The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - November/December (2009 vol.13)
pp: 14-21
Mat Ford , Internet Society
Leslie Daigle , Internet Society
ABSTRACT
Unwanted traffic is a serious problem on today's network. For too long, the balance between the value of the transactions occurring on the network and the security of the infrastructure itself has tipped in the wrong direction. In this article, the authors identify the threats of most concern and identify some ways in which the broader Internet community is addressing them. The open, bottom-up processes of the IETF and the Internet community in general are making steady inroads in tackling the serious threat that unwanted traffic poses to the Internet's continued growth and enrichment.
INDEX TERMS
Internet, security, DNSSEC, unwanted traffic, Internet traffic
CITATION
Mat Ford, Leslie Daigle, "Addressing Unwanted Traffic on the Internet: A Community Response", IEEE Internet Computing, vol.13, no. 6, pp. 14-21, November/December 2009, doi:10.1109/MIC.2009.123
REFERENCES
1. R. Anderson et al., "Security Economics and the Internal Market," Feb. 2008; www.enisa.europa.eu/doc/pdf/report_sec_econ_&_int_mark_20080131.pdf.
2. D. McPherson and C. Labovitz eds., Worldwide Infrastructure Security Report, Volume IV, Arbor Networks, Oct. 2008.
3. P. Porras, H. Saidi, and V. Yegneswaran, An Analysis of Conficker's Logic and Rendezvous Points, tech. report, SRI Int'l, 2009; http://mtc.sri.com/Conficker/.
4. B. Krebs, "Digging Deeper into the CheckFree Attack," The Washington Post, 6 Dec. 2008; http://voices.washingtonpost.com/securityfix/2008/12/digging_deeper_into_the_checkf.html.
5. "Advisory on Registrar Impersonation Phishing Attacks (SAC028)," ICANN Security and Stability Advisory Committee, May 2008; www.icann.org/en/committees/security/ssac-documents.htm.
6. L. Andersson, E. Davies, and L. Zhang, Report from the IAB Workshopon Unwanted Traffic, IETF RFC 4948, 2007; http://tools.ietf.org/html/rfc4948.
7. E. Davies, "Unwanted Traffic," IETF J., vol. 3, no. 3,2007; www.isoc.org/tools/blogs/ietfjournal/?p=172.
8. ".ORG is the First Open Top-Level Domain to be Signed with Domain Name Security Extensions," Public Interest Registry, June 2009; http://pir.org/index.php?db=content/News&tbl=Press&id=25.
9. "Notice of Inquiry Regarding DNSSEC Implementation at the Root," US Federal Register, vol. 73, no. 197,2008; www.ntia.doc.gov/frnotices/2008/FR_DNSSEC_081009.pdf.
10. B. Taylor, "Fighting Phishing with eBay and PayPal," Gmail blog, July 2008, http://gmailblog.blogspot.com/2008/07/fighting-phishing-with-ebay-and-paypal.html.
11. F. Gont, "Security Assessment of the Internet Protocol (IP)," CPNI tech. note TN0108, July 2008; www.cpni.gov.uk/Products/technicalnotes/3677.aspx.
12. F. Gont, "Security Assessment of the Transmission Control Protocol (TCP)," CPNI tech. note TN0309, Feb. 2009; www.cpni.gov.uk/Products/technicalnotes/Feb-09-security-assessment-TCP.aspx.
13. R. Lemos, "McColo Takedown Nets Massive Drop in Spam," SecurityFocus, Nov. 2008; www.securityfocus.com/brief/855.
14. J. Zhuge et al., "Characterizing the IRC-Based Botnet Phenomenon," blog, Dec. 2007, http://honeyblog.org/junkyard/reports/botnet-china-TR.pdf.
15. "Microsoft Security Bulletin MS08-67—Critical—Vulnerability in Server Service Could Allow Remote Code Execution," Microsoft Technet, Oct. 2008; www.microsoft.com/technet/security/Bulletin/MS08-067.mspx.
19 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool