Presentation is loading. Please wait.

Presentation is loading. Please wait.

Joint efforts in incident response in AP region and future work with RIR Suguru Yamaguchi JPCERT/CC.

Published byIsaac Gant Modified over 9 years ago

Similar presentations

Presentation on theme: "Joint efforts in incident response in AP region and future work with RIR Suguru Yamaguchi JPCERT/CC."— Presentation transcript:

1 Joint efforts in incident response in AP region and future work with RIR Suguru Yamaguchi JPCERT/CC

2 Overview Work called “Incident Response” Why do we need international coordination? Internet Registry has a key role to accelerate incident response tasks

3 Security Management Detection –Mechanism how we know incidents Protection –Mechanism how we can protect our system, designed and implemented beforehand. –“measures” Response –Work against security incidents

4 Analysis on Attacks Involved sites Technical Corporation Involved sites Advisors Vendors IR and Coordination Providing help on problem solutions –Information –Coordination –confidentiality

5 APSIRC APSIRC – Asia Pacific Security Incident Response Coordination –Originally developed by APNG in 1998 –SingCERT, CERTCC/KR, JPCERT –In 2002, conference was hold in Tokyo, Japan – “APSIRC2002” Annual conference for open regional forum on security management on the Internet Mainly supported by Japan financially. Next meeting will be held in Feb/Mar timeframe in somewhere in Asia [ KL in March, Taipei in Feb ]

6 APCERTF Asia Pacific Computer Emergency Response Task Force –Proposed by AusCERT –“Leading” IRT forms a task force for Stable and reliable contact point for each economy Development and deployment of leading edge technology and engineering for CSIRT operation –IODEF by SurfNET –Automatic information exchange and making info. Repository Public awareness Working with government actors –Mainly for intergovernmental workplace »APEC TEL WG (at Moscow meeting in August 2002) »ASEAN / ASEAN+3

7 Relationship of 2 groups APCERTF MY JP AU CN TW SG TH KR HK ID Govn. CERTs Vendor CERTs ISP CERTs Govn. CERTs Vendor CERTs ISP CERTs Govn. CERTs Vendor CERTs ISP CERTs APCERTF APSIRC

8 APCERTF Mission Maintain a trusted contact network of computer security experts in the Asia-pacific region –Enhance our regional and international cooperation on information security –Develop measures to deal with large-scale or regional network security incidents –Facilitate information sharing and technology exchange –Promote collaborative research and development –Address legal issues related to information security and emergency response across regional boundaries

9 APCERTF Constituency IP addresses within the APNIC block –60 degree parallel (longitude)

10 APCERTF Structure (proposed) Steering Committee (SC) –elected by APCERTF Members –2 years term –Determine direction and priorities Chair –elected by 2/3 of SC –2 years term –coordination of SC Secretariat –general contact point maintain records of Member information –administrative point for APCERTF Members –leading CSIRTs from each Asia-Pacific economies Associate Members –sponsored by an APCERTF Member –no voting right Advisory Committee –technical experts invited by the Steering Committee to provide technical advice on IT security issues –no voting right

11 APCERTF Members Australian Computer Emergency Response Team (AusCERT) Bach Khoa Internetwork Security Center (BKIS) CERNET Computer Emergency Response Team (CCERT) Computer Emergency Response Team Coordination Center-Korea (CERTCC- KR) China Computer Emergency Response Team Coordination Centre (CNCERT) Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT/CC) Indonesia Computer Emergency Response Team (IDCERT) Information Security Center - Korea Advanced Institute of Science and Technology (ISC/KAIST/KCERT) Information-technology Promotion Agency/IT Security Center (IPA/ISEC) Japan Computer Emergency Response Team / Coordination Center (JPCERT/CC) Malaysian Computer Emergency Response Team (MYCERT) Singapore Computer Emergency Response Team (SingCERT) Taiwan Computer Emergency Response Team / Coordination Center (TWCERT) Taiwan Computer Incident Response Coordination Center (TW-CIRC) Thai Computer Emergency Response Team (ThaiCERT)

12 Work with RIR Each registry knows everything –Use of IP address and domain: “whois” database –Once IRR is available, fundamental routing information is also available via registry Information is a key to accelerate incident responses –Solution development of counter measures –CSIRT want information precise and accurate enough Each registry sometimes has its own role to guide how ISP should react on incident response –Registries have full contact to ISP –At least, APNIC is a light house (not a forerunner) of ISP’s responsibility.

13 Summary APSIRC and APCERTF –APSIRC: Regional forum of CSIRT and related organizations –APCERTF: Task force for “upgrading” CSIRT activities in this AP region With RIR –More contact and collaboration –Sharing information, especially precise and accurate “whois” database.

Download ppt "Joint efforts in incident response in AP region and future work with RIR Suguru Yamaguchi JPCERT/CC."

Similar presentations

© 2004 APCERT APCERT Activity Update Yurie Ito JPCERT/CC (On behalf of the APCERT Secretariat)

© 2004 APCERT APCERT Activity Update Yurie Ito JPCERT/CC (On behalf of the APCERT Secretariat)
Kento Aida, Tokyo Institute of Technology Grid Working Group Meeting Aug. 27 th, 2003 Tokyo Institute of Technology Kento Aida.

Kento Aida, Tokyo Institute of Technology Grid Working Group Meeting Aug. 27 th, 2003 Tokyo Institute of Technology Kento Aida.
STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION
1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.

1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Welcome! Training BOF APNIC Open Policy Meeting 28-31 August 2001, Taipei, Taiwan.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Welcome! Training BOF APNIC Open Policy Meeting August 2001, Taipei, Taiwan.
APNIC Update AfriNIC 13 20-26 November 2010 Johannesburg, South Africa George Kuo Member Services Manager, APNIC.

APNIC Update AfriNIC November 2010 Johannesburg, South Africa George Kuo Member Services Manager, APNIC.
APNIC Update Paul Wilson Director General. Overview Priorities in 2009 IPv4 exhaustion IPv6 deployment Security Internet Governance Priorities in 2010.

APNIC Update Paul Wilson Director General. Overview Priorities in 2009 IPv4 exhaustion IPv6 deployment Security Internet Governance Priorities in 2010.
Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager.

Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager.
Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.

Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.
© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.

© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.
Collaborating and Communicating German Valdez, External Relations Program Director.

Collaborating and Communicating German Valdez, External Relations Program Director.
1 Korea status and future plan on spam & hacking complaints August 30, 2001 Yong Wan Ju Korea Network Information Center.

1 Korea status and future plan on spam & hacking complaints August 30, 2001 Yong Wan Ju Korea Network Information Center.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Overview AFRINIC Meeting Accra, Ghana, May 13th 2001 Anne Lord Asia Pacific.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Overview AFRINIC Meeting Accra, Ghana, May 13th 2001 Anne Lord Asia Pacific.
German Valdez Communications Area Manager Communications Area Report.

German Valdez Communications Area Manager Communications Area Report.
APNIC Update 1. 2 3 IPv4 Exhaustion Reached “Final /8” on 15 April 2011 103.0.0.0/8 New allocation policy activated Up to /22 per member From 15 April.

APNIC Update IPv4 Exhaustion Reached “Final /8” on 15 April /8 New allocation policy activated Up to /22 per member From 15 April.
Communications Area Report German Valdez, Communications Area Manager APNIC 28.

Communications Area Report German Valdez, Communications Area Manager APNIC 28.
JPCERT/CC May. 2003. Fixed-Point Auto Data Collecting System Getting more accurate Scan and Prove data to provide more accurate network traffic analysis.

JPCERT/CC May Fixed-Point Auto Data Collecting System Getting more accurate Scan and Prove data to provide more accurate network traffic analysis.
Asia Pacific Economic Cooperation Workshop on Meteorological and Hydrologic Cooperation Within APEC January 12, 2001 Albuquerque, NM.

Asia Pacific Economic Cooperation Workshop on Meteorological and Hydrologic Cooperation Within APEC January 12, 2001 Albuquerque, NM.
APCERT : APNIC Meeting 2014’ International Collaboration for Regional Cybersecurity Risk Reduction - APCERT Collaboration with Stakeholders Yurie Ito Chair,

APCERT : APNIC Meeting 2014’ International Collaboration for Regional Cybersecurity Risk Reduction - APCERT Collaboration with Stakeholders Yurie Ito Chair,
BCNET Security Policies Jens Haeusser Information Security Officer, UBC and Chair, Security Working Group, BCNET Internet2 Joint Techs Vancouver, BC July.

BCNET Security Policies Jens Haeusser Information Security Officer, UBC and Chair, Security Working Group, BCNET Internet2 Joint Techs Vancouver, BC July.

Similar presentations

Ads by Google