Underground economy. Economics of Security and Privacy (BMEVIHIAV15) Mark Felegyhazi. assistant professor CrySyS Lab.
|
|
- Stewart Lucas
- 5 years ago
- Views:
Transcription
1 Underground economy Economics of Security and Privacy (BMEVIHIAV15) Mark Felegyhazi assistant professor CrySyS Lab. Underground economy BME Department of Telecommunications (Híradástechnikai Tanszék) mfelegyhazi(atat)crysys(dot)hu
2 Underground economy 2 What is spam? spam = unwanted traffic , FB, Twitter, spam is an economic problem the Internet infrastructure amplifies the issues sending is cheap anonymity helps infrastructure can be dynamically changed after several years of research, spam is still an issue
3 How does spam look like? Underground economy 3
4 Underground economy 4 Defenses defend against spam detect botnets analyze and detect malware binaries block attack vectors using blacklists - , Twitter, FB, SEO, detect and take down infrastructure elements - DNS servers - web servers understand their profits
5 Underground economy 5 Spam is for profit + = spam is not a technology issue economics facet for profit operation most estimates are on the costs > 100 Billion spam s sent every day [Ironport] > $1B in direct costs anti-spam products/services [IDC] Estimates of indirect costs (e.g., productivity) x more need credible estimates on the demand-side Kanich, C. and Kreibich, C. and Levchenko, K. and Enright, B. and Voelker, G.M. and Paxson, V. and Savage, S., Spamalytics: An empirical analysis of spam marketing conversion, ACM CCS 2008
6 Underground economy 6 Costs for spammers benefit if production cost + delivery cost < conversion rate * marginal revenue spam no printing cost production & lead generation cost (i.e. mailing list) negligible delivery cost negligible botnets measure the conversion rate
7 Underground economy 7 Spam conversion rate A B C D E crawler targeted addresses converter not delivered blocked by spam filter ignored by user user left site Kanich, C. and Kreibich, C. and Levchenko, K. and Enright, B. and Voelker, G.M. and Paxson, V. and Savage, S., Spamalytics: An empirical analysis of spam marketing conversion, ACM CCS 2008
8 Underground economy 8 Storm botnet measurement study Overnet protocol workers proxies masters servers (bulletproof hosting) rendezvous codes to build a C&C channel operation 1. worker sends update request to proxies 2. proxies respond with spam workload: - spam template - addresses - dictionary 3. worker send spam 4. worker delivers report
9 Underground economy 9 s assigned per ho Storm botnet infiltration infiltration of the C&C architecture spam delivery honey free accounts for spam spam click-through redirect (part of the) clicks to own websites mimic original site Figure disallow 4: Number checkout of and messages discard assigned all form per info hour for each campaign. campaigns separate crawler visits Date CAMPAIGN DATES WORKERS S Pharmacy Mar 21 Apr 15 31, ,590,389 Postcard Mar 9 Mar 15 17,639 83,665,479 April Fool Mar 31 Apr 2 3,678 38,651,124 Total 469,906,992 Table 1: Campaigns used in the experiment. Number of conne
10 Underground economy 10 Measurements: conversion line A B C D E crawler targeted addresses converter not delivered blocked by spam filter ignored by user user left site STAGE PHARMACY POSTCARD APRIL FOOL A Spam Targets 347,590, % 83,655, % 40,135, % B MTA Delivery (est.) 82,700, % 21,100, % 10,100, % C Inbox Delivery D User Site Visits 10, % 3, % 2, % E User Conversions % % % conversion rate: 1/12.4m 1/265k 1/178k
11 Underground economy 11 Time to click Fraction of clicks Crawlers Users Converters 0 1s 10s 1min 10min 1h 6h 1d 1w 1m Time to click
12 Effects of blacklisting Underground economy Delivery Rate Prior to Blacklisting Delivery Rate Post Blacklisting
13 Geographic distributions of converters (1/2) Underground economy 13
14 Underground economy 14 Geographic distributions of converters (2/2) Number of Responders IND POL RUS CHN FRA GBR BRA MYS TUR CAN BGR UKR KOR DEU JPN AUS SAU THA CZE TWN EGY PAK HUN ISR ZAFITA ROM MEX ARG NLD CHL HKG ESP SGP AUT CHE SWE USA Response Rate for Pharmacy 5e 05 2e 04 5e 04 2e 03 TWN JPN USA FRA TUR MEX CHL ARGKOR GBR AUS CZE CANZAF DEU ITA NLD MYS UKR RUS CHN HUN ISR POL ROM THA VNM BRA PHL BGR EGY SAU PAK IND 2e+04 1e+05 5e+05 2e+06 1e+07 Number of Targets 2e 04 5e 04 1e 03 2e 03 5e 03 1e 02 Response Rate for Self prop
15 Underground economy 15 Conversion calculation 28/350m pharmacy s result in an (attempted) purchase ~ $100 per purchase $2, profit or $140/day BUT, only 1.5% of the worker bots studied estimated turnover: $7000/day or 3.5m/year how much is profit? we don t know cost of sending spam: $25000 means = spam sending would not make profits unless campaigns are interconnected (operated by the same gang) profit margins in spam are narrow and spammers are susceptible to economic-based defenses
16 Underground economy 16 Next step: spam value chain spam conversion conversion rate is small profits are marginal spammers sensitive to cost-increasing defenses GOAL: Find the weakest link in the spam value chain
17 Underground economy 17 Understand the spammers value chain gather data analyze data, infrastructure from spam sending to product delivery identify the weakest link = observe what changes takes the most effort
18 Pharmacy Express Underground economy 18
19 Underground economy 19 Data collection and processing Aug 1 Oct 31, 2010 data sources large URL feeds (security companies, webmail operators) botnet farm output spam honeypots crawling DNS, WHOIS, web clustering and tagging purchases and recording of fulfillments banking info delivery
20 Underground economy 20 Data source total URLs Feed Feed Received Distinct Name Description URLs Domains Feed A MX honeypot 32,548, ,631 Feed B Seeded honey accounts 73,614,895 35,506 Feed C MX honeypot 451,603,575 1,315,292 Feed D Seeded honey accounts 30,991,248 79,040 Feed X MX honeypot 198,871,030 2,127,164 Feed Y Human identified 10,733,231 1,051,211 Feed Z MX honeypot 12,517,244 67,856 Cutwail Bot 3,267, Grum Bot 11,920, MegaD Bot 1,221,253 4 Rustock Bot 141,621,731 13,612,815 Other bots Bot 7,768 4 Total 968,918,303 17,813,952 clustered and tagged URLs
21 Underground economy 21 Affiliate programs and infrastructure Purchases: 120 attempted 76 authorized 56 settled 49 products delivered
22 Infrastructure sharing Underground economy 22
23 Takedown potential Underground economy 23
24 Underground economy 24 Take-away banking is the weakest link for spammers two potential remedies pressure merchant banks establish a financial blacklist to stop transactions with certain merchant codes
25 Information sharing 25 Reading for next time Odlyzko, A., Privacy, Economics and Price Discrimination on the Internet Proceedings of the 5th international conference on Electronic commerce, 2003 optional: Acquisti, A., The Economics of Privacy, draft presentation, website:
Intermediaries and regulation
Intermediaries and regulation Economics of Security and Privacy (BMEVIHIAV15) Mark Felegyhazi assistant professor CrySyS Lab. Intermediaries and regulation BME Department of Telecommunications (Híradástechnikai
More informationCisco HCS Country Dial Plans
Introduction to Country Dial Plans for Cisco Unified Communications Domain Manager 8.1(x), page 1 Guidelines for Deploying Country Dial Plans, page 4 Load a Country-Specific Dial Plan, page 4 Introduction
More informationAGE GROUPS UNIFORMS UPDATED ON
AGE GROUPS UNIFORMS UPDATED ON 2018-05-25 ARG OPTION 1 Approved by the ITU Uniform Panel, 17 February 2014 MEN WOMEN ARG OPTION 2 Approved by the ITU Uniform Panel, 29 June 2017 AUS OPTION 1 Approved by
More informationELITE MULTISPORT UNIFORMS UPDATED ON
ELITE MULTISPORT UNIFORMS UPDATED ON 2018-04-25 ARG OPTION 1 Approved by ITU Uniform Panel, 17 February 2014 MEN WOMEN ARG OPTION 2 Approved by ITU Uniform Panel, 25 August 2011 The colours and design
More informationOn the Effects of Registrar-level Intervention
On the Effects of Registrar-level Intervention He (Lonnie) Liu Kirill Levchenko Geoffrey M. Voelker Stefan Savage UC San Diego Mark Felegyhazi Christian Kreibich UC Berkeley ICSI 1 Spam 2 Spam Infrastructure
More informationELITE MULTISPORT UNIFORMS UPDATED ON
ELITE MULTISPORT UNIFORMS UPDATED ON 2018-11-20 ARG Approved by the ITU Uniform Panel, 13 June 2018 AUS Approved by the ITU Uniform Panel, 25 January 2017 AUT Approved by ITU Uniform Panel, 17 March 2011
More informationThe webinar will begin shortly
The webinar will begin shortly Towards Green Growth? Official Launch of the OECD's Tracking Progress Report 27 July 2015 Need technical support? Email: contact@ggkp.org Supported by: Towards Green Growth?
More informationELITE TRIATHLON UNIFORMS UPDATED ON
ELITE TRIATHLON UNIFORMS UPDATED ON 2018-01-31 ARG OPTION 1 MEN Approved by the ITU Uniform Panel, 6 April 2016 This uniform is approved under the condition that Sponsor Space C is available only on the
More informationELITE TRIATHLON UNIFORMS UPDATED ON
ELITE TRIATHLON UNIFORMS UPDATED ON 2018-07-05 ARG Approved by the ITU Uniform Panel, 13 June 2018 AUS MEN Approved by the ITU Uniform Panel, 10 May 2018 AUS WOMEN Approved by the ITU Uniform Panel, 10
More informationOn NDN and ( lack of ) Measurement
On NDN and ( lack of ) Measurement Thomas Silverston National Institute of Information and Communications Technology (NICT) ICT Testbed Research, Development and Operation Lab P2P-TV Measurement Experiments
More informationBOTNET-GENERATED SPAM
BOTNET-GENERATED SPAM By Areej Al-Bataineh University of Texas at San Antonio MIT Spam Conference 2009 www.securitycartoon.com 3/27/2009 Areej Al-Bataineh - Botnet-generated Spam 2 1 Botnets: A Global
More informationCustomer specific dial plan
Prerequisites, page 1 Dial Plan workflow, page 2 Determine customer specific dial plan requirements, page 2 Prerequisites Note This section of the document starts the planning part that is repeated with
More informationNo Plan Survives Contact
No Plan Survives Contact Experience with Cybercrime Measurement Chris Kanich Neha Chachra Damon McCoy Chris Grier David Wang Marti Motoyama Kirill Levchenko Stefan Savage Geoffrey M. Voelker UC San Diego
More informationPackage pa. February 15, 2013
Package pa February 15, 2013 Type Package Title Performance Attribution for Equity Portfolios Version 1.2 Date 2013-01-05 Author Yang Lu and David Kane Maintainer Yang Lu Depends
More informationUC San Diego UC San Diego Electronic Theses and Dissertations
UC San Diego UC San Diego Electronic Theses and Dissertations Title An Exploration of the Identifying Characteristics of Spam Campaign Address Lists Permalink https://escholarship.org/uc/item/05z017qc
More informationMonetizing Attacks / The Underground Economy
Monetizing Attacks / The Underground Economy CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin Javed, Antonio Lupher, Paul Pearce & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/
More informationThe role of phone numbers in understanding cyber-crime
The role of phone numbers in understanding cyber-crime A. J. Isachenkova M. Balduzzi + A. Francillon D. Balzarotti Eurecom, Sophia Antipolis, France + Trend Micro Research, EMEA July 11, 2013 1/34 Introduction
More informationMeeting the Challenges of the Bottom of the Pyramid
Meeting the Challenges of the Bottom of the Pyramid Planting Seeds... Intel Applications Research and Strategy Lab 16 May, 2002 Colin M. Maclay Center for International Development Harvard University Agenda
More informationPARTS REFERENCE LIST MODEL: 1034D/1034DAV/2034D 1134DW/1134D DZ1234/1334D 734D/355D 1634D
Home Sewing Machine PARTS REFERENCE LIST MODEL: 1034D/1034DAV/2034D 1134DW/1134D DZ1234/1334D 734D/355D 1634D Published: Nov.,2000 Revised: Sep.,2017 MODEL LIST Model Countries (Added Date) 1134DW USA
More informationHow The Pursuit of Truth Led Me To Selling Viagra
How The Pursuit of Truth Led Me To Selling Viagra Vern Paxson EECS Department, University of California International Computer Science Institute Lawrence Berkeley National Laboratory Berkeley, California
More informationAutomating Security Response based on Internet Reputation
Add Your Logo here Do not use master Automating Security Response based on Internet Reputation IP and DNS Reputation for the IPS Platform Anthony Supinski Senior Systems Engineer www.h3cnetworks.com www.3com.com
More informationPromoting Broadband. International Telecommunication Union. Taylor Reynolds, July 7, 2003
Promoting Broadband 1 Taylor Reynolds, July 7, 2003 Note: The views expressed in this presentation are those of the authors and do not necessarily reflect the opinions of the ITU or its membership. Speeds
More informationStudying Spamming Botnets Using Botlab
Studying Spamming Botnets Using Botlab John P. John Alexander Moshchuk Steven D. Gribble Arvind Krishnamurthy Abstract In this paper we present Botlab, a platform that continually monitors and analyzes
More informationEcon 430 Lecture 3: Significance and Structural Properties of N
Econ 430 Lecture 3: Significance and Structural Properties of Networks Alper Duman Izmir University Economics, March 8, 2013 Prevalence of Networks Networks are everywhere! Even in this class. We can classify
More informationOECD Methodology for Measuring the Information Society
Gaborone, 28-29 October 2004 OECD Methodology for Measuring the Information Society Brigitte van Beuzekom OECD Economic Analysis and Statistics Division, Directorate for Science, Technology and Industry
More informationID Repetition in Kad
ID Repetition in Kad Jie Yu 1, Chengfang Fang 2, Jia Xu 2, Ee-Chien Chang 2, Zhoujun Li 3 1 Department of Computer Science, National University of Defense Technology, China 2 Department of Computer Science,
More informationBOTMAGNIFIER: Locating Spambots on the Internet
BOTMAGNIFIER: Locating Spambots on the Internet Gianluca Stringhini, Thorsten Holz, Brett Stone-Gross, Christopher Kruegel, and Giovanni Vigna University of California, Santa Barbara Ruhr-University Bochum
More informationIoT - Next Wave of DDoS? IoT Sourced DDoS Attacks A Focus on Mirai Botnet and Best Practices in DDoS Defense
IoT - Next Wave of DDoS? IoT Sourced DDoS Attacks A Focus on Mirai Botnet and Best Practices in DDoS Defense DDoS Attacks Increasing in Size, Frequency & Complexity Arbor Networks WISR XII Largest attack
More informationDATA FOR DEVELOPMENT June 13, 2017
DATA FOR DEVELOPMENT June 13, 2017 1 Recent economic developments and outlook 2 Data for development Malaysia s development and its data ecosystem o Data and the public sector- public service delivery
More informationTaster s Choice: A Comparative Analysis of Spam Feeds
Taster s Choice: A Comparative Analysis of Spam Feeds Andreas Pitsillidis apitsill@cs.ucsd.edu Kirill Levchenko klevchen@cs.ucsd.edu Chris Kanich ckanich@cs.uic.edu Stefan Savage savage@cs.ucsd.edu Geoffrey
More informationInstalling the Dialogic NaturalAccess Development Environment R9.x
Installing the Dialogic NaturalAccess Development Environment R9.x October 2010 64-0469-03 Rev A www.dialogic.com Copyright and legal notices Copyright 2000-2010 Dialogic Corporation. All Rights Reserved.
More informationBOOSTING BROADBAND and the case of Iceland
BOOSTING BROADBAND and the case of Iceland IIR 2003 20 th May 2003 Madrid (España) Lara Srivastava, Policy Analyst International Telecommunication Union (ITU/UIT) Note: The views expressed in this paper
More informationDistributed-Application Security
Distributed-Application Security Spam Spams Spam referred to unsolicited bulk email Spam emails contain advertisement, viruses, malware Spams emails are used to gather information about the victim Harvesting
More informationDigital Context Pacific Alliance
SEPTEMBER 2016 Digital Context Pacific Alliance 1 Index Overview 1 Digital scenario 2 ICT access and usage 3 Online activities 4 Regulation Appendix 2 Overview The (PA) has a high position regarding Internet
More informationThe CARMEN ANPR Engine Reference Manual of the CMANPR Software Module
The CARMEN ANPR Engine Reference Manual of the CMANPR Software Module v. 7.2.7.68 and above Document version: 13.10.22 Table of Contents Introduction... 2 Basic functionality... 2 About the CMANPR module...
More informationIntelligent and Secure Network
Intelligent and Secure Network BIG-IP IP Global Delivery Intelligence v11.2 IP Intelligence Service Brian Boyan - b.boyan@f5.com Tony Ganzer t.ganzer@f5.com 2 Agenda Welcome & Intro Introduce F5 IP Intelligence
More informationCustomer Specific Dial Plan
Prerequisites, page 1 Dial Plan Workflow, page 2 Determine Customer-Specific Dial Plan Requirements for Cisco Unified Communications Domain Manager 8.1(x), page 2 Determine Customer-Specific Dial Plan
More informationDetecting Abuse in TLDs
Detecting Abuse in TLDs A NameSentry TM presentation by Greg Aaron and Michael Young ICANN Toronto: 15 October 2012 2012 Illumintel Inc. All rights reserved. 1 Defining Abuse Every service provider has
More informationGlimpse of Bonet: Analysis, Detection and Defense
Glimpse of Bonet: Analysis, Detection and Defense Sanket N Patel, Tarulata Chauhan Department Of Computer Engineering L.J. Institute of Engineering & Technology,Ahmedabad-382210, Gujarat, India Abstract-Botnets
More informationInternational Communications Market Report Post
International Communications Market Report 13 7 7 Post 39 Contents 7.1 Key market developments in post 311 7.1.1 Introduction 311 7.1.2 The UK is among the cheapest countries in Europe to send a standard
More informationEARLY DETECTION OF SPAM-RELATED ACTIVITY
EARLY DETECTION OF SPAM-RELATED ACTIVITY A Thesis Presented to The Academic Faculty by Shuang Hao In Partial Fulfillment of the Requirements for the Degree Doctor of Philosophy in the School of Computer
More informationUnderstanding the Pipeline
This chapter contains the following sections: Overview of the Email Pipeline, page 1 Email Pipeline Flows, page 2 Incoming / Receiving, page 4 Work Queue / Routing, page 6 Delivery, page 10 Overview of
More informationIS THE INTERNET MOBILE?
International Telecommunications Society Asia-Australasian Regional Conference Perth, Australia 22-24 June 2003 IS THE INTERNET MOBILE? MEASUREMENTS FROM ASIA-PACIFIC Michael.Minges@itu.int Telecommunication
More informationChapter 2 Malicious Networks for DDoS Attacks
Chapter 2 Malicious Networks for DDoS Attacks Abstract In this chapter, we explore botnet, the engine of DDoS attacks, in cyberspace. We focus on two recent techniques that hackers are using to sustain
More informationAnalyzing and Modeling Longitudinal Security Data: Promises and Pitfalls. Benjamin Edwards, Steven Hofmeyr, Stephanie Forrest, and Michel van Eeten
Analyzing and Modeling Longitudinal Security Data: Promises and Pitfalls Benjamin Edwards, Steven Hofmeyr, Stephanie Forrest, and Michel van Eeten What security interventions have a long-term impact on
More informationDetecting Spamming Activities by Network Monitoring with Bloom Filters
Detecting Spamming Activities by Network Monitoring with Bloom Filters Po-Ching Lin, Ping-Hai Lin, Pin-Ren Chiou, Chien-Tsung Liu Department of Computer Science and Information Engineering National Chung
More informationPROTECTING YOUR BUSINESS ASSETS
PROTECTING YOUR BUSINESS ASSETS How to Spot Danger Before Your Computer Gets Infected, Your Site Hosts Malware, and Your Credit Card Number Gets Stolen A MyNAMS Presentation by Regina Smola @2012 Regina
More informationPrivacy Dimensions to Canada's Anti-Spam Legislation (CASL)
Privacy Dimensions to Canada's Anti-Spam Legislation (CASL) IAPP Canada Privacy Symposium 2012 May 9 11, 2012 Toronto, Ontario Michael De Santis, Legal Counsel Office of the Privacy Commissioner of Canada
More informationData Management and Gravity Estimation
Appendix A Data Management and Gravity Estimation A.1 Creating the Database for the Gravity Analysis As discussed in Chapter 2, for the gravity model to be estimated, it is necessary to merge databases
More informationSecurity Deployment Guide. Revision: H2CY10
Email Security Revision: H2CY10 Who Should Read This Guide This guide is intended for the reader with any or all of the following: 100 1000 connected employees Up to 20 branches with approximately 25 employees
More informationCyber Attack Information System CAIS. DI Thomas Bleier, MSc, CISSP, CEH
Cyber Attack Information System CAIS Cyber Attack Information System DI Thomas Bleier, MSc, CISSP, CEH 09.11.2012 AIT Austrian Institute of Technology Bundeskanzleramt Österreich Bundesministerium für
More informationGTAP Data Cycle and Releases. Presented by Betina Dimaranan
GTAP Data Cycle and Releases Presented by Betina Dimaranan GTAP Data Base Releases Data Release Release Year No. of Regions No. of Sectors Reference Year GTAP 1 1993 15 37 1990 GTAP 2 1994 24 37 1992 GTAP
More informationProtecting Virtual Environments
Turvaliselt on hea! Protecting Virtual Environments Trend Micro Deep Security Märt Erik, security engineer, Stallion Simon Wikberg, senior pre- sales engineer, Trend Micro Urmas Püss, sales consultant,
More informationSpamming Botnets: Signatures and Characteristics
Spamming Botnets: Signatures and Characteristics Himanshu Jethawa Department of Computer Science Missouri University of Science and Technology hj5y3@mst.edu http://www.sigcomm.org/sites/default/files/ccr/papers/2008/
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationAnti-Phishing Method for Detecting Suspicious URLs in Twitter
Anti-Phishing Method for Detecting Suspicious URLs in Twitter Salu Sudhakar 1, Narasimhan T 2 P.G. Scholar, Dept of Computer Science, Mohandas College of engineering and technology Anad, TVM 1 Assistant
More informationWHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale
WHITE PAPER Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale One key number that is generally
More informationOn the Effects of Registrar-level Intervention
On the Effects of Registrar-level Intervention He (Lonnie) Liu Kirill Levchenko Mark Felegyhazi Christian Kreibich Gregor Maier Geoffrey M. Voelker Stefan Savage Dept. of Computer Science and Engineering
More informationDigital Context: Argentina
NOVEMBER 216 Digital Context: Argentina 1 Outline Overview 1 Digital scenario 2 Demand side 3 Supply side 4 Regulation side 2 Overview Argentina has room for improving in terms of the Digitization Index,
More informationSecurity Trend of New Computing Era
Security Trend of New Computing Era Presented by Roland Cheung HKCERT Agenda Security Threat Overview Introduction of Botnet Impact of Botnet Fight Back Botnet Security Protection Scheme Security Threat
More informationImagine a place where the energy is green and excess data center heat isn t wasted. Imagine Stockholm.
Imagine a place where the energy is green and excess data center heat isn t wasted. Imagine Stockholm. The Stockholm Data Parks initiative will contribute to completely phasing out fossil fuels in Stockholm
More informationFinding the Linchpins of the Dark Web: A Study on Topologically Dedicated Hosts on Malicious Web Infrastructures
Finding the Linchpins of the Dark Web: A Study on Topologically Dedicated Hosts on Malicious Web Infrastructures Zhou Li, Indiana University Bloomington Sumayah Alrwais, Indiana University Bloomington
More informationSize Matters Measuring a Botnet Operator s Pinkie
VB2010, Vancouver Size Matters Measuring a Botnet Operator s Pinkie Gunter Ollmann, VP Research gollmann@damballa.com About Gunter Ollmann VP of Research, Damballa Inc. Board of Advisors, IOActive Inc.
More informationThe Domain Abuse Activity Reporting System (DAAR)
The Domain Abuse Activity Reporting System (DAAR) Dave Piscitello APWG EU October 2017 The Domain Abuse Activity Reporting system What is the Domain Abuse Activity Reporting system? A system for reporting
More informationAdvertising Network Affiliate Marketing Algorithm Analytics Auto responder autoresponder Backlinks Blog
Advertising Network A group of websites where one advertiser controls all or a portion of the ads for all sites. A common example is the Google Search Network, which includes AOL, Amazon,Ask.com (formerly
More informationCopyright 2014 NTT corp. All Rights Reserved.
Credential Honeytoken for Tracking Web-based Attack Cycle Mitsuaki Akiyama (akiama.mitsuaki@lab.ntt.co.jp) NTT Secure Platform Laboratories / NTT-CERT Who I am Mitsuaki Akiyama Security Researcher (Ph.D)
More informationF5 Synthesis Information Session. April, 2014
F5 Synthesis Information Session April, 2014 Agenda Welcome and Introduction to Customer Technology Challenges Software Defined Application Services Reference Architectures for Today s Customer Challenges
More informationFP7 NEMESYS Project: Advances on Mobile Network Security
Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem FP7 NEMESYS Project: Advances on Mobile Network Security Elina Theodoropoulou R&D Projects Section Manager etheodorop@cosmote.gr
More informationSpam and Cybercrime SMTP
Spam and Cybercrime 12/1/2010 Spam and Cybercrime 1 SMTP Simple Mail Transfer Protocol Client connects to server on TCP port 25 Client sends commands to server Server acks or notifies of error Security
More informationDetecting Spam Web Pages
Detecting Spam Web Pages Marc Najork Microsoft Research Silicon Valley About me 1989-1993: UIUC (home of NCSA Mosaic) 1993-2001: Digital Equipment/Compaq Started working on web search in 1997 Mercator
More informationBotnets: major players in the shadows. Author Sébastien GOUTAL Chief Science Officer
Botnets: major players in the shadows Author Sébastien GOUTAL Chief Science Officer Table of contents Introduction... 3 Birth of a botnet... 4 Life of a botnet... 5 Death of a botnet... 8 Introduction
More informationNATIONAL. EXPOSURE INDEX Inferring Internet Security Posture by Country Through Port Scanning. Rapid7 Labs June 7, 2018
NATIONAL 2018 EXPOSURE INDEX Inferring Internet Security Posture by Country Through Port Scanning Rapid7 Labs June 7, 2018 CONTENTS Executive Summary 5 Measuring National Exposure 7 Changes to Methodology
More informationLarge-Scale Internet Crimes Global Reach, Vast Numbers, and Anonymity
Computer Crime and Intellectual Property Section Large-Scale Internet Crimes Global Reach, Vast Numbers, and Anonymity Anthony V. Teelucksingh Computer Crime and Intellectual Property Section (CCIPS) Criminal
More informationBotnets: A Survey. Rangadurai Karthick R [CS10S009] Guide: Dr. B Ravindran
08-08-2011 Guide: Dr. B Ravindran Outline 1 Introduction 2 3 4 5 6 2 Big Picture Recent Incidents Reasons for Study Internet Scenario Major Threats Flooding attacks Spamming Phishing Identity theft, etc.
More informationInternet Threats Trend Report October 2012
Internet Threats Trend Report October 2012 In This Report Android malware compromised email accounts target mobile OS Grum Botnet taken down spam levels unaffected Olympic Games scammers exploit once-in-four-year
More informationCharacterizing a Meta-CDN
Characterizing a Meta-CDN Oliver Hohlfeld, Jan Rüth, Konrad Wolsing, http://comsys.rwth-aachen.de/ Berlin / PAM 2018 Motivation - What is a Meta-CDN? Content Delivery Networks Key component in the Internet,
More informationSynchronized Security
Synchronized Security 2 Endpoint Firewall Synchronized Security Platform and Strategy Admin Manage All Sophos Products Self Service User Customizable Alerts Partner Management of Customer Installations
More informationRe-wiring Activity of Malicious Networks
Re-wiring Activity of Malicious Networks Maria Konte and Nick Feamster Georgia Institute of Technology {mkonte,feamster}@cc.gatech.edu Abstract. This paper studies the AS-level re-wiring dynamics (changes
More informationUPGRADE YOUR ECOMMERCE SOLUTION
UPGRADE YOUR ECOMMERCE SOLUTION Upgrade Your Ecommerce Solution Read Time: 8 minutes UPGRADE YOUR ECOMMERCE SOLUTION Making the Move to SuiteCommerce Standard You know first hand the benefits of having
More informationSecurity Protection
Email Security Protection Loay Alayadhi Abstract: Email is the most important business communication tool. Security has been an issue in mail from ancient times. Therefore, email security protection has
More informationDigital Marketing. Introduction of Marketing. Introductions
Digital Marketing Introduction of Marketing Origin of Marketing Why Marketing is important? What is Marketing? Understanding Marketing Processes Pillars of marketing Marketing is Communication Mass Communication
More informationUsing the Control Panel
Using the Control Panel Technical Manual: User Guide Creating a New Email Account 3. If prompted, select a domain from the list. Or, to change domains, click the change domain link. 4. Click the Add Mailbox
More informationApp Economy Market analysis for Economic Development
App Economy Market analysis for Economic Development Mustapha Hamza, ISET Com Director mustapha.hamza@isetcom.tn ITU Arab Forum on Future Networks: "Broadband Networks in the Era of App Economy", Tunis
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationTumbling Down the Rabbit Hole:
Tumbling Down the Rabbit Hole: Exploring the Idiosyncrasies of Botmaster Systems in a Multi-Tier Botnet Infrastructure Chris Nunnery Greg Sinclair Brent ByungHoon Kang [ University of North Carolina at
More informationThreat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN)
Threat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN) JP Vasseur, PhD - Cisco Fellow jpv@cisco.com Maik G. Seewald, CISSP Sr. Technical Lead maseewal@cisco.com June 2016 Cyber
More informationSME Developing and managing your online presence. Presented by: Rasheed Girvan Global Directories
SME Developing and managing your online presence Presented by: Rasheed Girvan Global Directories DIGITAL MEDIA What is Digital Media Any media type in an electronic or digital format for the convenience
More informationSecuring and File Sharing in the Cloud
Securing Email and File Sharing in the Cloud Your Presenter Erick Simpson Vice President & CIO, SPC International Online A strategic IT business transformation specialist experienced in improving top and
More informationDNS Security. Ch 1: The Importance of DNS Security. Updated
DNS Security Ch 1: The Importance of DNS Security Updated 8-21-17 DNS is Essential Without DNS, no one can use domain names like ccsf.edu Almost every Internet communication begins with a DNS resolution
More informationMODEL: DCP-J100/J105 J132W/J152W/J172W MFC-J200/J245
Inkjet MFC PARTS REFERENCE LIST MODEL: DCP-J100/J105 J132W/J152W/J172W MFC-J200/J245 Read this list thoroughly before maintenance work. Keep this list in a convenient place for quick and easy reference
More informationMESSAGING SECURITY GATEWAY. Solution overview
MESSAGING SECURITY GATEWAY Solution overview April 2017 CONTENTS Executive Summary...3 The case for email protection and privacy... 3 Privacy in email communication... 3 LinkedIn Phishing Sample...4 Messaging
More informationBe certain. MessageLabs Intelligence: May 2006
Be certain MessageLabs Intelligence: May 2006 Introduction Welcome to the May edition of the MessageLabs Intelligence monthly report. This report provides the latest threat trends for May 2006 to keep
More informationMEASURING AND FINGERPRINTING CLICK-SPAM IN AD NETWORKS
MEASURING AND FINGERPRINTING CLICK-SPAM IN AD NETWORKS Vacha Dave *, Saikat Guha and Yin Zhang * * The University of Texas at Austin Microsoft Research India Internet Advertising Today 2 Online advertising
More informationCroatian National CERT ACDC project Darko Perhoc, Head of National CERT CISSP, CEH, CCNP Security R&S,CCDP
Croatian National CERT ACDC project Darko Perhoc, Head of National CERT CISSP, CEH, CCNP Security R&S,CCDP Croatian National CERT (HR-CERT) mission: Promoting and preserving information security of public
More informationMeasurement and Tracking Awareness June 2011
Measurement and Tracking Awareness June 2011 1 2010-2011 Cooperative Awareness Program Goals and Measurement The below goals were based on a initial budget of $547,572, actual media spend was $418,483.
More informationAvast Customer & Technical Support Policy
Avast Customer & Technical Support Policy PLEASE READ THE TERMS AND CONDITIONS OF THIS SUPPORT POLICY ( SUPPORT POLICY ). THIS SUPPORT POLICY IS PROVIDED BY AVAST SOFTWARE s.r.o., A COMPANY DULY ORGANIZED
More informationAdvanced Marketing Certification Training
Advanced Email Marketing Certification Training Duration: 25+ hours; e-learning content PREREQUISITES Although not required, ideally, participants will first complete our Email Marketing Foundations course.
More informationSpamPots Project: Using Honeypots to Measure the Abuse of End-User Machines to Send Spam. Cristine Hoepers General Manager
SpamPots Project: Using Honeypots to Measure the Abuse of End-User Machines to Send Spam Cristine Hoepers General Manager cristine@cert.br CERT.br Computer Emergency Response Team Brazil NIC.br - Network
More informationAn Eye on the Storm: Inside the Storm Epidemic. Josh Ballard Network Security Analyst Kansas State University
An Eye on the Storm: Inside the Storm Epidemic Josh Ballard Network Security Analyst Kansas State University bal@k-state.edu Contents The Headlines Peer-to-peer network So just how big is this thing? How
More informationBeyond Blind Defense: Gaining Insights from Proactive App Sec
Beyond Blind Defense: Gaining Insights from Proactive App Sec Speaker Rami Essaid CEO Distil Networks Blind Defense Means Trusting Half Your Web Traffic 46% of Web Traffic is Bots Source: Distil Networks
More information