2016 Technology Exchange

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

REN-ISAC pDNS Project & Your Institutional Security

Time 09/27/16 03:50PM-04:40PM

Room Chopin

Session Abstract

Passive DNS replication, or simply "Passive DNS", involves the capture,
collection, and processing of Domain Name System (DNS) request and
response datagrams exchanged by caching recursive DNS resolving servers
and authoritative DNS servers. Passive DNS data is an extremely valuable
resource for (+) identifying threat indicators that can be applied in
security protections; (+) identifying security incidents and compromised
systems; (+) informing actions for security incident response; and (+)
for global security and law enforcement teams to identify malicious or
criminal infrastructure (servers, networks, botnets, etc.) The REN-ISAC
Passive DNS Project creates the conditions for REN-ISAC members to
directly benefit from global collections and analysis efforts, improves
those collections by our contributions, and opens the door for REN-ISAC
access to additional security intelligence resources. In this
presentation you'll learn: how REN-ISAC members contribute Passive DNS
data to the Project; why privacy and data sensitivity is not an issue;
the benefits realized by institutional contributions; and how your
institution can participate.

Speakers

Speaker Todd Herring Indiana University

Primary track Information Security

platinum Sponsors

gold Sponsors

silver Sponsors

supporter Sponsors