Professor Christin at CyLab Seminar

Time: March 28, 2011 - 12:00 PM - 1:00 PM

Location: DEC@CIC

Description:

Professor Nicolas Christin, Associate Director of the INI, willl be the guest speaker at the CyLab Seminar.The title of his presentation is "Understanding online criminals: Two years of trawling for drugs and pornography on the Internet."

The CyLab seminars take place on Mondays at the Distributed Education Classroom at the Collaborative Innovation Center (DEC@CIC).

Related Links

Speaker: Nicolas Christin

Talk Abstract:

Online crime has undergone an extremely rapid growth in the past decade, and understanding it from an economic and operational standpoint has become a key to trying to turn the tide. In this talk, I will describe two measurement studies that we have conducted to that effect over the past two years.

I first examine "One Click Fraud," an online confidence scam that has been plaguing an increasing number of Japanese Internet users, in spite of new laws and the mobilization of police task forces. In this scam, the victim clicks on a link presented to them, only to be informed that they just entered a binding contract and are required to pay a registration fee for a service. Even though no money is legally owed, a large number of users prefer to pay up, because of potential embarrassment due to the type of service "requested" (primarily pornographic goods). Using public reports of fraudulent websites as a source of data, we analyze over 2,000 reported One Click Frauds incidents. By correlating several attributes (WHOIS data, bank accounts, phone numbers, malware installed...), we discover that a few fraudsters are seemingly responsible for a majority of the scams, and evidence a number of loopholes these miscreants exploit.

The second case study is an investigation of how web search results are manipulated to promote the unauthorized sale of prescription drugs. I will focus on a particular attack where high-ranking websites are compromised to dynamically redirect users to different pharmacies depending on the particular search terms used. Based on our collection of nine months worth of results returned daily by over 200 different queries, I will offer several insights into the nature and dynamics of this form of search engine manipulation, and into the online trade of prescription drugs in general. In particular, I will show that search engine manipulation is considerably much more efficient for attackers than traditional advertising vectors (e.g., spam).