1 / 7

Announcements

Announcements. Blog Projects Next class: spam infrastructure Next next class: Dave Aucsmith. Class Blog! (courtesy C hris Kanich). Please register (available via the syllabus page) Use it to: Follow-up on discussions in class Post interesting Internet crime-related stuff you find

abla
Download Presentation

Announcements

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Announcements Blog Projects Next class: spam infrastructure Next next class: Dave Aucsmith

  2. Class Blog! (courtesy Chris Kanich) • Please register (available via the syllabus page) • Use it to: • Follow-up on discussions in class • Post interesting Internet crime-related stuff you find • Class requirement • Over the course of the quarter, everyone should contribute at least one thoughtful post • Topics could include • New scams you’ve encountered personally • Summary/discussion of interesting stories from online news/blog sites (I’ve posted a list of cyber-crime relevant blogs) • Your own analysis, experiments, thoughts on the readings

  3. Class projects • For those of you taking the class for four units • Solo or group (up to 3 people) • Deliverable is 10-15 minute class presentation • We’ll probably schedule it during the finals period • Topic up to you, but you should discuss with me • Try to decide topic within next two weeks so I can help you with resources, refining, etc • In my experience a couple of these each year are publishable

  4. Some assets • UCSD specific • Spam feed (lots and lots of spam) • Spamscatter database (ip chains and rendered pages of spam urls) • Storm target e-mail addresses (hundreds of millions) • People with some experience (Chris, Brandon, Kirill) • Phishtank (reported phishing sites) • URIBL (domains that appear in spam) • Blacklist sites (jizzillions) • Spamtrackers.eu (identifies different spammers/gangs) • www.blackhatworld.com (browse the forums)

  5. Random topic ideas • Phishing site detection via logo matching (taken) • Measuring site “cloaking” • Different answers based on user-agent string or IP • Literature review of MC/Visa transaction protection • E.g., how does the encrypted PIN block get created? Weaknesses? • Human factors experiment on phishing • Importance of envelope context vs link info vs site appearance in risk judgment • Spam domains? • Mine spam url domains (e.g. via uribl) and look at whois records to characterize… patterns to domain naming, registrar, etc? How long live?

  6. More random ideas Compare overlap between blacklist feeds Build software to “feed” data to form grabber spyware and validate that it works with real spyware Investigate HYIP fraud and write report Characterize generation process for Storm mailing list Document and explain the “wholesale” traffic delivery business (e.g. http://www.trafficdeliver.com/, mediatraffic.com) and the PTC/PTR business See if you can detect vote fraud in youtube (ala youtubeautomator) Do something interesting to analyze Blogspam Get a copy of PRStorm and explain how/why it works…

  7. Next classes • 10/16: Spam infrastructure • Geoff Voelker is guest interlocutor • 10/21: David Aucsmith (Microsoft) • What we know, how we know what we know, and what we do with the information • Navy -> Intel (chief security arch) -> Microsoft (CTO security biz unit), now Sr. Director MS Institute for Adv Tech in Govts • NSA advisory board, Co-chair of FBI IT study group, Secret Service task force on computer-aided counterfeiting, US industry rep to the G8 on high tech crime, etc…

More Related