发布求助
文献互助 智能选刊 最新文献

2015 APWG Symposium on Electronic Crime Research (eCrime)最新文献

筛选
英文 中文
Beyond the lock icon: real-time detection of phishing websites using public key certificates 锁图标之外:使用公钥证书实时检测钓鱼网站
2015 APWG Symposium on Electronic Crime Research (eCrime) Pub Date : 2015-05-26 DOI: 10.1109/ECRIME.2015.7120795
Zheng Dong, Apu Kapadia, J. Blythe, L. Camp
{"title":"Beyond the lock icon: real-time detection of phishing websites using public key certificates","authors":"Zheng Dong, Apu Kapadia, J. Blythe, L. Camp","doi":"10.1109/ECRIME.2015.7120795","DOIUrl":"https://doi.org/10.1109/ECRIME.2015.7120795","url":null,"abstract":"We propose a machine-learning approach to detect phishing websites using features from their X.509 public key certificates. We show that its efficacy extends beyond HTTPS-enabled sites. Our solution enables immediate local identification of phishing sites. As such, this serves as an important complement to the existing server-based anti-phishing mechanisms which predominately use blacklists. Blacklisting suffers from several inherent drawbacks in terms of correctness, timeliness, and completeness. Due to the potentially significant lag prior to site blacklisting, there is a window of opportunity for attackers. Other local client-side phishing detection approaches also exist, but primarily rely on page content or URLs, which are arguably easier to manipulate by attackers. We illustrate that our certificate-based approach greatly increases the difficulty of masquerading undetected for phishers, with single millisecond delays for users. We further show that this approach works not only against HTTPS-enabled phishing attacks, but also detects HTTP phishing attacks with port 443 enabled.","PeriodicalId":127631,"journal":{"name":"2015 APWG Symposium on Electronic Crime Research (eCrime)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114638314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 50
Spare the rod, spoil the network security? Economic analysis of sanctions online 省了棍子,破坏了网络安全?经济分析的制裁在线
2015 APWG Symposium on Electronic Crime Research (eCrime) Pub Date : 2015-05-26 DOI: 10.1109/ECRIME.2015.7120800
Vaibhav Garg, L. Camp
{"title":"Spare the rod, spoil the network security? Economic analysis of sanctions online","authors":"Vaibhav Garg, L. Camp","doi":"10.1109/ECRIME.2015.7120800","DOIUrl":"https://doi.org/10.1109/ECRIME.2015.7120800","url":null,"abstract":"When and how should we encourage network providers to mitigate the harm of security and privacy risks? Poorly designed interventions that do not align with economic incentives can lead stakeholders to be less, rather than more, careful. We apply an economic framework that compares two fundamental regulatory approaches: risk based or ex ante and harm based or ex post. We posit that for well known security risks, such as botnets, ex ante sanctions are economically efficient. Systematic best practices, e.g. patching, can reduce the risk of becoming a bot and thus can be implemented ex ante. Conversely risks, which are contextual, poorly understood, and new, and where distribution of harm is difficult to estimate, should incur ex post sanctions, e.g. information disclosure. Privacy preferences and potential harm vary widely across domains; thus, post-hoc consideration of harm is more appropriate for privacy risks. We examine two current policy and enforcement efforts, i.e. Do Not Track and botnet takedowns, under the ex ante vs. ex post framework. We argue that these efforts may worsen security and privacy outcomes, as they distort market forces, reduce competition, or create artificial monopolies. Finally, we address the overlap between security and privacy risks.","PeriodicalId":127631,"journal":{"name":"2015 APWG Symposium on Electronic Crime Research (eCrime)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121906028","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Analysis of content copyright infringement in mobile application markets 移动应用市场内容版权侵权分析
2015 APWG Symposium on Electronic Crime Research (eCrime) Pub Date : 2015-05-26 DOI: 10.1109/ECRIME.2015.7120798
Ryan V. Johnson, Nikolaos Kiourtis, A. Stavrou, Vincent Sritapan
{"title":"Analysis of content copyright infringement in mobile application markets","authors":"Ryan V. Johnson, Nikolaos Kiourtis, A. Stavrou, Vincent Sritapan","doi":"10.1109/ECRIME.2015.7120798","DOIUrl":"https://doi.org/10.1109/ECRIME.2015.7120798","url":null,"abstract":"As mobile devices increasingly become bigger in terms of display and reliable in delivering paid entertainment and video content, we also see a rise in the presence of mobile applications that attempt to profit by streaming pirated content to unsuspected end-users. These applications are both paid and free and in the case of free applications, the source of funding appears to be advertisements that are displayed while the content is streamed to the device. In this paper, we assess the extent of content copyright infringement for mobile markets that span multiple platforms (iOS, Android, and Windows Mobile) and cover both official and unofficial mobile markets located across the world. Using a set of search keywords that point to titles of paid streaming content, we discovered 8,592 Android, 5,550 iOS, and 3,910 Windows mobile applications that matched our search criteria. Out of those applications, hundreds had links to either locally or remotely stored pirated content and were not developed, endorsed, or, in many cases, known to the owners of the copyrighted contents. We also revealed the network locations of 856,717 Uniform Resource Locators (URLs) pointing to back-end servers and cyber-lockers used to communicate the pirated content to the mobile application.","PeriodicalId":127631,"journal":{"name":"2015 APWG Symposium on Electronic Crime Research (eCrime)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122374724","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Spammer success through customization and randomization of URLs 垃圾邮件发送者通过自定义和url的随机化成功
2015 APWG Symposium on Electronic Crime Research (eCrime) Pub Date : 2015-05-26 DOI: 10.1109/ECRIME.2015.7120799
Gary Warner, D. Rajani, M. Nagy
{"title":"Spammer success through customization and randomization of URLs","authors":"Gary Warner, D. Rajani, M. Nagy","doi":"10.1109/ECRIME.2015.7120799","DOIUrl":"https://doi.org/10.1109/ECRIME.2015.7120799","url":null,"abstract":"Spam researchers and security personnel require a method for determining whether the URLs embedded in email messages are safe or potentially hostile. Prior research has been focused on spam collections that are quite insignificant compared to real-world spam volumes. In this paper, researchers evaluate 464 million URLs representing nearly 1 million unique domains observed in email messages in a six day period from November 2014. Four methods of customization and randomization of URLs believed to be used by spammers to attempt to increase deliverability of their URLs are explored: domain diversity, hostname wild-carding, path uniqueness, and attribute uniqueness. Implications of the findings suggest improvements for “URL blacklist” methods, methods of sampling to decrease the number of URLs that must be reviewed for safety, as well as presenting some challenges to the ICANN, Registrar, and Email Safety communities.","PeriodicalId":127631,"journal":{"name":"2015 APWG Symposium on Electronic Crime Research (eCrime)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132232369","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Global adversarial capability modeling 全局对抗能力建模
2015 APWG Symposium on Electronic Crime Research (eCrime) Pub Date : 2015-05-26 DOI: 10.1109/ECRIME.2015.7120797
Jonathan M. Spring, Sarah Kern, Alec Summers
{"title":"Global adversarial capability modeling","authors":"Jonathan M. Spring, Sarah Kern, Alec Summers","doi":"10.1109/ECRIME.2015.7120797","DOIUrl":"https://doi.org/10.1109/ECRIME.2015.7120797","url":null,"abstract":"Intro: Computer network defense has models for attacks and incidents comprised of multiple attacks after the fact. However, we lack an evidence-based model the likelihood and intensity of attacks and incidents. Purpose: We propose a model of global capability advancement, the adversarial capability chain (ACC), to fit this need. The model enables cyber risk analysis to better understand the costs for an adversary to attack a system, which directly influences the cost to defend it. Method: The model is based on four historical studies of adversarial capabilities: capability to exploit Windows XP, to exploit the Android API, to exploit Apache, and to administer compromised industrial control systems. Result: We propose the ACC with five phases: Discovery, Validation, Escalation, Democratization, and Ubiquity. We use the four case studies as examples as to how the ACC can be applied and used to predict attack likelihood and intensity.","PeriodicalId":127631,"journal":{"name":"2015 APWG Symposium on Electronic Crime Research (eCrime)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121955979","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Chasing shuabang in apps stores 在应用商店里追逐说邦
2015 APWG Symposium on Electronic Crime Research (eCrime) Pub Date : 2015-05-26 DOI: 10.1109/ECRIME.2015.7120796
Sergio de los Santos, Antonio Guzmán, Chema Alonso, Francisco Gomez-Rodriguez
{"title":"Chasing shuabang in apps stores","authors":"Sergio de los Santos, Antonio Guzmán, Chema Alonso, Francisco Gomez-Rodriguez","doi":"10.1109/ECRIME.2015.7120796","DOIUrl":"https://doi.org/10.1109/ECRIME.2015.7120796","url":null,"abstract":"There are well-known attack techniques that threaten current apps stores. However, the complexity of these environments and their high rate of variability have prevented any effective analysis aimed at mitigating the effects of these threats. In this paper, the analysis performed over one of these techniques, Shuabang, is introduced. The completion of this analysis has been supported by a new tool that facilitates the correlation of large amounts of information from different apps stores.","PeriodicalId":127631,"journal":{"name":"2015 APWG Symposium on Electronic Crime Research (eCrime)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116656709","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Which malware lures work best? Measurements from a large instant messaging worm 哪种恶意软件引诱效果最好?来自大型即时通讯蠕虫的测量结果
2015 APWG Symposium on Electronic Crime Research (eCrime) Pub Date : 2015-05-26 DOI: 10.1109/ECRIME.2015.7120801
T. Moore, R. Clayton
{"title":"Which malware lures work best? Measurements from a large instant messaging worm","authors":"T. Moore, R. Clayton","doi":"10.1109/ECRIME.2015.7120801","DOIUrl":"https://doi.org/10.1109/ECRIME.2015.7120801","url":null,"abstract":"Users are inveigled into visiting a malicious website in a phishing or malware-distribution scam through the use of a `lure' - a superficially valid reason for their interest. We examine real world data from some `worms' that spread over the social graph of Instant Messenger users. We find that over 14 million distinct users clicked on these lures over a two year period from Spring 2010. Furthermore, we present evidence that 95% of users who clicked on the lures became infected with malware. In one four week period spanning May-June 2010, near the worm's peak, we estimate that at least 1.67 million users were infected. We measure the extent to which small variations in lure URLs and the short pieces of text that accompany these URLs affects the likelihood of users clicking on the malicious URL. We show that the hostnames containing recognizable brand names were more effective than the terse random strings employed by URL shortening systems; and that brief Portuguese phrases were more effective in luring in Brazilians than more generic `language independent' text.","PeriodicalId":127631,"journal":{"name":"2015 APWG Symposium on Electronic Crime Research (eCrime)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125892820","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信