Forum on DNS Abuse
Monday, 20 June 2011
Time 4:00 p.m. – 5:30 p.m.
Room: Raffles Ballroom
ICANN Singapore Meeting
Format: Most of the online crimes you hear of abuse the Domain Name System in some way. Whether a scam artist hides his identity by hosting his website behind an orphaned record, or a phisher registers a domain intended to resemble a famous brand, abuse of the DNS involves many ICANN stakeholders. Consumers and businesses can be victims of abuse, legitimate service providers might see criminals and fraudsters use those very services to commit offenses. This Forum is part of a continuing dialogue with the ICANN Community where the different stakeholders affected by DNS Abuse can share information and ideas for responding to such abuse.
Introduction
Moderator: Jeff Moss (ICANN Chief Security Officer)
The moderator will outline the purpose of the Forum, explain the format and panel topics. The moderator will also chair each panel.
Session 1: Latest Developments in the Fight against DNS Abuse
Panel: Bill Smith (Paypal), Kai Koon Ng (Symantec), Edmon Chung (APRALO and .asia)
Learn about the latest advances in the fight against DNS-related abuse such as phishing, malware and crimeware from representatives of law enforcement agencies, security responders, and the private sector. Bill Smith will provide an overview of Paypal's insightful White Paper on Combatting Cybercrime. Edmon Chung will describe the challenges faced in Asia from an end-user perspective, and highlight the efforts of .asia, .hk and .cn in addressing cyber-crime issues.
Q&A
Session 2: Probing ICANN's Role in Responding to E-Crime and Other Malicious Conduct on the Internet
Panel: Danny McPherson (Verisign), Eleanor Bradley (Nominet), Mick Moran INTERPOL, Marilyn Cade (ICT Strategies, mCADE LLC), and Professor Ang Peng Hwa (Nanyang Technical University)
Although the DNS may be involved in most e-crime and other forms of malicious conduct on the Internet, questions remain regarding the appropriate role for ICANN in developing solutions or responses. Hear the panelists' viewpoints as they explore what activities can be considered “DNS Abuse” that fall within ICANN's mandate to address through its bottom-up, consensus driven policy development processes.
Professor Ang Peng Hwa believes that the tendency when an act tantamount to a cybercrime is committed is to turn to the law. He notes that on the Internet, however, it can be difficult to obtain international agreement. His presentation will explore the possibilities and limits of self-regulation from both theory as well as practice. It will also consider the pros and cons of education vs traditional legal enforcement. Marilyn Cade will bring a historical perspective of ICANN's mandate and mission to this important debate on the role of ICANN in tackling cyber-crime issues.
Q&A
The Forum on DNS Abuse has turned into one of the more popular recurring sessions at ICANN international meetings. Join us for informative, up-to-the-minute reports from the global war against DNS abuse.
Information and Additional Resources:
Paypal's Combatting CyberCrime, Principles, Policies and Programs
https://www.paypal-media.com/assets/pdf/fact_sheet/PayPal_CombatingCybercrime_WP_0411_v4.pdf
ICANN FY 12 Security, Stability & Resiliency Framework:
http://www.icann.org/en/announcements/announcement-2-02may11-en.htm
Information on the Moderator
Jeff Moss, Vice President and Chief Security Officer of ICANN
Jeff Moss has recently joined the ICANN team as its Vice President and Chief Security Officer of ICANN. Prior to joining ICANN, Mr. Moss was the founder of DEF CON, the world's largest hacker conference, and Black Hat, a global technical security conference. Moss has been a self-proclaimed hacker for over 20 years. Prior to his work with Black Hat and DEF CON, he was a Director at the Secure Computing Corporation, where he established the professional services department in Asia, Australia and the United States. He also worked in the information system security division of Ernst & Young, LLP.
Information on the Speakers
Eleanor Bradley, Director of Operations, Nominet
Eleanor Bradley is Nominet's Director of Operations. She is responsible for the services we provide to our registrants and registrars and has developed its reputation as a provider of service excellence. Her role also sees her working with Nominet's broader stakeholder community to ensure a safe and secure .uk. Eleanor oversees Nominet's business continuity and risk management activities and project programme management.
Prior to her current role Eleanor was Nominet's Customer Services Manager and before that worked in the software games industry.
Marilyn Cade, Principal and CEO of ICT Strategies, mCADE llc.
Marilyn Cade is the Principal and CEO of ICT Strategies, mCADE llc. Cade has a unique focus on policy activities that promote economic growth and sustainability, and that bridge dialogues on emerging issues in Internet and online services.
Cade has extensive expertise in multi-lateral organizations, such as the ITU, OECD, APEC, WIPO and ICANN. She was a member of the ITU Secretary General's High Level Expert Group on Cyber Security (HLEG). Marilyn has played a role in ICANN matters, having contributed to the process that launched ICANN initially. Today, she chairs the Business Constituency at ICANN. In the early days of ICANN, she chaired the first WHOIS Task Force and the Transfers Task Force, and served as a GNSO Councilor from the Business Constituency for two terms.
Prior to launching ICT Strategies, mCADE llc, she led Internet policy and e-commerce policy for AT&T, where she helped to found and lead numerous industry coalitions and initiatives, ranging from e-commerce, copyright and trademark, cybercrime, child safety online, online privacy and Internet governance.
Edmon Chung, Vice Chair of the ISOC HK, Secretariat, ICANN APRALO, Dot Asia
Edmon Chung is currently serving as the Vice Chair of the Internet Society Hong Kong (ISOC HK) chapter. Edmon has been involved in the regional At-Large activities since its very beginning, assisting in the development and completion of the APRALO charter, and subsequently leading ISOC HK to serve as the secretariat for the APRALO. Edmon is also an elected member of the Elections Committee of the Hong Kong Special Administrative Region, an elected councillor of the ICANN GNSO Council, and Secretariat for the ICANN APRALO (Asia Pacific At-Large Organisation).
Since 2002, Edmon played a leadership role in the region-wide .Asia initiative, bringing together an open membership of 27 official country-code top-level domain authorities and regional Internet bodies. DotAsia is a not-for-profit organization with a mandate to promote Internet development and adoption in Asia. Since its launch in 2008, DotAsia has contributed significantly to a variety of community projects in Asia, including for example: APrIGF (www.rigf.asia), Youth IGF Camp (www.yigf.asia), OLPC.asia ( www.olpc.asia), Relief.Asia (www.relief.asia), CreativeCommons.Asia (www.creativecommons.asia), ISIF.Asia (www.isif.asia), NetMission.Asia (www.netmission.asia), Paragon100.Asia, MaD.Asia (www.mad.asia) and others.
Edmon is an inventor of patents underlying technologies for internationalized domain names (IDN) and email addresses on the Internet.
Edmon has served on many global IDN related committees, including technical and policy groups, that made it possible for the introduction of multilingual domain names and email addresses on the Internet. As a pioneer of IDN technologies, Edmon is dedicated to seeing the full implementation of IDNs at ICANN and to ensure that it takes into account the interests of end users.
Edmon founded Neteka Inc. in partnership with the University of Toronto Innovations Foundation in 1999, and went on to win the Most Innovative Award in the Chinese Canadian Entrepreneurship Award in 2001. In 2000, Edmon was selected by The Globe and Mail as one of the Young Canadian Leaders. Edmon has a Bachelor of Applied Science and Master of Engineering from the University of Toronto, and is a PhD candidate at the Shanghai University of Finance and Economics.
Professor Ang Peng Hwa, Acting Head, Division of Journalism and Publishing, Nanyang Technical University, Singapore
Professor Ang Peng Hwa is a faculty member of the Wee Kim Wee School of Communication and Information. He has a law degree from the NUS, a master's in communication management from the University of Southern California, and a PhD in mass media from Michigan State University. His research is in the area of internet governance. His 2005 book, Ordering Chaos: Regulating the Internet (Thomson), argues that the internet can be, is being and should be regulated. In 2004, he was appointed by the UN Secretary General to the Working Group on Internet Governance to prepare a report for the 2005 meeting of the World Summit on Information Society. He later helped co-found the Global Internet Governance Academic Network (GigaNet) where he served as inaugural chair.
He currently serves as chairman of the Asian Media Information and Communication Centre (AMIC). He also sits on the Governing Council of the Mudra Institute of Communication, Ahmedabad in India. He plans to spend his 2008 sabbatical to help start the Mudra Institute of Communication Research at Ahmedabad.
Michael Moran, Coordinator of the Crimes against Children team, INTERPOL
Mr. Michael Moran is the coordinator of the Crimes against Children team at INTERPOL's Trafficking in Human Beings Sub-Directorate. He is a specialist in online Child exploitation and has worked in Interpol since 2006. He is a seconded officer from An Garda Síochána; Ireland's National Police Force and has worked in this area since 1997. He has worked in Patrol, Drugs, Serious Crime and Computer Crime.
He also did a time as a court presenter where he dealt with police prosecutions to the Dublin District Courts.
Prior to coming to Interpol he was managing the child exploitation response at the Computer Crime Unit, GBFI, in Dublin.
Michael holds a diploma in project management, a BA (IT) and a MSc. in Forensic Computing and Cybercrime Investigation from the University College Dublin centre for cybercrime investigation.
Danny McPherson, Chief Security Officer, Verisign
Danny McPherson is Chief Security Officer for Verisign where he is responsible for strategic direction, research and innovation in infrastructure, and information security. He advises on corporate strategy, infrastructure evolution and product direction and represents Verisign in key forums focused on critical infrastructure, network evolution, intelligence and availability. With nearly 20 years of experience in the Internet network operations, security, and telecommunications industries, he brings tremendous technical leadership to the company.
Prior to joining Verisign, Danny was Vice President and Chief Security Officer at Arbor Networks where he helped lead the company's overall strategy and product architecture. He also previously held technical leadership positions in network architecture, engineering, and operations with Amber Networks, Qwest Communications, Genuity, MCI Communications, and the U.S. Army Signal Corp.
Danny has been an active participant in Internet standardization since 1996 and is considered one of the top Internet infrastructure and security industry experts. Currently he is a member of the Internet Architecture Board (IAB), Internet Research Steering Group (IRSG), and co-chairs the IETF's L3VPN WG. He also serves on the ICANN Security and Stability Advisory Council (SSAC) and the FCC's Network Reliability and Interoperability Council (NRIC).
Danny is very active in the network and security operations and research communities, and has authored several books, Internet protocol standards, network and security research papers, and other publications related to critical infrastructure, routing protocols, network security, Internet addressing, and network operations.
Kai Koon Ng, Symantec Senior Manager, Legal & Public Affairs, Asia Pacific & Japan
Bill Smith, Technology Evangelist, PayPal
Mr. Smith currently is Technology Evangelist at PayPal where he advocates for improvements to the security, stability, and reliability of the Internet. Prior to joining PayPal, Mr. Smith was Sr. Director Business Strategy, Office of the CTO, Sun Microsystems for 14 years.
Since 2001, Mr. Smith actively participated in the development of secure, privacy-aware digital identity standards as an officer and Board member of the Liberty Alliance Project and Kantara Initiative. He is a past President of OASIS, served as co-chair of ebXML, the joint OASIS/United Nations Electronic Business Initiative, and has participated at the W3C including as co-chair of the XML Linking WG.
Presentation:
Forum on DNS Abuse
Transcript:
Transcript: Forum on DNS Abuse