ICANN ICANN Email List Archives

[gnso-ff-pdp-may08]

<<< Chronological Index >>>    <<< Thread Index >>>

[gnso-ff-pdp-may08] Proposed additional text, section 5, following line 363

  • To: gnso-ff-pdp-May08@xxxxxxxxx
  • Subject: [gnso-ff-pdp-may08] Proposed additional text, section 5, following line 363
  • From: Joe St Sauver <joe@xxxxxxxxxxxxxxxxxx>
  • Date: Tue, 2 Sep 2008 11:02:36 -0700
Section 5, lines 358-363, PDF pages 16-17, reads:

   "Note:  The WG did not answer the following charter-questions due to 
   the lack of: 

      o A robust technical, and process, definition of "fast flux"
      o Reliable techniques to detect fast flux networks while avoiding 
        false positives,
      o Reliable information as to the scope and penetration of fast flux
        networks,
      o Reliable information as to the financial and non-financial impact
        of fast flux networks

I would propose the addition of the following text after line 363:

   "Some members of the working group believe that the Mannheim fast flux
   score formula would provide a robust and mechanically applicable 
   definition of "fast flux" which would minimize false positives, and 
   believe that the use of whitelisting plus manual review can eliminate 
   any remaining potential false positives.

   "The working group received multiple offers of fast flux-related data
   from <insert list of fastflux data sources here [I'm aware of at least
   two or three, but I'll defer to the data collection subcommittee for a 
   definitive list]>. The working group accepted [or rejected] data from 
   those sources, and [did what with it?], finding [what?]. Those interested 
   in working with that data can apply to obtain access to it by contacting 
   [who?]

   "While it may not be possible to definitively distinguish the costs of
   cybercrime associated with fast flux from the costs of cybercrime
   conducted separate from fast flux, the working group did receive
   reports on aggregate estimates of cybercrime-related costs, and even
   if a fraction of 1% of all cybercrime can be tied to fastflux, the 
   costs would be staggering. Moreover, at least in some cases such as
   the use of fast flux to distribute child pornography, there are
   substantial non-financial human costs which should also be recognized."

Regards,

Joe 

Disclaimer: all opinions strictly my own
<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy