Security Innovation Grant 2010

We are happy to announce a new annual grant award program administered by DRG and funded by a personal donation from Robert O. Thomas III.

DRG expects to award an annual investment of up to $10,000 (US) to the most innovative project in the area of information security. Proposals that address a current and widespread challenge or present a novel, but practical solution that aids the Internet security community are of particular interest. All finished solutions must be made available to the Internet community for non-commercial use and any software components must be made available as "open source".

Full grant details, including a grant application and an example grant application can be found here on the Security Innovation Grant page.

posted at 12:00 am | permanent link

The DRG Distro

We are happy to report that the DRG is in full swing and work on the first project has already begun in earnest. The DRG Distro, a custom UNIX distribution designed specifically for the DRG community is currently undergoing development and testing. An early prototype is already running on a number of DRG nodes and a limited release edition will be made available to a round of beta testers, partners and supporters over the coming weeks.

The DRG Distro will be made available to the community at no-cost and offer a number of useful services we are all very excited about. While the DRG Distro may be useful as a standalone distribution, it will provide the most benefit when integrated into the DRG Network, which combines DRG insight, analysis and tools to provide actionable intelligence to the Internet security community.

Making up the DRG Distro are a set of tools or modules that can be enabled or disabled based on the operator's preferences/restrictions. Integration into the DRG Network is also a local decision and if selected will enable access to the latest tools, insight and distro updates.

As always, we welcome your feedback and comments.

posted at 12:01 am | permanent link

Team Cymru Research NFP designated 501(3)c status

Team Cymru Research NFP, the sponsoring organization for the Dragon Research Group (DRG) has recently been designated a US Federal 501(c)3 non-profit organization. Team Cymru Research NFP is also a designated non-profit entity in the state of Illinois and has been for some time. This update in status may provide a potential tax benefit to current and future generous DRG contributors.

We have updated the About page to reflect this change as well as trying to better answer related questions.

posted at 12:00 am | permanent link

Kick-off Team

After over 120 that initially expressed interest in DRG, approximately 1/3 were selected for the formal interview process. We have scaled back our initial kick-off team, which resulted in us being able to only place 1 out of 5 interview candidates. We have selected a DRG manager from the list of candidates and that person is spearheading the team building process. Notifications to all remaining interview candidates are going out this week. The initial DRG focus will be on a single project. In due time we plan to grow the team and take on additional projects as originally planned. Stay tuned!

posted at 12:00 am | permanent link

DRG Start-up Advisory Panel Concludes

The DRG Start-up Advisory Panel has recently concluded and has provided us with valuable recommendations and guidelines for DRG. They met via teleconference a few times and exchanged ideas in email. We are now putting together an ongoing Advisory Council per their recommendation. We are also aiming to fill DRG positions and roles over the coming weeks as they have identified. In fact, the first set of interviews are beginning this week. The final Start-up Advisory Panel output is summarized below. Our kudos and thanks go out to Cecil Goldstein, Patrick Green, Lari Huttunen, Dr. Klaus-Peter Kossakowski and Ben Petro! If you have any feedback, feel free to contact us.

Start-up Advisory Panel Guidelines and Recommendations for the DRG

Strategy statement: DRG will investigate current and active attacks against the fabric of the Internet with a view to producing mitigation and defensive strategies as actionable intelligence.

The fabric of the Internet is defined as attacks with affect greater than 10% of the announced address space, in the first instance, but the DRG will look to redefine the criteria to better address more specific services crucial for the whole Internet community.

Objectives for Year 1

  • Build relationships with key data providers.
  • Identify key audiences for the defensive / mitigation strategies.
  • Create templates for presentation of defensive / mitigation strategies.
  • Develop a reporting structure for both Team Cymru and also the key audience.
  • Identify better metrics for the specific services crucial for the Internet.

Oversight of the DRG will be undertaken by the DRG Advisory Council. The council will be made up of three people (Team Cymru to extend invites). The Advisory Council will meet at regular intervals (e.g. quarterly) and identify DRG's progress against the strategic statement and objectives. After year one, the Council will help in the production of new objectives.

The DRG itself will be delineated into five regions: Asia-Pacific (APAC), Europe / Middle East, Africa, North America and South America. Each region will consist of three researchers and also a team leader who will act as regional coordinator. The coordinator role can be taken on by an existing regional researcher. For regions where researchers are unavailable another region can be expanded to help fill the gap.

One of the first roles with the DRG to be filled will be a single DRG manager, a volunteer, who will work with regional coordinators on strategy and who will present updates to the DRG advisory council. As DRG grows, the manager role may turn into a full-time position. An important task for the manager will be to translate the objectives into tactical goals.

Typical skills sets for the researchers will include data analysis, incident response and technical writing (in non-technical terms when necessary). The manager will have management experience, ideally in a global environment and network security skills.

Team Cymru retains the right of veto for all positions.

posted at 12:00 am | permanent link

#drg on Freenode

We have registered the Dragon Research Group as a "primary group" on the Freenode IRC Network and established a presence there with the #drg channel. Feel free to join us. This public channel will be just one of many avenues the DRG will be able to use to openly interact with the Internet community.

posted at 12:00 am | permanent link

DRG Executive Council

We are pleased to announce that the DRG Executive Council has formed, have already gotten together twice and is off to a roaring start. They are thinking hard and exchanging provoking ideas about what DRG can, should and will become. We expect to have a finalized report from them over the coming weeks. While we wait, allow us to introduce you to them:

  • Cecil Goldstein, APNIC
  • Patrick Green, University of Warwick
  • Lari Huttunen, Codenomicon
  • Dr. Klaus-Peter Kossakowski, Consultant
  • Ben Petro, Teneros

Cecil is the Training Manager for the Asia Pacific Network Information Centre (APNIC). Prior to this, Cecil was a lecturer in the Faculty of Information Technology at the Queensland University of Technology, focusing particularly on internetworking subjects. He has been involved in Internet training and support from the initial AARNET days. Cecil is originally from South Africa, but has lived in Israel and the UK prior to migrating to Australia in 1989. Cecil holds a BSoc and a MSc in Computer Science. Cecil is currently responsible for the development and management of APNIC's training and education activities.

Patrick first started in Network Security at Oxford University where he dealt with incidents such as Code Red, Melissa, Slammer, botnets and more. From there he moved to become the global CERT manager for Deutsche Bank, dealing with both insider and outside security breaches. He is currently Network Manager at Warwick University, ensuring that security gets built into the network from the ground up.

Lari holds an MA in Linguistics and Computer Science from the University of Helsinki. Prior to working for Codenomicon he was employed by the University of Helsinki, the Finnish Security Police SUPO and NBI Finland. While working for the police, he was active in different international security efforts. For example, he has participated in the Interpol Working Party IWPITC-E and the International Botnet Task Force. He is a postgraduate student at the Oulu University Secure Programming Group, OUSPG.

Dr. Kossakowski was instrumental in starting CERTs throughout Europe and promoting their role internationally. Since he learned about trojans and viruses 20 years ago, he tries to prepare for the unexpected; against companies, governments and the common user. He worries about the usage of suspicious executable code and worries about the impact malicious code may have. Recently he has been working on scalable infrastructures to handle the security needs of very large user communities. He has become more obsessed with the management, or lack thereof, of the risks and vulnerabilities in his academic work.

Ben joined Teneros from NeuStar, Inc. (NYSE: NSR), where he was appointed Senior Vice President for Ultra Services, following NeuStar's acquisition of UltraDNS Corporation in April 2006. Ben had been President and CEO of UltraDNS since 2001. He is a proven leader who has earned his outstanding reputation by repeatedly creating sustained value in a number of high-growth businesses. He grew UltraDNS into a profitable, high-growth company that provided infrastructure solutions to over 20% of the Internet and thousands of global enterprises. Prior to joining UltraDNS, Ben was Vice President of Marketing at Edge Connections, where he was responsible for creating and implementing its national brand and deploying a strategy for its service offering. He was responsible for forging key strategic alliances necessary for the company's subsequent long-term growth. As Director of Marketing for Logix Communications, Ben successfully launched the company's CLEC/broadband services in over 20 markets. He has also held highly successful leadership positions in marketing and strategy at MCI Communications and communications consulting firm QSI. Ben serves on the board of directors for a range of messaging and service companies including 3jam Inc. and PeerInfluence, Inc. He is also an investment partner with the San Francisco Arts Fund.

posted at 12:00 am | permanent link

drg-announce mailing list

The Dragon Research Group (DRG) is pleased to make available a public, read-only announcements mailing list. If you would like to keep abreast of all the latest developments happening with and within the DRG, feel free to visit the mailing list info page and follow the links to subscribe to drg-announce.

Please note, we have enabled HTTPS on all the subsequent links for the mailing list by default since you will be submitting your contact information if you subscribe. However, at this time the server is using a self-signed certificate that may result in a warning message from your browser. We have provided the technical details to many of the initial subscribers out-of-band, so that they could verify this certificate manually. If you need an and out-of-band email with certificate details, please do not hesitate to contact us at dragon@cymru.com.

posted at 12:00 am | permanent link

Welcome to Dragon Research Group!

We are extremely honored to have received positive responses from a large number of very talented individuals. We're currently in the final stages of building the infrastructure and procedures for Dragon Research Group (DRG) and plan to formally commence operations within the next 30 days. We are extremely excited by this new venture and are committed to making it a reality as soon as possible.

To this end we are currently looking to recruit an initial group of DRG founders. These first volunteers will be instrumental in setting the scope and tone for all future DRG operations. We are primarily looking for motivated individuals who are committed to making the Internet a better place. To help us in our initial selection process we would be grateful if you could perhaps take a few minutes to give us some more information about yourself, for example:

  • A current resume.
  • Two references (preferably in the IT security business) who will be able to vouch for your integrity and skills.
  • Your areas of interest in the IT field.
  • Your ability to commit a particular amount of time per month to DRG.
  • Why you feel your should be part of DRG, what you'll be able to contribute and what you hope to achieve and receive from DRG in return.

Feel free to write as much as you like - the more information we have about you the easier it will be for us to make a decision.

Please don't hesitate to contact dragon@cymru.com should you require any more information.

posted at 12:00 am | permanent link

About DRG

Apply to DRG

Host a DRG Distro Pod

Insight & Analysis


Weekend Reads


Security Innovation Grant

Mailing lists

DRG PGP public key

Follow us on Twitter Follow DragonResearch on Twitter

Feedback: dragon@dragonresearchgroup.org