Cybersecurity in a Decentralized World
Centralized Cybersecurity in a Decentralized WorldBob Turner
 
Ri cyber-security-for-your-small-business
Ri cyber-security-for-your-small-businessRi cyber-security-for-your-small-business
Ri cyber-security-for-your-small-businessMeg Weber
 
Data Breaches Have IT Pros Feeling Vulnerable
Data Breaches Have IT Pros Feeling VulnerableData Breaches Have IT Pros Feeling Vulnerable
Data Breaches Have IT Pros Feeling VulnerableCygilant
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsWynyard Group
 
Data Science Transforming Security Operations
Data Science Transforming Security OperationsData Science Transforming Security Operations
Data Science Transforming Security OperationsPriyanka Aash
 
Penetration testing 5 reasons Why Organizations Should Adopt it
Penetration testing 5 reasons Why Organizations Should Adopt itPenetration testing 5 reasons Why Organizations Should Adopt it
Penetration testing 5 reasons Why Organizations Should Adopt itTestingXperts
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015Claus Cramon Houmann
 
The Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare IndustryThe Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare IndustryJeremiah Grossman
 
GBS - Prevent network security fires
GBS - Prevent network security firesGBS - Prevent network security fires
GBS - Prevent network security firesKristin Helgeson
 
Healthcare's Losing Battle Against the Hyper-Connected Machines
Healthcare's Losing Battle Against the Hyper-Connected MachinesHealthcare's Losing Battle Against the Hyper-Connected Machines
Healthcare's Losing Battle Against the Hyper-Connected MachinesKurt Hagerman
 
"Thinking Strategically About Testing" with Fiona Charles
"Thinking Strategically About Testing" with Fiona Charles"Thinking Strategically About Testing" with Fiona Charles
"Thinking Strategically About Testing" with Fiona CharlesTEST Huddle
 
MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...
MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...
MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...MITRE - ATT&CKcon
 
How to Enhance Vulnerability Management with Intelligence plus Analytics
How to Enhance Vulnerability Management with Intelligence plus AnalyticsHow to Enhance Vulnerability Management with Intelligence plus Analytics
How to Enhance Vulnerability Management with Intelligence plus AnalyticsAujas
 
Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Uday Mittal
 
MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...
MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...
MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...MITRE - ATT&CKcon
 

What's hot (20)

Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient Organization
 
Centralized Cybersecurity in a Decentralized World
Centralized Cybersecurity in a Decentralized WorldCentralized Cybersecurity in a Decentralized World
Centralized Cybersecurity in a Decentralized World
 
Ri cyber-security-for-your-small-business
Ri cyber-security-for-your-small-businessRi cyber-security-for-your-small-business
Ri cyber-security-for-your-small-business
 
Data Breaches Have IT Pros Feeling Vulnerable
Data Breaches Have IT Pros Feeling VulnerableData Breaches Have IT Pros Feeling Vulnerable
Data Breaches Have IT Pros Feeling Vulnerable
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teams
 
Data Science Transforming Security Operations
Data Science Transforming Security OperationsData Science Transforming Security Operations
Data Science Transforming Security Operations
 
Penetration testing 5 reasons Why Organizations Should Adopt it
Penetration testing 5 reasons Why Organizations Should Adopt itPenetration testing 5 reasons Why Organizations Should Adopt it
Penetration testing 5 reasons Why Organizations Should Adopt it
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Know
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
SECURITY
SECURITYSECURITY
SECURITY
 
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
 
The Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare IndustryThe Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare Industry
 
GBS - Prevent network security fires
GBS - Prevent network security firesGBS - Prevent network security fires
GBS - Prevent network security fires
 
Healthcare's Losing Battle Against the Hyper-Connected Machines
Healthcare's Losing Battle Against the Hyper-Connected MachinesHealthcare's Losing Battle Against the Hyper-Connected Machines
Healthcare's Losing Battle Against the Hyper-Connected Machines
 
"Thinking Strategically About Testing" with Fiona Charles
"Thinking Strategically About Testing" with Fiona Charles"Thinking Strategically About Testing" with Fiona Charles
"Thinking Strategically About Testing" with Fiona Charles
 
MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...
MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...
MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...
 
How to Enhance Vulnerability Management with Intelligence plus Analytics
How to Enhance Vulnerability Management with Intelligence plus AnalyticsHow to Enhance Vulnerability Management with Intelligence plus Analytics
How to Enhance Vulnerability Management with Intelligence plus Analytics
 
Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing
 
MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...
MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...
MITRE ATT&CKcon 2.0: From Susceptible to ATT&CK - A Threat Hunting Story; Chr...
 

Viewers also liked

Evaluation Question 5
Evaluation Question 5Evaluation Question 5
Evaluation Question 5jameescook
 
Il Sisma del 2012 nella Bassa Modenese: il ruolo del MMG
Il Sisma del 2012 nella Bassa Modenese: il ruolo del MMGIl Sisma del 2012 nella Bassa Modenese: il ruolo del MMG
Il Sisma del 2012 nella Bassa Modenese: il ruolo del MMGCARLO CURATOLA
 
Action presentation update 1 15-14
Action presentation update 1 15-14Action presentation update 1 15-14
Action presentation update 1 15-14Graeme Lazarus
 
Tradedoubler mobile-shopping-2014
Tradedoubler mobile-shopping-2014Tradedoubler mobile-shopping-2014
Tradedoubler mobile-shopping-2014Marketing4eCommerce
 
Radware state of_the_union_report_winter_2013-14
Radware state of_the_union_report_winter_2013-14Radware state of_the_union_report_winter_2013-14
Radware state of_the_union_report_winter_2013-14Marketing4eCommerce
 
Question 6. What have you learned about technologies from the process of cons...
Question 6. What have you learned about technologies from the process of cons...Question 6. What have you learned about technologies from the process of cons...
Question 6. What have you learned about technologies from the process of cons...jameescook
 

Viewers also liked (20)

Evaluation Question 5
Evaluation Question 5Evaluation Question 5
Evaluation Question 5
 
Novedades abril 2014
Novedades abril 2014Novedades abril 2014
Novedades abril 2014
 
Tanznaia's music
Tanznaia's musicTanznaia's music
Tanznaia's music
 
Novedades septiembre 2015
Novedades septiembre 2015Novedades septiembre 2015
Novedades septiembre 2015
 
Aliens
AliensAliens
Aliens
 
Tackling Protocol Diversity: ISOC@IETF Panel at IETF 93
Tackling Protocol Diversity: ISOC@IETF Panel at IETF 93Tackling Protocol Diversity: ISOC@IETF Panel at IETF 93
Tackling Protocol Diversity: ISOC@IETF Panel at IETF 93
 
Il Sisma del 2012 nella Bassa Modenese: il ruolo del MMG
Il Sisma del 2012 nella Bassa Modenese: il ruolo del MMGIl Sisma del 2012 nella Bassa Modenese: il ruolo del MMG
Il Sisma del 2012 nella Bassa Modenese: il ruolo del MMG
 
Action presentation update 1 15-14
Action presentation update 1 15-14Action presentation update 1 15-14
Action presentation update 1 15-14
 
Tradedoubler mobile-shopping-2014
Tradedoubler mobile-shopping-2014Tradedoubler mobile-shopping-2014
Tradedoubler mobile-shopping-2014
 
Novedades marzo 2016
Novedades marzo 2016Novedades marzo 2016
Novedades marzo 2016
 
Novedades junio 2014
Novedades junio 2014Novedades junio 2014
Novedades junio 2014
 
Novedades octubre 2015
Novedades octubre 2015Novedades octubre 2015
Novedades octubre 2015
 
Novedades enero 2016
Novedades enero 2016Novedades enero 2016
Novedades enero 2016
 
Novedades diciembre 2015
Novedades diciembre 2015Novedades diciembre 2015
Novedades diciembre 2015
 
Novedades febrero 2016
Novedades febrero 2016Novedades febrero 2016
Novedades febrero 2016
 
Novedades septiembre 2014
Novedades septiembre 2014Novedades septiembre 2014
Novedades septiembre 2014
 
Radware state of_the_union_report_winter_2013-14
Radware state of_the_union_report_winter_2013-14Radware state of_the_union_report_winter_2013-14
Radware state of_the_union_report_winter_2013-14
 
Alison lowe overview
Alison lowe overviewAlison lowe overview
Alison lowe overview
 
Evolution of end-to-end: why the Internet is not like any other network
Evolution of end-to-end: why the Internet is not like any other networkEvolution of end-to-end: why the Internet is not like any other network
Evolution of end-to-end: why the Internet is not like any other network
 
Question 6. What have you learned about technologies from the process of cons...
Question 6. What have you learned about technologies from the process of cons...Question 6. What have you learned about technologies from the process of cons...
Question 6. What have you learned about technologies from the process of cons...
 

Similar to ISOC Efforts in Collaborative Responsibility Toward Internet Security and Resilience

CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]APNIC
 
Jisc e safety presentation AoC 2014
Jisc e safety presentation AoC 2014Jisc e safety presentation AoC 2014
Jisc e safety presentation AoC 2014Jisc
 
Cybercrime future perspectives
Cybercrime future perspectivesCybercrime future perspectives
Cybercrime future perspectivesSensePost
 
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk
 
S nandakumar
S nandakumarS nandakumar
S nandakumarIPPAI
 
S nandakumar_banglore
S nandakumar_bangloreS nandakumar_banglore
S nandakumar_bangloreIPPAI
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docx
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docxForm Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docx
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docxalisondakintxt
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Emerging Trends in Information Security and Privacy
Emerging Trends in Information Security and PrivacyEmerging Trends in Information Security and Privacy
Emerging Trends in Information Security and Privacylgcdcpas
 
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystScale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystBill Burns
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?Lumension
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threatillustro
 
080312 Ict Hub Risk Management
080312 Ict Hub Risk Management080312 Ict Hub Risk Management
080312 Ict Hub Risk ManagementMark Walker
 
2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research UpdateGridCyberSec
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public SectorScott Geye
 
2010 report data security survey
2010 report data security survey2010 report data security survey
2010 report data security surveyCarlo Del Bo
 

Similar to ISOC Efforts in Collaborative Responsibility Toward Internet Security and Resilience (20)

ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
 
Jisc e safety presentation AoC 2014
Jisc e safety presentation AoC 2014Jisc e safety presentation AoC 2014
Jisc e safety presentation AoC 2014
 
Cybercrime future perspectives
Cybercrime future perspectivesCybercrime future perspectives
Cybercrime future perspectives
 
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
 
S nandakumar
S nandakumarS nandakumar
S nandakumar
 
S nandakumar_banglore
S nandakumar_bangloreS nandakumar_banglore
S nandakumar_banglore
 
Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based Approach
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docx
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docxForm Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docx
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docx
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Emerging Trends in Information Security and Privacy
Emerging Trends in Information Security and PrivacyEmerging Trends in Information Security and Privacy
Emerging Trends in Information Security and Privacy
 
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystScale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 
080312 Ict Hub Risk Management
080312 Ict Hub Risk Management080312 Ict Hub Risk Management
080312 Ict Hub Risk Management
 
2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
 
2010 report data security survey
2010 report data security survey2010 report data security survey
2010 report data security survey
 

More from Internet Technology Matters (Internet Society)

More from Internet Technology Matters (Internet Society) (7)

New Security Mechanisms for Network Time Synchronization Protocols
New Security Mechanisms for Network Time Synchronization ProtocolsNew Security Mechanisms for Network Time Synchronization Protocols
New Security Mechanisms for Network Time Synchronization Protocols
 
The I in Internet of Things: Implications for the Global Open Internet
The I in Internet of Things: Implications for the Global Open InternetThe I in Internet of Things: Implications for the Global Open Internet
The I in Internet of Things: Implications for the Global Open Internet
 
Olaf Kolkman - FIRST Keynote on Collaborative Security
Olaf Kolkman - FIRST Keynote on Collaborative SecurityOlaf Kolkman - FIRST Keynote on Collaborative Security
Olaf Kolkman - FIRST Keynote on Collaborative Security
 
ISOC Panel at IETF 90 - Internet Security and Privacy: Ten years later
ISOC Panel at IETF 90 - Internet Security and Privacy: Ten years laterISOC Panel at IETF 90 - Internet Security and Privacy: Ten years later
ISOC Panel at IETF 90 - Internet Security and Privacy: Ten years later
 
Routing Resilience Manifesto
Routing Resilience ManifestoRouting Resilience Manifesto
Routing Resilience Manifesto
 
v6 World Congress: Measurements from World IPv6 Launch
v6 World Congress: Measurements from World IPv6 Launchv6 World Congress: Measurements from World IPv6 Launch
v6 World Congress: Measurements from World IPv6 Launch
 
IPv6 Predictions for 2014
IPv6 Predictions for 2014IPv6 Predictions for 2014
IPv6 Predictions for 2014
 

Recently uploaded

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

ISOC Efforts in Collaborative Responsibility Toward Internet Security and Resilience

Editor's Notes

  1. We’re trying to answer the question ‘how risky is the global routing system?’ – answer is important to understand motivation to take measures to protect routing system. Also a hard question to answer. Two components – how often incidents happen? – convened a measurements workshop in 2012 to share data. Data varies. Hard to differentiate fat fingers from malicious behaviour. Second component – what is the impact? – this is even trickier to answer – this is sensitive data, and cannot be observed from BGP tables. Little correlation between observable characteristics of events and the impact.
  2. So, we designed the Routing Resilience Survey. We ask operators to participate and classify events related to their networks. This is the portal where people can log in and classify events.
  3. At sign up we ask for some characteristics of the network – relatively easy to answer, takes about 10 minutes first. Thereafter, participants get weekly reports of any any detected suspicious events - what is impact - how was it detected – customer call, role monitoring system, or the alert from RRS
  4. This is the kind of report participants get. We are partnering with BGPmon.net – reports are generated by BGPmon.
  5. Participants are asked to check events and classify them.
  6. We understand that this is sensitive data. We are partnering with BGPmon.net – monitoring service that has several vantage points and detects changes to BGP tables. All sensitive information including classification is being stored by ISOC. This approach has allowed the project to proceed. ISOC perceived to be neutral.
  7. This is work in progress – started in November 2013. Initially intended to run for 6 months, but will run for longer to get more statistically relevant data. When participants join they are presented with historical data, partly as a teaser to encourage participation, but also to try to obtain some historical classifications. Hence charts extend back in time before RRS started. Participants bring customer networks, so networks > participants. Not all events are classified (different levels of enthusiasm from participants) but more than half are classified. Very grateful to participants for this considerable effort.
  8. This is some preliminary results, there is no analysis – we will do data analysis and publish a report after the conclusion of the project. This is some data on impact severity. Lots of green shows false positives. But there are also some red events, and orange events, and they aren’t all that infrequent.
  9. 42% unclassified. If they were classified then we would have more than half of incidents is not an incident ( could be configuration change, or adding a new customer). 4% of events have some noticeable impact, sever or moderate.
  10. Looking at how participants learned about these events. Customer call is prevailing method of detection. So our attitude to routing security is very reactive, not really proactive. RRS alert is visible as well, which is interesting (these are alerts generated by our system).
  11. So, I have a request for you all. If you could participate in this project, please do! We’re still happy to receive more participants. If you know someone who could participate, please encourage them to do so. We have already fairly global participation, but we’d like to have more participants to get a more statistically representative picture of what is going on.
  12. Provide a framework for ISPs to better understand and help address issues related to resilience and security of the Internet global routing system in practical sense not overly ideal, but realistic, something that "good" netizens can subscribe to but include the picture of how "good looks like" as an aspirational goal Encourage ISPs to take measures aimed at improving the resiliency and security of the routing system Demonstrate industry potential in addressing issues of resilience and security of the Internet global routing system in the spirit of collective responsibility