Presentation is loading. Please wait.

Presentation is loading. Please wait.

ECrime Research Richard Clayton Luxembourg 11 th May 2010.

Published byDominick Dixon Modified over 9 years ago

Similar presentations

Presentation on theme: "ECrime Research Richard Clayton Luxembourg 11 th May 2010."— Presentation transcript:

1 eCrime Research Richard Clayton Luxembourg 11 th May 2010

2 Today’s talk Who am I? What I’ve been doing in Luxembourg Types of criminality Research challenges Infrastructure Recommendations

3 Malware “Malicious software” (worm/virus/trojan/drive-by-download) CHALLENGES Behavioural analysis (how do we know it’s bad) All samples now unique, so hard to measure any trends Detection (Google’s scanning already a special case) New browser designs for security Hosting providers need detection systems Can we detect bad sites on the wire ?

4 Botnets Swiss-army knife: DDoS, spam, click fraud, fastflux hosting CHALLENGES Identification/interdiction of rendezvous schemes Identification of activity (and C&C) Better counting Disruption/take-over: but complex ethical issues Well trodden area – but new systems all the time

5 Phishing Theft of credentials by impersonation CHALLENGES Measurements of lifetimes, blacklist effectiveness &c Improvements to user interfaces/training Improvements to authentication (PassPet, PAKE) Measuring/detecting man-in-the-browser Measuring/detecting key logging

6 Spam Non-permission based mass messaging CHALLENGES Email spam detection Image spam Reliable measurements Contact forms on websites Blog spam Fake blogs (Google groups etc) Human detection (CAPTCHAs &c)

7 “Hacking” Unauthorised access to computing resources CHALLENGES How can we secure one machine? How can we secure millions of machines How can hosting providers secure thousands of machines How do criminals find vulnerable machines? How can we provide realistic measurements of activity?

8 DDoS Distributed (usually) Denial of Service CHALLENGES Detection of DDoS (at endpoint, on networks, at IXPs) Traceback of attacks Analysis of targets/motivation/capabilities

9 Others Click Fraud- data hard to obtain HYIP- lots of data, trivial problem Fake escrow- limited data, victims secretive 419 scams- extensive data on early stages of scams Lottery scams- hardly studied Fake banks- associated with 419 scams Counterfeit goods- hardly studied

10 Infrastructure Spam mine Network telescope (darknet) Passive DNS Malware collector Blog spam collector Honeypot machines Underground economy monitoring Fuzzers

11 Recommendations Easy to get on the map  Malware, Botnets Well-trodden areas, needing new approaches  Spam, Phishing, Hacking Pattern recognition payoffs  DDoS, Malware/Botnet traffic analysis Virgin territory  Blog spam MSc projects  HYIP  Fake Escrow, etc etc

12 eCrime Research BLOG: http://www.lightbluetouchpaper.org/ PAPERS: http://www.cl.cam.ac.uk/~rnc1/publications.html

Download ppt "ECrime Research Richard Clayton Luxembourg 11 th May 2010."

Similar presentations

Flux in Fraud Infrastructures Minaxi Gupta Computer Science Dept. Indiana University, Bloomington.

Flux in Fraud Infrastructures Minaxi Gupta Computer Science Dept. Indiana University, Bloomington.
K-State IT Security Training Ken Stafford CIO and Vice Provost for IT Services Harvard Townsend Chief Information Security Officer

K-State IT Security Training Ken Stafford CIO and Vice Provost for IT Services Harvard Townsend Chief Information Security Officer
A look into Bullet Proof Hosting November 2014 - DefCamp 5 Silviu Sofronie – Head of Forensics

A look into Bullet Proof Hosting November DefCamp 5 Silviu Sofronie – Head of Forensics
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Understanding Botnets: How Massive Internet Break-Ins Fuel an Underground Economy Jason Franklin and Vern Paxson.

Understanding Botnets: How Massive Internet Break-Ins Fuel an Underground Economy Jason Franklin and Vern Paxson.
BOTNETS/Cyber Criminals  How do we stop Cyber Criminals.

BOTNETS/Cyber Criminals  How do we stop Cyber Criminals.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
1 Understanding Botnet Phenomenon MITP 458 - Kevin Lynch, Will Fiedler, Navin Johri, Sam Annor, Alex Roussev.

1 Understanding Botnet Phenomenon MITP Kevin Lynch, Will Fiedler, Navin Johri, Sam Annor, Alex Roussev.
Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.

Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.
Detecting Botnets Using Hidden Markov Models on Network Traces Wade Gobel Bio-Grid, Summer 2008.

Detecting Botnets Using Hidden Markov Models on Network Traces Wade Gobel Bio-Grid, Summer 2008.
1 Securing the Net: Where the Holes Are Steven M. Bellovin AT&T Labs – Research

1 Securing the Net: Where the Holes Are Steven M. Bellovin AT&T Labs – Research
Botnets Abhishek Debchoudhury Jason Holmes. What is a botnet? A network of computers running software that runs autonomously. In a security context we.

Botnets Abhishek Debchoudhury Jason Holmes. What is a botnet? A network of computers running software that runs autonomously. In a security context we.
CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Issues Raised by ICT.

Issues Raised by ICT.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Sravanthi Vattikuti Sri Harsha Devabhaktuni

Sravanthi Vattikuti Sri Harsha Devabhaktuni
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Botnets An Introduction Into the World of Botnets Tyler Hudak

Botnets An Introduction Into the World of Botnets Tyler Hudak

Similar presentations

Ads by Google