APAC DNS Forum 2024 Pre-Event Webinars
DNS Delegation Security
18 June 2024, 0300 – 0400 UTC
Led by: China Internet Network Information Center, Jinan University, Computer Network Information Center – Chinese Academy of Sciences
Session Description
Domain Name System (DNS) is one of the core components of the Internet. It is organized through top-down zone delegation with a number of security flaws to address: 1) The traditional DNS protocol lacks delegation synchronization and confirmation mechanisms for parent and child zones, which has caused delegation inconsistency and forged delegation problems, leading to security issues such as NXNSAttack and NRDelegation; 2) The increased complexity of domain name resolution exposes more risk nodes, which might cause a “butterfly effect” and lead to widespread resolution failure; 3) The misaligned operation and management capabilities on the DNS authoritative servers might expose weaknesses and lead to other unpredictable attacks.
This webinar is designed to share insights and the latest findings related to the above issues and discuss resolutions for those challenges. Specifically, it focuses on protocol improvement, DNS delegation dependency measurement and analysis, operational practice, etc.
Moderator
Dr Dong-Jie LIU
Jinan University
Dong-Jie Liu is now with the School of Cyberspace Security at Jinan University, Guangzhou, China after receiving her Ph.D. from the University of Chinese Academy of Sciences. Her research interests include DNS security and machine learning. She serves as the sub-project leader of two national key R&D programs on “Cyberspace Security Governance” and has published dozens of academic papers. Dong-Jie has been granted 3 invention patents and promoted 7 communication industry standards. In addition, she has served as the program chair of ACM ICEA2023 and ACM ICEA2021. She once participated in the Asia Pacific Internet Governance Academy (APIGA 2019) supported by ICANN.
Speakers
Mr Linjian (Davey) SONG
Senior DNS Architect, Alibaba Cloud
Linjian (Davey) Song works for Alibaba Cloud, holding the positions of senior technical architect and manager of the IPv6 Project within Alibaba Group. With extensive expertise in the technical, policy, and commercial realms of DNS, IPv6, and networking, he brings a wealth of knowledge to his role. Beyond his professional responsibilities, Davey actively contributes to the broader community through his involvement as the former CTO of the IPv6 Forum’s China office, as member of the ICANN RSSAC Caucus, and as coordinator of the Yeti DNS project.
Dr Baojun LIU
Assistant Professor, Tsinghua University
Dr. Baojun Liu is an assistant professor at the Institute for Network Science and Cyberspace of Tsinghua University. His research focuses on cyberspace security and has been recognized with awards and publications in top network security conferences. He discovered critical vulnerabilities in core Internet infrastructure and proposed novel techniques to counter cybercrimes. Baojun leads multiple national research projects in China as a principal investigator and serves as a member of the ICANN RSSAC Caucus.
Ms Man ZHANG
DNS Engineer, China Internet Network Information Center (CNNIC)
Man Zhang is a DNS engineer at CNNIC. Her research work focuses on the following areas: (1) Network infrastructure security, DNS threat detection, privacy enhancement, and protocol optimization (2) Analyzing applications and impacts of new security protection technologies in DNS (3) Optimizing network resource and system management mechanisms.
Ms Chendi MA
DNS Engineer, China Academy of Information and Communications Technology (CAICT)
Ma Chendi is the engineer at the Industrial Internet & Internet of Things Institute of China Academy of Information and Communications Technology, primarily focusing on Domain Name System (DNS) security, in-depth data mining and analysis. As a key technical professional, she has been involved in numerous national-level and ministerial-level construction projects. As a core member, Chendi has also participated in multiple projects under the National Key Research and Development Program of China with the theme of “Cyberspace Security Governance”. She boasts extensive experience in government work support, project construction, research topics, and report writing in the DNS field. Additionally, Chendi holds over ten patents for inventions, software copyrights, and academic papers.
How Fraudsters Evade DNS Abuse Detection, and How We Can Combat This
2 July 2024, 0300 – 0400 UTC
Led by: CSC
Session Description
While the ICANN community continues to improve DNS abuse resolution, hackers and phishers do not stand idle. A diverse group of experts will be providing an overview of the latest techniques to evade DNS abuse detection and how the community is building up better technical capabilities and partnerships to deal with the issue. It will highlight how private-private and private-public sector cooperation is vital to countering such evasion, with the objective of fostering more collaboration among the APAC community for data sharing and establishing trusted notifier networks.
Moderator
Mr Fernando CEVALLOS
Global Anti-Fraud Product Manager and Head of Development, CSC
Fernando Cevallos joined CSC as the lead anti-fraud developer in 2019. In this role, he brings proven skills in new technology and fraud prevention. A senior anti-fraud engineer for 10 years, Fernando started his software development career in 2005 using .NET and Java programming languages. He joined a large brand protection company as a junior anti-fraud engineer, working on fraud detection and mitigation technologies, and was promoted to senior SOC engineer. This position allowed him to fully understand fraud and all the threat vectors this field encompasses, while learning PHP and Python programming languages for tools development. Fernando is eager to introduce concepts that will push CSC to become the leading anti-fraud service company in the world.
Speakers
Dr Kenny HUANG
TWNIC Board Chair and APNIC EC Chair
Dr. Kenny Huang is a leading figure in Internet communities across Asia. Since the early years of Taiwan’s Internet development, he has contributed significantly to building a better Internet environment in Taiwan. Due to his extensive knowledge and experience, he has been invited to take up leading roles in many Internet organizations, including APNIC executive council chair, TWNIC board chair, and PIR board director (.org registry).
Dr. Huang’s contributions are particularly acknowledged in the development of Internet technology. He is one of the authors of IETF RFC3743, co-chair of ICANN CGP (Chinese LGR for the root zone), chair of ccNSO ccPDP4 WG, and advisory council member of DotAsia.
Dr. Huang has also been deeply involved in digital policy in Taiwan. He is a consultative committee member of the ICDF (International Cooperation and Development Fund), committee member of the telecommunications universal service fund of MoDA, committee member of the critical infrastructure protection program of the Executive Yuan, advisory committee member of the cybercrime prevention center of the Taiwan High Prosecutors Office, and an ICT expert of NSTC (National Science & Technology Council).
Dr. Huang holds a Ph.D. in MIS from National Chengchi University, an MSc in Scientific Computing from South Bank Polytechnic London, and a BEng from Tamkang University.
Mr Benedict CHENG
Group Chief Risk Officer, PCCW HKT
Mr. Benedict Cheng has spent more than 30 years of his career predominantly in investment banks where he held senior roles in market risk, traded credit risk, operational risk, compliance, and acted as business COO covering the Asia Pacific region. Throughout his banking career, Mr. Cheng led several key change management initiatives covering different business life cycles, including enterprise risk management process re-engineering and digital risk transformation. Since January 2019, Mr. Cheng has joined PCCW and HKT as GCRO and GDPO overseeing cybersecurity, technology risk, privacy, operational risk, regulatory, and financial crime compliance.
Mr David LIU
Chief Information Security Officer, LINE
David Liu joined LINE in 2016. He oversees security designs and strategies for LINE and has been working in the cybersecurity domain for over 16 years.
In addition to technical domains of security, such as software security, abuse detection, and privacy impact assessment, David has also extended his expertise to data science and legal compliance for handling abuse problems on the LINE platform, protecting business operations since becoming a LINE security member. He currently serves as the chief information security officer of LINE and manages security enhancements for security teams in overseas group companies, such as those in Thailand and Vietnam, as the lead of the Asia & Pacific team.
Evolving Operations, Abuse, and Security of the DNS
15 July 2024, 0800 – 0900 UTC
Led by: InForSec Forum, Alibaba Cloud, China Academy of Information and Communications Technology, Qi-Anxin Group
Session Description
The DNS has endured for over 40 years. A cornerstone of the Internet, operation and security of the DNS have been continuously and actively evolving. In tandem with the development of new DNS extensions and resource records, new abuse methods and security problems have also emerged. Significant efforts are devoted into monitoring the deployment and operational status of DNS functionalities as well as investigating novel types of threats. This webinar solicits the latest community works on evolving operations, abuse, and security of the DNS. It is expected to provide insights on the ever-changing DNS operational status and discuss how the community should address emerging security issues.
Moderator
Dr Chaoyi LU
Postdoctoral Researcher, Tsinghua University
Chaoyi Lu is a postdoctoral researcher at the Institute for Network Sciences and Cyberspace, Tsinghua University. His research areas lie in network security and Internet measurement, with particular interests in the Domain Name System (DNS) and other infrastructure. He has published papers at top academic venues and is a recipient of the IRTF Applied Networking Research Prize (ANRP).
Speakers
Dr Stephen MCQUISTIN
Assistant Professor, University of St Andrews
Stephen McQuistin is an assistant professor at the University of St Andrews. He works on projects aimed at improving the Internet protocol standardization process and its outputs by designing tools and interventions that address both technical and social challenges.
Ms Yevheniya NOSYK
Ph.D. Student, Université Grenoble Alpes
Yevheniya Nosyk is a Ph.D. student at Université Grenoble Alpes, where she conducts research on the Domain Name System (DNS), network measurements, and cybersecurity to build a safer Internet for everyone. She is a recipient of the IRTF Applied Networking Research Prize (ANRP) 2024 for her work on Extended DNS Errors.
Ms Chendi MA
DNS Engineer, China Academy of Information and Communications Technology (CAICT)
Ma Chendi is the engineer at the Industrial Internet & Internet of Things Institute of China Academy of Information and Communications Technology, primarily focusing on Domain Name System (DNS) security, in-depth data mining and analysis. As a key technical professional, she has been involved in numerous national-level and ministerial-level construction projects. As a core member, Chendi has also participated in multiple projects under the National Key Research and Development Program of China with the theme of “Cyberspace Security Governance”. She boasts extensive experience in government work support, project construction, research topics, and report writing in the DNS field. Additionally, Chendi holds over ten patents for inventions, software copyrights, and academic papers.
Mr Yunyi ZHANG
Ph.D. Student, Tsinghua University
Yunyi Zhang is a Ph.D. student and a member of the joint Ph.D. program between the National University of Defense Technology and Tsinghua University. His research interests include network security, Internet measurement, and emerging cyberspace security threats. He has published papers in top academic venues, including USENIX Security, IMC, and TDSC.
Dr Mingxuan LIU
Assistant Researcher, Zhongguancun Laboratory
Mingxuan Liu, is an Assistant Researcher at Zhongguancun Lab. She received her PhD degree from Tsinghua University in 2023. Her main research interests are Internet infrastructure security analysis and cybercrime governance based on data-driven methodology. She has published papers at top academic venues and accumulated high-risk vulnerability reports. Her academic research results have achieved real-world impact by receiving bonuses from several vendors, and the research results are adopted by well-known vendors such as Baidu, Tencent, Huawei, and Qi-Anxin.
DNS Abuse: Timely Insights and Collaborative Solutions
18 July 2024, 0300 – 0400 UTC
Led by: Internet Development Initiative
Session Description
This panel discussion aims to provide timely updates on DNS abuse, share noteworthy information, and foster collaborative conversations. Experts will be highlighting current trends, challenges, and solutions, encouraging open dialogue and collective action to develop practical approaches to mitigate DNS abuse and enhancing online security. Participants will benefit from the sharing of recent data, case studies, and effective strategies, ensuring everyone stays informed about current issues and solutions. Through these discussions, this webinar aims to build a collective understanding of the problems and identify practical, collaborative approaches to mitigate DNS abuse.
Moderator & Speaker
Ms Neli ODISHVILI
CEO, Internet Development Initiative
Neli’s professional journey, spanning over 5 years, has equipped her with valuable experience in managing a wide range of initiatives. As CEO of the non-governmental organization, Internet Development Initiative, she led educational projects that empower and uplift communities. Guided by a vision of equitable cyber education, she strategizes, collaborates, and drives initiatives that foster knowledge, skills, and positive change.
In the scope of cooperation with the Israeli Embassy in Georgia, Neli facilitated the “Israel-Georgia School of Digital Culture.” The initiative provided a comprehensive understanding of the cyberspace to empower young Georgians.
As a researcher at the Global Foundation for Cyber Studies and Research, Neli worked in the fields of intellectual property, data protection, and cybersecurity. Through her recent papers, “Artificial Intelligence and Cyber Security” and “Machine Learning’s Role in Future Cybersecurity,” she contributed insights that shape the safeguarding of digital landscapes and pave the way for a secure technological future.
Speakers
Mr Shah Zahidur RAHMAN
ICANN Member, At-Large Advisory Committee (ALAC)
Shah Zahidur Rahman is an emerging technology specialist and independent consultant with expertise in digital technology policy and advocacy, as well as Internet governance. He has more than 15 years of working experience in the Internet industry. Over his long career, he has collaborated with various stakeholders from the private sector, government, and non-profit organizations. In his current role, he serves as the chief digital and innovation officer of a startup company based in Bangladesh. Additionally, he is currently a member of ICANN’s At-Large Advisory Committee (ALAC).
He is passionate about technology policy and governance issues, partnerships, data governance, cybersecurity, DNS, AI governance, data privacy and protection, and digital rights. He also serves as an executive committee member of the Asia Pacific School on Internet Governance (APSIG). Furthermore, he is a fellow alumni of ICANN, ISOC, IETF, APAN, NASIG, APRIGF, and others.
Ms Mariam TSIKLAURI
Assistant, Executive Council of Internet Society Georgia Chapter
Mariam is the assistant to the Executive Council of the Internet Society Georgia Chapter. She has been gaining knowledge on Internet law-related issues at the University of Lodz. Besides working in one of the most advanced legal firms in Georgia, she has been involved in internet governance since 2019 and organizing projects in non-governmental organizations such as the Internet Development Initiative and the Internet Society Georgia Chapter.
Mariam has also been involved in various projects, namely winter school on Internet governance, digital policies and innovation, SEEsummary, YOUthDIG youth school, ICANN NextGen, YOUthDIG for Digital Sustainability, and legal projects, specifically, the INADR International Law School Mediation Tournament and the John H. Jackson Moot Court Competition.