ICANN58 Copenhagen

TLD-OPS Workshop on the Collaborative Detection and Mitigation of DDoS Attacks on ccTLDs
Goal
The goal of the workshop is to explore how TLD-OPS members can collaborate to detect and mitigate DDoS attacks.
Motivation
The TLD-OPS Standing Committee is organizing the workshop because of the recent large-scale attacks on the DNS, such as on Dyn’s DNS services (October 2016) and on the DNS root (July 2016 and November 2015), which may increasingly target ccTLDs as well.
TLD-OPS is the incident response community for and by ccTLDs. Its purpose is to enable TLD-OPS members to collaboratively detect and mitigate relevant security and stability-related incidents on a global level, including DDoS attacks. The aim of TLD-OPS is to further extend members’ existing incident response structures, processes, and tools and not to replace them.
Since DDoS attacks may have a severe impact on the target (and potentially collateral damage for others), the TLD-OPS Standing Committee believes it is important to mobilize the collective experience of the TLD-OPS community on how to detect and mitigate DDoS attacks within TLD-OPS. The workshop facilitates this dialog through sharing of experiences, discussion, and generation of ideas. We will be looking the topic from multiple perspectives, such as technical, operational, compliance, and strategic.
Closed Session
Please accept our apologies for not being able to open up this session for everyone. This is because we will be sharing confidential information that will help ccTLDs to collaboratively strengthen the operational security and stability of their services.
Thank you for your understanding!
On behalf of the TLD-OPS Standing Committee,
Cristian Hesselman
Chair
About TLD-OPS
TLD-OPS is the global incident response community for and by ccTLDs. For more information, please contact the TLD-OPS Standing Committee at ccnso-tldops@icann.org or visit the TLD-OPS
website:
http://ccnso.icann.org/resources/tld-ops-secure-communication.htm.
-
Staff Leader: Kimberly Carlson