Study Materials for Operational Security and DOS Defense

The Denial of Service Defense (DOS Defense) activities within the Internet Community has been a consistent theme since the 1996 PANIX attacks. Private Industry collaborates and leads these activities with Government and Academic participation. What follows are some places people who are new to the Anti-DOS world can catch up with policies and practices used throughout the industry.

Background Materials on Operational Security Techniques, Practices, and DOS Defense

Archives and Organizations

There is a range of organizations which are centers of thinking, excellence, and operations for Internet Security. These organizations have archives of paper, best practices, and theoretical analysis. 

  • CyberGreen – CyberGreen helps CSIRTs focus their remediation efforts on the most important risks; to help understand where improvements can be made and how, together, we can achieve a more sustainable, secure, and resilient cyber ecosystem.
  • Forum of Incident Response and Security Teams (FIRST) – The idea of FIRST goes back until 1989, only one year after the CERT(r) Coordination Center was created after the infamous Internet worm. Since 1990, when FIRST was founded, its members have resolved an almost continuous stream of security-related attacks and incidents including handling thousands of security vulnerabilities affecting nearly all of the millions of computer systems and networks throughout the world connected to the ever-growing Internet. FIRST has an annual and regional meeting with over a decade of materials used by the Industry.
  • NATO Cooperative Cyber Defence Centre of Excellence (CCDCOC) – The NATO Cooperative Cyber Defence Centre of Excellence is a multinational and interdisciplinary hub of cyber defense expertise. The Tallinn-based international military organization focuses on technology, strategy, operations, and law.
  • National Cyber-Forensics & Training Alliance (NCFTA)One Team, One Goal – Companies, Government, And Academia Working Together To Neutralize Cyber Crime – The National Cyber-Forensics & Training Alliance (NCFTA) is a non-profit corporation founded in 2002, focused on identifying, mitigating, and neutralizing cybercrime threats globally. The NCFTA operates by conducting real-time information sharing and analysis with Subject Matter Experts (SME) in the public, private, and academic sectors. Through these partnerships, the NCFTA proactively identifies cyber threats in order to help partners take preventive measures to mitigate those threats. The NCFTA has a proven track record and has long been identified as the model for private/public partnerships. Today, the NCFTA model, best practices, and lessons learned are being leveraged and emulated in countries around the world. Our membership is constantly growing both nationally and internationally across private industry, law enforcement, government, and academia.  Collaboration with partners has resulted in countless criminal and civil investigations having been initiated, that otherwise may not have been addressed. To date, the NCFTA has provided intelligence which has aided in the successful prosecution of hundreds of cybercriminals worldwide. Furthermore, the NCFTA has produced more than 800 cyber threat intelligence reports over in the past three years alone to support our various initiatives and partners.
  • Online Trust Alliance (OTA) – Online Trust Alliance is an initiative within the Internet Society (ISOC), a global non-profit with the mission to promote the open development, evolution, and use of the Internet for the benefit of all people throughout the world. OTA’s mission is to enhance online trust, user empowerment and innovation through convening multi-stakeholder initiatives, developing and promoting best practices, ethical privacy practices, and data stewardship.

 

Examples of Private-to-Private Collaboration on DOS and Operator’s Security

Estonia 2007 Attacks

WireX Take Down (2017)

Academic Papers on DOS, Operational Security, and Resiliency

National and Internation Security Planning & Activities

Each country has a responsibility to protect their citizens and public interest from the security threats on today’s hyper-connected Internet. This network has replaced telecommunications networks so that we all have one network. This section collects materials from each of the countries. 

Japan