Working Group 5: Remediation of Server-Based DDoS Attacks. Status Update. March 20, 2014



Similar documents
Working Group 5: Remediation of Server-Based DDoS Attacks. Status Update

Working Group 5: Remediation of Server Based DDoS Attacks. Status Update

September, WORKING GROUP 5 Remediation of Server-Based DDoS Attacks Final Report

CSRIC IV - Working Group 4: Cybersecurity Best Practices Status Update

CYBERSECURITY RISK MANAGEMENT AND BEST PRACTICES WORKING GROUP 4: Final Report March 2015

CYBERSECURITY RISK MANAGEMENT AND BEST PRACTICES WORKING GROUP 4: Final Report March 2015

Working Group 6: Best Practice Implementation

CSRIC V Working Group Descriptions and Leadership

IT LEADERSHIP COUNCIL STRATEGIC PLAN State of Idaho

THE INDUSTRY How have technological changes affected the telecommunications industry, including entities that want to make automated calls?

Michigan Cyber Summit 2013 Hosted by Michigan Governor Rick Snyder

ISA99 Working Group 5 ISA99 Working Group 5

Lab Researching Broadband Internet Access Technologies (Instructor Version)

Virtual Node Integrated Project Team (IPT) Charter

DHS, National Cyber Security Division Overview

Testimony of. Doug Johnson. New York Bankers Association. New York State Senate Joint Public Hearing:

National Communications System. December 6, 2007

DDoS Open Threat Signaling (DOTS) Working Group. Operational Requirements. Chris Morrow netman.net> Network Security Engineer, Google

Toward Curricular Guidance in the Cyber Sciences

Clinical Research Improvement in Systems and Processes Kickoff, January 15, 2015

ServiceNow Phase I: Service Desk Consolidation Project Charter

8x8, Inc. (Nasdaq: EGHT) Corporate Overview

Homeland Security Grant Program Senior Advisory Committee Charter

Above My Pay Grade: Incident Response at the National Level

(IEEE Standards Coordinating Committee on Transportation)

CPE Powering Best Practices. Final Report CPE Powering

How the Netflix ISP Speed Index Documents Netflix Congestion Problems

Solar America Board for Codes and Standards (Solar ABCs) Solar ABCs

Administrative Services

LIFE INSURANCE NEEDS Mark Sasko

Delving Into FCC's 'Damn Important' Cybersecurity Report

CABLE COMPANIES. Armstrong Utilities Tad Sedwick 100 East 2 nd Street Ashland, Ohio x. 224 Ashland County, Lorain tsedwick@agoc.

Landlord Contact Information

Cloud Cyber Incident Sharing Center (CISC) Jim Reavis CEO, Cloud Security Alliance

August DoD Agile Meeting Integrated Program Management Division Agile EV Working Group Update 9/22/15

NIST Cloud Computing Forensic Science Working Group

Project Management for Telecommunications Projects - Ensuring Success

10:00 10:30. Kevin Lyday, CISSP, PMP, CIPP/G Associate Director, Information Resources Office of Public Health Preparedness and Response

How To Protect The Internet From Natural Disasters

STATEMENT OF CRAIG LABOVITZ, PHD Co-Founder and CEO of DeepField Before the House Judiciary Committee Subcommittee on Regulatory Reform, Commercial

P4P: ISPs and P2P. Laird Popkin, Pando Networks Doug Pasko, Verizon Communications

Cyber Security Best Practices. Final Report. Page 1 of 24

How Convergence of IT, Telecom and. the M&A Market

Testimony of. Mr. Anish Bhimani. On behalf of the. Financial Services Information Sharing and Analysis Center (FS-ISAC) before the

September 20, 2013 Senior IT Examiner Gene Lilienthal

Board of Directors. Lewis Bear *** The Lewis Bear Co. Gulf Breeze. Alan Becker * Becker & Poliakoff, P.A. Ft. Lauderdale

Case 1:09-cv JB -KBM Document 138 Filed 03/22/11 Page 1 of 6 UNITED STATES DISTRICT COURT DISTRICT OF NEW MEXICO

Research Notes. Leichtman Research Group, Inc. Life Cycle Differences. 2Q 2014 Actionable Research on the Broadband, Media & Entertainment Industries

National Cyber Security Awareness Month Kicks Off Today with Official Launch Event, Business Summit and Release of Online Safety Survey

PREX15 - Agenda Conference on Preservation Excellence

The Importance of a Multistakeholder Approach to Cybersecurity Effectiveness

Information Technology Services ServiceNow: Change Management Phase I Project Charter

the next generation & state commitment

Midwest Coin Concepts rd Ave S Waite Park, MN (320) Location Stats Report for Opole Rice Royalton Area

Office of Information Technology Executive Reports

Enterprise Infrastructure and Technology Services

IT Governance Committee Charter

Transcription:

Working Group 5: Remediation of Server-Based DDoS Attacks Status Update March 20, 2014 Peter Fonash (DHS), Co-Chair Michael Glenn (CenturyLink), Co-Chair

WG5 Objectives Description: Critical infrastructure sectors, including the financial sector, have been under assault from a barrage of DDoS attacks emanating from data centers and hosting providers. This Working Group will examine and make recommendations to the Council regarding network level best practices and other measures to mitigate the effects of DDoS attacks from large data centers and hosting sites. These recommendations should include technical and operational methods and procedures to facilitate stakeholder implementation of the recommended solution(s). Deliverable: Recommended measures communications providers can take to mitigate the incidence and impact of DDoS attacks from data centers and hosting providers, particularly those targeting the information systems of critical sectors. 2

WG5 Members WG5 has assembled a team of 48 members, including representatives from ISPs, banks, hosting providers, non-profits, associations, academia, federal and state governments, and security experts to accomplish the CSRIC IV charge Name Organization Name Organization Name Organization Peter Fonash (Co-Chair) DHS Dale Drew Level 3 Eric Osterweil VeriSign, Inc. Mike Glenn (Co-Chair) CenturyLink David Fernandez Prolexic Technologies Wayne Pacine Fed Reserve Board of Governors Paul Diamond (Co-Editor) CenturyLink Michael Geller ATIS Glen Pirrotta Comcast Bob Thornberry (Co-Editor) Bell Labs, Alcatel-Lucent Mark Ghassemzadeh ACS R.H. Powell Akamai Vern Mosley (FCC Liaison) FCC Darren Grabowski NTT Nick Rascona Sprint Jared Allison Verizon Sam Grosby Wells Fargo Jim Reavis Cloud Security Alliance Don Blumenthal Public Interest Registry Rodney Joffe Neustar Chris Roosenraad Time Warner Cable Chris Boyer AT&T Dave LaBianca FS-ISAC Craig Spiezle Online Trust Alliance Matt Bretan Goldman Sachs John Levine CAUCE David Stoline Drupal Matt Carothers Cox Communications Greg Lucak Windstream Joe St Sauver Univ of Oregon/Internet2 Roy Cormier Nsight John Marinho CTIA Kevin Sullivan Microsoft Kyle Davis Department of Treasury Dan Massey IEEE Bernie Thomas CSG International Dave DeCoster Shadowserver Ron Mathis Intrado Matt Tooley NCTA John Denning Bank of America Bill McInnis Internet Identity Jason Trizna Amazon Web Services Roland Dobbins Arbor Networks Chris Morrow Google Errol Weiss FSSCC Martin Dolly ATIS Mike O'Reirdan MAAWG Pam Witmer PA PUC 3

WG5 Approach Identify WG5 subgroups: ISPs, Financial Community, Internet Security Experts, and Best Practices Review Best Practices Review subgroup identifies applicable BPs for DDoS server-based attacks The ISPs, Financial Community, and Internet Security Experts subgroups develop representative case studies for server-based DDoS attacks Whole WG5 then integrates subgroups work and documents or develops network level best practices and other measures to mitigate the effects of DDoS attacks from large data centers and hosting sites 4

WG5 Status WG5 has held biweekly conference calls with its working group members to accomplish the tasking Subgroups have held biweekly conference calls to solicit input and review their case study deliverables WG5 held a two-day face-to-face meeting in January to facilitate discussion among, and receive initial readouts, from the subgroups WG5 subgroups in final stages of preparing case study deliverables for review by all WG5 members 5

Best Practice Review Subgroup Reviewed approximately 600 cybersecurity BPs to determine whether or not they were within scope of WG5 tasking (i.e., BPs to mitigate server-based DDoS attacks) Initial review suggests approximately 10% - 15% of BPs reviewed are within scope of WG5 tasking Subset of BPs determined to be within scope provided to other subgroups for their use in analysis of case studies 6

ISP, Financial, and Internet Security Experts Subgroup Status Actions underway to: Confirm the In-Scope/Out-of-Scope determination made by the Best Practices subgroup Determine which Best Practices apply to their case studies Identify gaps Propose new Best Practices to address gaps 7

WG5 Wiki In order to facilitate information sharing amongst WG5 members, WG5 maintains a wiki 8

WG5 Schedule Bi-weekly conference calls with all WG5 members Quarterly face-to-face meetings (with phone-in option for those unable to travel) January 8 th & 9 th April 9 th & 10 th scheduled August - tentative June 18, 2014 Draft Interim WG5 Report Detailed plan developed seen as an aggressive schedule September 30, 2014 Final WG5 Report 9

Next Steps Finalize review of initial subset of Best Practices for applicability to server-based DDoS attacks Subgroups finalize case studies Integrate subgroups work into recommended Best Practices Begin preparation of draft interim report Continue bi-weekly conference calls Hold second face-to-face meeting in preparation for draft interim report Provide periodic status updates to Steering Committee and Council 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information