Click here to receive your FREE subscription to Campus Technology
News
CMU Research Team Analyzes Internet 'Miscreants'
11/9/2007
A team lead by Carnegie Mellon computer science researchers has developed computer tools capable of following the operations of electronic black markets for viruses, stolen data, and attack services.Adrian Perrig, a CMU associate professor of electrical and computer engineering and public policy has led a team that developed the automated techniques to measure activities of spammers, virus writers, and identity thieves. In addition to Perrig, the team included Jason Franklin, a Ph.D. student in computer science, Vern Paxon of the International Computer Science Institute, and Stefan Savage of the University of California, San Diego.
The researchers estimated that more than $37 million in software tools for malicious programming were available for sale during their seven-month study period. During that time, more than 80,000 potential credit card numbers were available through "illicit underground Web economies," Franklin told the CMU press office.
The researchers found that buyers of malicious software tools and services would normally contact black market vendors using e-mail or instant messaging. Money generally changed hands through non-bank payment services such as e-gold, making the criminals difficult to track.
"These troublesome entrepreneurs even offer tech support and free updates for their malicious creations that run the gamut from denial of service attacks designed to overwhelm Web sites and servers to data stealing Trojan viruses," said Perrig.
The researchers proposed approaches to thwart black marketers, including slander attacks designed to undercut a vendor's reputation in the black market. "Just like you need to verify that individuals are honest on eBay, online criminals need to verify that they are dealing with 'honest' criminals," Franklin said.
In a slander attack, an attacker discounts the verified status of a buyer or seller through false defamation. "By eliminating the verified status of the honest individuals, an attacker establishes a 'lemon' market where buyers are unable to distinguish the quality of the goods or services," Franklin said.
Perrig's team also developed a technique to establish fake verified-status identities that are difficult to distinguish from other verified-status sellers, which makes it hard for buyers to identify honest verified-status sellers from dishonest verified-status sellers.
"So, when the unwary buyer tries to collect the goods and services promised, the seller fails to provide the goods and services. Such behavior is known as 'ripping.' And it is the goal of all black market site's verification systems to minimize such behavior," said Franklin.
"We believe these black markets are growing, so we will have even more incidents to monitor and study in the future," Perrig said.
Read More:
- Full Report: An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants (PDF)
Paul McCloskey is a contributing editor for the Campus Technology group of publications.
Cite this Site
copy text (above) for proper citation
Recommended Reading
- SUNY's Binghamton Monitors Network with Lancope's StealthWatch
Binghamton University, part of the State University of New York (SUNY) system, is using StealthWatch from Lancope to help streamline network management, control, and security with visibility of network behavior. Binghamton has an IT network that spans 20,000 client endpoints and six geographic locations. After contending with worm propagation and other security threats that affected network performance, the university's network management team sought a way to increase visibility of network traffic and analyze network behavior for potential threats.
- U Florida and Cyntellect Collaborate to Unlock Mysteries of Cancer Stem Cells
The University of Florida has entered into a research agreement with life sciences company Cyntellect. The university's Interdisciplinary Center for Biotechnology Research will work with the company to focus on a variety of research areas including the purification and analysis of cancer stem cells (CSCs), rare cells believed to be directly involved in propagating cancers.
- George Mason U Receives Grant To Deploy Intergraph Apps for Intelligence Curriculum
George Mason University (GMU) in Fairfax, VA has been awarded a grant from Intergraph to enable students enrolled in GMU's Geospatial Intelligence Graduate Certificate program to use the company's geospatial production and exploitation software as part of their core curriculum.
- Institute for Cyber Security at U Texas, San Antonio Opens Incubator
The University of Texas at San Antonio (UTSA) Institute for Cyber Security (ICS) has launched a new Internet security incubator. The incubator was developed to commercialize promising technologies that address major cyber security and privacy issues. The first companies to enter the incubator are Denim Labs and SafeMashups.
- ISO/IEC Publishes Office Open XML Standard
ISO/IEC has published the Office Open XML (OOXML) file format standard, formally known as ISO/IEC 29500:2008. It describes file formats originally designed by Microsoft for its Office 2007 productivity suite, which are used in presentation, spreadsheet and word processing applications.
- Dynamics NAV 2009 ERP Coming Next Month
Microsoft exec Kirill Tatarinov Wednesday described some new features to expect in the forthcoming Microsoft Dynamics NAV 2009 enterprise resource planning solution. He gave the keynote address at Microsoft's Convergence 2008 event in Copenhagen, Denmark.
