1 / 17

Click Trajectories: End-to-End Analysis of the spam value chain

Click Trajectories: End-to-End Analysis of the spam value chain. Kirill Levchenko , Andreas Pitsillidis , Neha Chachra , Brandon Enright , Tristan Halvorson , Chris Kanich , He Liu , Damon McCoy , Geoffrey M. Voelker , Stefan Savage Dept. of CSEE University of California, San Diego

darius
Download Presentation

Click Trajectories: End-to-End Analysis of the spam value chain

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Click Trajectories: End-to-End Analysis of the spam value chain Kirill Levchenko , Andreas Pitsillidis , Neha Chachra , Brandon Enright , Tristan Halvorson , Chris Kanich , He Liu , Damon McCoy , Geoffrey M. Voelker , Stefan Savage Dept. of CSEE University of California, San Diego M. Felegyhazi Budapest University of Technology and Economics Chris Grier Dept. of CSEE University of California, Berkeley Christian Kreibich , Nicholas Weaver , Vern Paxson International Computer Science Institute Berkeley , CA Presented by Xinruo Zhang 04/04/2012

  2. Outline • Introduction • Implementation • Analysis for a particular example • Data collection method • Contribution • Weakness & improvement

  3. Introduction • Spam-based advertising to us • Think of it merely as junk that jamming inbox • To spammer • Think it is a multi-million business • Spam value chain (aka Spam ecosystem) • botnet, domain, name server, web server, hosting or proxy service acquired

  4. Introduction (cont’d) • Three categories of spam-advertised products • Illegal pharmaceuticals, replica luxury goods and counterfeit software • Nearly 95% of spam-advertised emails contains these three popular products

  5. Implementation • How modern spam works? • Advertising, Click Support and Realization • Advertising • Includes all activities focused on attracting potential customers to pay attention to what the spammers want to sell • The most evolved part of the spam ecosystem, particularly, the delivery of email spam

  6. Implementation • Click Support • In this stage, having delivered their advertisement, a spammer entice the receiver into clicking an embedded URL with their best effort. • Redirection sites, Domains, Name servers, Webs servers, and affiliate programs

  7. Implementation • Click Support • Redirection sites: redirect to additional URLs. Because some spammers directly advertise a URL embedded in email and thus they would encounter various of defensive measures to interfere their activities.

  8. Implementation • Click Support • Domain: typically, a spammer may purchase domains directly from a registrar, however, in real life, they frequently purchase from reseller. • Name server: any registered domain in turn have supporting name server infrastructure. Get infrastructure either by themselves or by third party.

  9. Implementation • Click Support • Stores and Affiliate programs • Today spammers work as affiliates of an online store, earns a commission • The affiliate program provides all technique and materials • Furthermore, affiliate programs even take responsibility for payment and fulfillment service

  10. Implementation • Realization • have brought the customers to an advertised site, the seller realizes the latent value by acquiring the customer’s payment • it contains two processes: Payment service and Fulfillment service

  11. Implementation • Payment service • Standard credit card payment • In order to get the most value • Issuing bank • Customer’s bank • Acquiring bank • Merchant’s bank • Card association network • Visa or MasterCard

  12. Implementation • Fulfillment • Fulfill an order in return for customer’s payment • Shipping issue • Suppliers will offer direct shipping service so affiliate program can avoid warehousing • Virtual products can be got via internet download

  13. Practical Example

  14. Data Collection Method

  15. Data Collection Method

  16. Contribution • Lack a solid understanding of the spam-based enterprise’s full structure before • And most anti-spam interventions focus on only one facet of the overall spam value chain • authors present a whole analysis for spam ecosystem with large-scale practical study

  17. Weakness & Improvement • lack of legal and ethical concerns • For some issue concerns the ethics of any implicit harm caused by criminal supplier • only have one medium – email spam • Consider twitter spam, other social network spam

More Related