Improving Domain Names Utilization

Similar documents
Briefing on Handling of Phishing Websites in November 2017

Special Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation)

APWG Global Phishing Survey 2H2010

Donor Countries Security. Date

E-Signature Law of Iraq no. ( 78) of 2012

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Anti-Phishing Working Group

A comprehensive approach on personal data protection in the European Union

Promoting Global Cybersecurity

ENISA s Position on the NIS Directive

Cybersecurity for ALL

ASEAN COOPERATION ON DISASTER MANAGEMENT. Disaster Management & Humanitarian Assistance Division, ASEAN Secretariat

International Atomic Energy Agency Meeting the Challenge of the Safety- Security Interface

Resolution: Advancing the National Preparedness for Cyber Security

OAS Cybersecurity Capacity Building Efforts

APTLD & MYNIC JOINT SURVEY

SpamPots Project: Using Honeypots to Measure the Abuse of End-User Machines to Send Spam. Cristine Hoepers General Manager

Report on Spamvertising and Phishing using.hk Domain Names and McAfee Report. ccnso Meeting June 24, 2008

THE MADRID PROTOCOL. A single trademark registration supports regional economic integration. A Case Study

The IDN Variant TLD Program: Updated Program Plan 23 August 2012

Korea Phishing Activity Trends Report

State Planning Organization Information Society Department

Draft Resolution for Committee Consideration and Recommendation

International Legal Regulation of Cybersecurity U.S.-German Standards Panel 2018

"China WEEE" Development and Tendency Report

Phishing Activity Trends Report August, 2005

COMMISSION IMPLEMENTING DECISION (EU)

Organization/Office: Secretariat of the United Nations System Chief Executives Board for Coordination (CEB)

Standard Setting and Revision Procedure

Context-based Roles and Competencies of Data Curators in Supporting Data Lifecycle: Multi-Case Study in China

Registry Internet Safety Group (RISG)

European Standards- preparation, approval and role of CEN. Ashok Ganesh Deputy Director - Standards

Directive on Security of Network and Information Systems

The situation of threats in cyberspace in the first half of 2018

HEALTH INFORMATION INFRASTRUCTURE PROJECT: PROGRESS REPORT

2018 China International Consumer Electronics Show (SINOCES) Invitation

China ITS Standardization

SpamPots Project: Using Honeypots to Measure the Abuse of End-User Machines to Send Spam

Effective Cyber Incident Response in Insurance Companies

RESOLUTION 67 (Rev. Buenos Aires, 2017)

IoT Security Policy and Regulation Initiatives in China. Fan Dongyang, Huawei

QBPC s Mission and Objectives

Building a Resilient Security Posture for Effective Breach Prevention

Phishing Activity Trends Report October, 2004

Discussion on MS contribution to the WP2018

Member of the County or municipal emergency management organization

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

Legal framework of ensuring of cyber security in the Republic of Azerbaijan

Title of the presentation Date # EU-CHINA (Qingdao) Business and Technology Cooperation Fair

Global Cybersecurity Agenda

Presented by: - Anselm Charles ICT Manager CARICOM IMPACS

A System to Monitor and Analyse NET Based Industrial Economic Operations

REPORT ON THE ESTABLISHMENT OF THE INTERNATIONAL FORUM OF USERS OF SATELLITE DATA TELECOMMUNICATION SYSTEMS (SATCOM FORUM)

NATIONAL STRATEGY:- MALAYSIAN EXPERIENCE

ENFORCEMENT POWERS. The EU Perspective. Olivier Proust. Associate Hunton & Williams LLP

Featured Articles II Security Research and Development Research and Development of Advanced Security Technology

The Challenge of Spam An Internet Society Public Policy Briefing

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

China and International Governance of Cybercrime

79th OREGON LEGISLATIVE ASSEMBLY Regular Session. Senate Bill 90

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

About Issues in Building the National Strategy for Cybersecurity in Vietnam

Phishing Activity Trends Report January, 2005

RESOLUTION 179 (REV. BUSAN, 2014) ITU's role in child online protection

RESOLUTION 179 (REV. BUSAN, 2014) ITU's role in child online protection

POSITION DESCRIPTION

Economy Report [CHINA] 24 rd APLMF Meeting Siem Reap, Cambodia. BeiJing, China. Report developed/approved by Position

Phishing Activity Trends Report March, 2005

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Government Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

Google s Eligibility Criteria Will Stifle Innovation, Consumer Choice, and Competition

Australian Government Cyber-security Activities in the Pacific

Department of Defense Public Affairs Guidance for Official Use of Social Media

Toward Horizon 2020: INSPIRE, PSI and other EU policies on data sharing and standardization

Data Protection and Cybercrime Challenges

Regulatory Measures on Organic Product Certification Management

Directive on security of network and information systems (NIS): State of Play

Phishing Activity Trends Report August, 2006

Phishing Activity Trends

Cyber Security Law --- Are you ready?

Revised November EFESC Handbook

Forum. Ningbo, China 25 February

PHISHING Takedown Process

CONTINUING EDUCATION PROVIDER GUIDE

IT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive

The University of British Columbia Board of Governors

13.f Toronto Catholic District School Board's IT Strategic Review - Draft Executive Summary (Refer 8b)

Cybersecurity and the China Mobile Payment Market: The Risk to Chinese Consumers Is Great

Setting the Stage for Automatic Disposition

International Nonproliferation Export Control Program (INECP) Government Outreach for Enterprise Compliance

10 March Informal Expert Group for the ITU World Telecommunication Policy Forum

Canadian Anti-Spam Legislation (CASL)

ASEAN REGIONAL COOPERATION ON DISASTER MANAGEMENT

Cybersecurity Strategy of the Republic of Cyprus

Security Aspects of Trust Services Providers

The UN Counter-Terrorism Committee Executive Directorate and its cooperation with ICAO on travel document security

Project CyberSouth Cooperation on cybercrime in the Southern Neighbourhood

Universal Model Framework -- An Introduction

European Union Agency for Network and Information Security

Transcription:

Improving Domain Names Utilization Ning Kong June 27, 2017

Content Status Quo of Chinese Phishing Websites Anti-Phishing Alliance of China (APAC) Suggestions for Improving Domain Names Utilization Q & A

Status Quo of Chinese Phishing Websites 160000 147211 140000 120000 100000 80000 60000 40000 35176 70483 61017 58660 20000 0 2012 2013 2014 2015 2016 In 2016, The total amount of Chinese phishing websites is 147,211, which is 2.5 times bigger than that of 2015. Phishing attacks become more rampant and governance situation become more severe.

Status Quo of Chinese Phishing Websites E-commerce 5.21% Telecommunication 20.55% Others 0.79% Payment Transaction 45.70% Financial Secutity 27.76% Distribution of Industries

Status Quo of Chinese Phishing Websites.tk 1.03%.cn 1.39%.net 2.98%.au 0.95%.pw 6.09%.top 0.85%.br 0.80%.cl 0.67% others 6.04%.cc 14.95%.com 64.24% Distribution of TLDs

Status Quo of Chinese Phishing Websites 9 days 1.15% 10 days 1.17% 11 days 1.17% 8 days 1.71% 12 days or more 16.87% 1 day 15.25% 7 days 2.86% 2 days 19.83% 6 days 3.89% 5 days 6.62% 4 days 11.71% 3 days 17.77% Distribution of Phishing Websites Life Duration

Anti-Phishing Alliance of China (APAC) Founded on July 18, 2008 A nonprofit industry organization CNNIC assumes the duties of secretariat Official Website : www.apac.cn Reporting Email :jubao@apac.cn

APAC Members APAC is mainly comprised of registries and registrars, financial agencies, e-commerce enterprises and cybersecurity companies. Up to the end of 2016, the number of APAC members increased to 523.

APAC Duties Organize members in finding out, governing and preventing from phishing sites, share relevant information and promote construction of comprehensive governance system Perform international exchange and cooperation concerning legislation research, technical application and standard formulation Organize and carry out investigation and research on anti-phishing, provide relevant business and policy consultation services for members as well as offer decision support for government

APAC Architecture APAC Expert Steering Committee Secretariat Members Third-Party Technical Recognition Institutions Responsible for carrying out guidance on operation of APAC Responsible for daily work of APAC, preparation of Members Conference and treatment of unexpected events Members Conference has the right to formulate and modify the Articles and make decisions on important matters Responsible for preservation and technical recognition for phishing webpages; and propose advices on technical recognition for phishing websites

APAC Treatment Categories If the website is totally fake APAC registries/registrars will suspend the resolution service For Domain Names registered in China If the website is partly fake APAC registries/registrars will inform registrant to delete the phishing webpages For Domain Names registered outside China APAC cybersecurity companies and browser makers will tweet warnings through theirs products when users visit phishing websites

APAC Treatment Efficiency 107303 40219 66296 51198 58660 23722 26672 1610 10316 2008 2009 2010 2011 2012 2013 2014 2015 2016 In 2016, the APAC has identified and processed a total of 107,303 phishing websites, accumulatively up to 385,996.

CNNIC s Contributions---Proactive Phishing Detection System Since 2009, CNNIC has been focusing on the anti-phishing technical research, the Proactive Phishing Detection System is an important achievement. The core of the system is based on the Big Data analysis for the machine learning of domain name utilization. The phishing websites can be monitored and tracked from the registration phase, and can be discovered and disposed when they online.

CNNIC s Contributions---Proactive Phishing Detection System Title Domain Name Resolution

CNNIC s Contributions---Proactive Phishing Detection System Detection Capacity In 2016, the system identified and processed more than 40,000 phishing websites of 80 brands The life duration of phishing website detected by the system is 4.684 days, much shorter than the average number Technical Achievements CNNIC has published more than 10 academic papers and holds more than 10 anti-phishing patents Technical Specifications of Data Exchange for Reporting Phishing Attacks, the only anti-phishing industrial standard in China

CNNIC s Contribution---Reports & Briefings The Global Chinese Phishing Attack Trends Report analyzes the phishing attacks targeting Chinese brands and users over the world APAC releases Briefing every month, analyzing the situation of phishing website treatment

Suggestions for Improving Domain Names Utilization Encourage registries, registrars, academic institutions to facilitate scientific research, data exchanging and technology sharing Promote standardization on identification, sharing and disposal, and seek more cooperative chances with government agencies Strengthen universal education for end users, and heighten their awareness of online risks Capacity Building Enhance Supervision Strengthen Education Technic Disposal Awareness

THANKS! Q & A

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback