DoS-resistant Internet Grand Strategy Bob Briscoe Jan 2006.

Slides:



Advertisements
Similar presentations
Secure Internet Solutions Geoff Huston Chief Scientist, Internet Telstra.
Advertisements

In the case of an accident in your country during a transboundary movement of hazardous wastes, who will be liable for the damage caused according to domestic.
Vehicle-infrastructure integration: creating co-operative mobility systems and services Hearing EU Parliament, 22 January 2009 Hermann Meyer, CEO.
1 IPAWS: The Integrated Public Alert and Warning System.
Intuitive Design Inc. New Product Development Progress March 25, 2006 Prepared for: Company Management Team Dave Leis.
I n t e g r i t y - S e r v i c e - E x c e l l e n c e Headquarters U.S. Air Force 1 FY13 Legislative Action - Commercial Space Launch Cooperation (CSLC)
EXAMINING CYBER/COMPUTER LAW BUSINESS LAW. EXPLAIN CYBER LAW AND THE VARIOUS TYPES OF CYBER CRIMES.
Why are all architectural problems from 2000 still unsolved? How would we know we had solved socio-economic problems anyway? Bob Briscoe Chief Researcher,
DoS-resistant Internet Grand Strategy technical and economic measures Bob Briscoe Jun 2006.
Lecture III Globalization: Driving Forces of Global Integration and the pressure to Localize ( ch. 2)
1 © 2002, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Lawful Intercept Case Study Harvard Law School November 12, 2003.
Tussle in cyberspace: Defining tomorrow ’ s internet D.Clark, J.Wroclawski, K.Sollins & R.Braden Presented by: Ao-Jan Su (Slides in courtesy of: Baoning.
IS 425 Enterprise Information I LECTURE 9 Autumn  2004 Norma Sutcliffe.
Research direction Bob Briscoe Chief Researcher, BT Group Nov 2006.
DoS-resistant Internet - progress Bob Briscoe Jun 2005.
Future Research Directions Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.
Net Neutrality Questions. What if? Customer Lamps for Less Luxurious Lumination Telephone Company Welcome to lamps [click] [dial tone] Welcome to Luxurious.
European Investment Bank Group
I. Identification of Strategy (includes but not limited to SWOT) A. Firm Situation 1. General macro environment 2. Industry and Competitive analysis 
1 Status of the German Draft Legislation on Space Activities Dr. Bernhard Schmidt-Tedd, DLR Project 2001 Plus Workshop „Towards a Harmonised Approach for.
DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.
K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.
 Road Safety the European Union Policy Carla Hess European Commission, Directorate General for Mobility & Transport Road.
Controlling Internet Quality with Price Market Managed Multi-service Internet Bob Briscoe BTexact Research, Edge Lab, University College London & M3I Technical.
ITU Focal Point for Emergency Telecommunications
1 CREATING A LEARNING ORGANIZATION AND AN ETHICAL ORGANIZATION STRATEGIC MANAGEMENT BUAD 4980.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
Using Routing and Tunnelling to Combat DoS Attacks Adam Greenhalgh, Mark Handley, Felipe Huici Dept. of Computer Science University College London
Advisor : Kuang Chiu Huang Group : Ting Wei Lin,Ting Huei Lee, Kuei Chin Fan Transit & peering Taiwan Internet Interconnection problem.
1 7. The Global Marketplace. 2 Issues in International Marketing Examining global marketing environment Methods of entering foreign markets Developing.
Shepherd’s Presentation Draft Policy Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors 59.
The Master's research paper on the theme: "Risk management of the insurance company" (adapted from PJSC "Insurance Company "Dnipro") Student: Kryklyvets.
ESIL-02 Overview. Workshop Ground Rules All attendees represent themselves only and do NOT represent the views of their employer Please consider discussions.
IAEA International Atomic Energy Agency. IAEA Outline LEARNING OBJECTIVES FIRST THINGS FIRST Invitation of a mission Information meeting self-assessment.
Proposal for a new UNECE regulation on recyclability of motor vehicles Informal Document GRPE Reply to the Comments of the Russian Federation Informal.
1 Enterprise and Global Management of Information Technology.
GOVERNMENTS AND INFRASTRUCTURE INDUSTRIES :INTERNATIONAL DIFFERENCES c : IDEOLOGY OR GEO- POLITICS? Bob Millward University of Manchester.
WORKSHOP, Nicosia 2-3rd July 2008 “Extension of SAFETY & QUALITY Common Requirements to the EMAC States” Item 3 : Regulatory Context Peter Stastny EUROCONTROL.
“4WARD – Architecture and Design for the Future Internet” D2.1 Technical Requirement Hoon-gyu Choi
Policies for Peering and Internet Exchanges AFIX Technical Workshop Session 8.
ITS Standards Program Strategic Plan Summary June 16, 2009 Blake Christie Principal Engineer, Noblis for Steve Sill Project Manager, ITS Standards Program.
Internationalisation of Finnish Public Research Organisations Dr. Antti Pelkonen Senior Scientist, VTT Technical Research Centre of Finland
Congestion exposure BoF candidate protocol: re-ECN Bob Briscoe Chief Researcher, BT Nov 2009 This work is partly funded by Trilogy, a research project.
The Domain Name System and DNS Blocking Malcolm Hutty Head of Public Affairs, LINX February 2011.
1 Innovation in Services Business Service Design and Innovation Fostering the Economic and Legal Framework for Innovation Performance and Development of.
Guaranteed QoS Synthesiser (GQS) Bob Briscoe, Peter Hovell BT Research Jan 2005.
Slide 1 Recognition of Professional Qualifications in the European Single Market for Services Henri Olivier FEE Secretary General FEE (Fédération des Experts.
How a major ISP built a new anti-abuse platform Mike O’Reirdan Comcast Distinguished Engineer Internet Systems Engineering Comcast National Engineering.
Making stuff real re-feedback Bob Briscoe, BT Research Nov 2005 CRN DoS resistant Internet w-g.
 The word ‘strategy’ is derived from a Greek word ‘ strategos’, which means generalship----the actual direction of military force  Strategy is a plan.
PLANNING CYCLE An Overview. CONTENT Expected achievements Expected achievements Why IWRM Planning? Why IWRM Planning? Why a strategic approach? Why a.
Network Performance Isolation in Data Centres using Congestion Policing draft-briscoe-conex-data-centre-01.txt draft-briscoe-conex-data-centre-01.txt Bob.
1 IoT for Smart Cities Where we are at and where we could be Olga Cavalli CCAT LAT Argentina Forum on "Powering Smart Sustainable Cities With the Internet.
Information day on EUROCONTROL Guidance Material on the application of Common Requirements for Service Provision TECHNICAL & OPERATIONAL COMPETENCE ATS.
EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.
Automated Vehicles and Public Policy: State and Local Perspectives Ginger Goodin.
Maritime Security as an Integral Part of an
Agenda Control systems defined
Defending Against DDoS
Bob Briscoe, BT Murari Sridharan, Microsoft IETF-84 ConEx Jul 2012
Who should be responsible for risks to basic Internet infrastructure?
The Fundamentals of International Trade
Defending Against DDoS
Internet Interconnection
Paul Boase, Chair, Transport Canada Jill Collins, CSA Val Todd, CCMTA
What is the Fusion Industry Association?
Privacy Recommendation PAR Proposal
SECURITY MANAGEMENT ESPORG EXPERT Round Table
Presenter: Richard Brennan, Vice-Chair TC TISPSAN
Utility Management Training PollEv Session 1
Presentation transcript:

DoS-resistant Internet Grand Strategy Bob Briscoe Jan 2006

why goal of group to galvanise co-ordinated actions to make the Internet more resistant to denial of services attacks, without unduly blocking the emergence of innovative new applications of the Internet goal of writing a grand strategy to lay out the space of possible activity across fields in order to prioritise –identify approaches that require less co-ordination between companies, industries, disciplines, jurisdictions –identify gaps where co-ordination unavoidable –identify approaches not worth pursuing foster consensus, rather than “not invented here” audience pt I discursive: internal, members, researchers pt II conclusive: regulators, operators (regulatory, operations), vendors, researchers

status structure table of contents bullet point content one review pass so far on group wiki (at LINX) recruited expert authors

multidisciplinary contents intro technical measures economic & incentive-based measures contractual measures regulatory measures commercial realities conclusions Malcolm Hutty (LINX) Bob Briscoe (BT) Mark Handley (UCL) Bob Briscoe (BT) Scott Shenker (ICSI & UCB) Malcolm Hutty (LINX) Chris Marsden (Rand) placeholder for all Malcolm Hutty (LINX)

technical measures various dimensions improved operational practices (→BCP), equipment, architecture mitigating attack force vs mitigating attack capability attacks through vs on infrastructure hooks to trace attacker identity –path symmetry, ingress interface, e2e connection address incremental deployment issues arms races payload inspection vs cryptography traffic analysis vs route anonymisers

economic & incentive-based measures pricing to increase the cost of attacks limits of economic approaches value of attack >> cost irrational attackers internal ‘pricing’ to drive throttles and policers incentivising the clean up of zombie hosts insurance – blurring of responsibility?

contractual measures types of contract end customer acceptable use policies inter-provider contracts –various arrangements: pairwise, star-wise, overlay (edge-edge) rights to prevent vs. after the fact sanctions –various sanctions: financial, reputation, service impairment evidence by behaviour vs intent liability paymasters, attack co-ord, vectors (zombie, carrier, OS, ) attacker identification responsibility for allowing anon access (radio access issues) strength levels of identification

regulatory measures model AUPs/contracts? minimum requirements? enforceability across borders clarifying liability paymasters, attack co-ord, vectors (zombie, carrier, OS, ) if enforceability let down by a country, is country liable? relevant law available in each jurisdiction extensible law to new forms of attack

commercial realities place-holder for commentary on other sections some thoughts value of fostering innovation vs preventing harm feasibility of sanctions between mutually dependent peers effect of virtualisation on all the above (inc simple wholesaling)

summary setting an agenda for action towards a DoS resistant Internet getting involved edit on LINX WiKi access controlled: via Mark Handley first substantial draft from all authors: mid Apr snapshot Bob Briscoe