Home Mobile

Below are the M3AAWG published materials related to our work on preventing and mitigating malware. There is also a Mobile video playlist on our YouTube channel at www.youtube.com/maawg and there are a few selected videos on our website in the Training Videos and Keynotes Videos sections under the Meetings menu tab.

Best Practices

PDF
February 28, 2017

M3AAWG Password Recommendations for Account Providers

Passwords are used virtually everywhere.  This document provides password requirement recommendations for ISPs and other providers and briefly describes the risk model of using passwords to provide authorized or secure access to resources. It aims to improve end-user security by encouraging strong passwords.

PDF
June 08, 2015

Operation Safety-Net: Best Practices to Address Online, Mobile, and Telephony Threats

Written in plain language by M3AAWG and the London Action Plan (LAP), Operation Safety-Net outlines the current and emerging threats faced by consumers, businesses and governments with recommended best practices to address these threats. For a brief overview of the document, see the brochure explaining the global depth and breadth of these best practices in the Supporting Documents section from the For the Industry menu tab.

PDF
August 23, 2012

M3AAWG Network Address Translation Best Practices: The Implications of Large Scale NAT for Security Logging

Provides guidance for system operators, network designers, security professionals and Internet Service Providers about potential issues associated with Large Scale Network Address Translation systems. 

HTML
July 01, 2009

M3AAWG Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks

Note:  This M3AAWG best practices paper has been replaced by RFC 6561 Remediation of Bots in ISP Networks, March 2012 from the IETF.

Pages

Public Policy Comments

November 12, 2011

MAAWG Comments on Models to Advance Voluntary Corporate Notification to Consumers Regarding the Illicit Use of Computer Equipment by Botnets and Related Malware

Submitted to NIST in November 2011- Responding to a Request for Information from the U.S. Department of Commerce (DoC) and U.S. Department of Homeland Security (DHS), the comments are also available on the NIST site.

September 12, 2011

MAAWG Comments on National Initiative for Cybersecurity Education (NICE) Draft Strategic Plan

MAAWG submitted comments in September 2011
The comments were submitted to the National Institute of Standards and Technologyon its draft NICE plan.

September 06, 2011

MAAWG Comments to UK House of Commons Inquiry into Malware and Cyber-crime

MAAWG submitted a response in September 2011 to the Science and Technology Committee, UK House of Commons
The committee's inquiry covered a variety of questions related to malware and cyber-crime.

November 13, 2010

MAAWG Response to U.S. Department of Commerce’s Internet Policy Task Force on the Global Free Flow of Information on the Internet

MAAWG comments were submitted November 2010 in response to the DoC request.
The U.S. Department of Commerce’s Internet Policy Task Force requested comments on government policies that restrict Internet information flow, seeking to understand why these restrictions have been instituted; what, if any, impact they have, and how to address negative impacts. The DoC will publish a report contributing to the Administration’s domestic policy and international engagement on these issues.

October 27, 2010

MAAWG Comments on ICANN Study on the Prevalence of Domain Names Registered Using a Privacy or Proxy Registration Service

MAAWG comments were submitted October 2010 based on the ICANN request.
ICANN conducted an exploratory study in 2009 to assess an approximate percentage of domain names (through a statistical sampling plan) contained in the top 5 gTLD registries that used privacy or proxy registration services. The study indicated that at least 18% (and probably not much more than 20%) of the domain names contained in the top 5 gTLD registries used privacy or proxy registration services.

Pages

DM3Z Blog

Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group

None at this time.

News

Articles About M3AAWG

HTML
November 13, 2019

JPAAWG 2nd General Meeting


https://internet.watch.impress.co.jp/docs/interview/1217983.html
The Japan Anti-Abuse Working Group (JPAAWG) cooperates with M3AAWG to examine and implement measures against a wide range of email and messaging attacks, such as spam, malware and DDoS.

HTML
October 09, 2019

Twilio Joins Anti-Abuse Working Group


https://www.technologybusinesstoday.com/news/article/twilio-joins-anti-abuse-working-group
Twilio announced that it joined M3AAWG, the premier industry group dedicated to combating bots, malware, spam, viruses, denial-of-service attacks and other online exploitation.

HTML
October 07, 2019

Technology, law, and the world to protect the Internet: Interview with the standards organization JPAAWG


https://www.atmarkit.co.jp/ait/articles/1910/07/news010.html
Japan Anti-Abuse Working Group (JPAAWG) launched in May 2019 and works with M3AAWG to focus on Internet security in Japan. ITmedia spoke with Mr. Shuji Sakuraba and Mr. Nobuhiro Suemasa of JPAAWG about the group’s work, including collaboration with M3AAWG.

HTML
October 03, 2019

AI’s Place in Preventing Piracy


https://www.cablefax.com/technology/rough-seas-ais-place-in-preventing-piracy
Cable operators are working to prevent disruptions to their networks caused by the streaming of pirated content and DDoS attacks. The article calls out CableLabs’ work with M3AAWG on the DDoS Information Sharing Project.

HTML
October 02, 2019

Is a DMARC policy really right for everyone?


https://www.valimail.com/blog/dmarc-enforcement-for-everyone/
Valimail makes the case for DMARC enforcement and notes that M3AAWG recommends enforcement as a deliverability best practice.

Pages

Subscribe to