Instructor: Damon McCoy (mccoy(at)cs.gmu.edu) Grader: Shawn Marsh (smarsh3(at)masonlive.gmu.edu) Time: Tuesday 4:30 pm - 7:10 pm Room: Robinson Hall B111 [map] Office Hours: Tuesday 2:00 pm - 4:00 pm also by appointment Office: 5328 Engineering Building
Course Website: http://www.cs.gmu.edu/~mccoy/crime.html Course Forum: piazza We will be using piazza for discussions on current security topics, and if you have a question this is the best place to ask it. We will check the page regularly and other students will be able to help as well.
Profit-fueled cybercrime drives a large part of the innovation in the cybercrime landscape. Understanding the underlying economics and associated business practices has the potential to identify new methods to intervene at an economic, policy level that might prove far more ef.cient for countering attacks than purely technical measures. This research seminar will delve into our current understanding of the economics of cyber-crime.
Technical understanding of network protocols at a high level (DNS/HTTP/...) and enthusiasm to learn.
| week and date | Topic and Required Reading |
|---|---|
| week 1, Aug. 28th | Course Overview and Introduction to cyber crime |
| week 2, Sept. 4th | Spam Infrastructure and Presentation Assignments Brett Stone-Gross, Thorsten Holz, Gianluca Stringhini, and Giovanni Vigna, The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns, LEET 2011 Chris Kanich, Christian Kreibich, Kiril Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, Stefan Savage, Spamalytics: An Empirical Analysis of Spam Marketing Conversion, CCS 2008 Kiril Levchenko, et al., Click Trajectories: End-to-End Analysis of the Spam Value Chain,S&P 2011 |
| week 3, Sept. 11th | Spam Infrastructure and Revenue Measurements Presenter: Gaurav Singh Kurt Tomas, et al., Suspended Accounts in Retrospect: An Analysis of Twitter Spam, IMC 2011 Presenter: Chris Everett Chris Kanich, et al., Show Me the Money: Characterizing Spam-advertised Revenue, Usenix Security 2011 Presenter: Damon McCoy Damon McCoy, et al., PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs, Usenix Security 2012 Presenter: Andre' Abadie Brett Stone-Gross, et al., The Underground Economy of Fake Antivirus Software, WEIS 2011 |
| week 4, Sept. 18th | Revenue Measurements and Phishing Ross Anderson, et al., Measuring the Cost of Cybercrime, WEIS 2012 Presenter: Randall Sylvertooth Cormac Herley, Why do Nigerian Scammers Say They are from Nigeria? Presenter: Peter Steinmann Rachna Dhamija, Doug Tygar and Marti Hearst, Why Phishing Works, CHI 2006 Presenter: Jackie Jones Steve Sheng, et al.,Who Falls for Phish? A Demographic Analysis of Phishing Susceptibility and Effectiveness of Interventions, CHI 2010 |
| week 5, Sept. 25th | Malware Presenter: Thomas McAfee Chia Yuan Cho, et al., Insights from the Inside: A View of Botnet Management from Infiltration, LEET 2010 Presenter: Chad Andersen Brett Stone-Gross, et al., Your Botnet is My Botnet: Analysis of a Botnet Takeover, CCS 2009 Presenter: Alyssa Krauss Brad Miller, Paul Pearce, Chris Grier, Christian Kreibich, and Vern Paxson, What's Clicking What? Techniques and Innovations of Today's Clickbots, DIMVA 2011 Presenter: Tom Luong Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson, Measuring Pay-per-Install: The Commoditization of Malware Distribution, Usenix Security 2011 |
| week 6, Oct. 2nd | Web Spam Presenter: Elisabetta Rush John P John, Fang Yu, Yinglian Xie, Arvind Krishnamurthy, and Martin Abadi , deSEO: Combating Search-Result Poisoning, Usenix Security 2011 Presenter: Kyle Forsyth David Y. Wang, Stefan Savage, and Geoffrey M. Voelker, Cloak and Dagger: Dynamics of Web Search Cloaking, CCS 2011 Presenter: Faisal Askari Marti Motoyama, Damon McCoy, Kirill Levchenko, Geoffrey M. Voelker, Stefan Savage, Dirty Jobs: The Role of Freelance Labor in Web Service Abuse, Usenix Security 2011 Presenter: Rich Bajusz Gang Wang, et al., Serf and Turf: Crowdturfing for Fun and Profit, WWW 2012 |
| week 7, Oct. 9th | No Class |
| week 8, Oct. 16th | Underground Forums Presenter: Robert Tarlecki Jason Franklin, Vern Paxson, Adrian Perrig, and Stefan Savage, An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants, CCS 2007 Presenter: Jordan Hatchell Marti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage and Geoffrey M. Voelker, An Analysis of Underground Forums, IMC 2011 Presenter: Miroslav Bartik Thorsten Holz, Markus Engelberth, Felix Freiling, Learning More About the Underground Economy: A Case-Study of Keyloggers and Dropzones Presenter: Joshua Franklin Chris Kanich, et al., No Plan Survives Contact: Experience with Cybercrime Measurement, CSET 2011 |
| week 9, Oct. 23rd | Guest Speaker:Brian Krebs |
| week 10, Oct. 30th | Sandy |
| week 11, Nov. 6th | Legal and Ethics Presenter: Dennis Bailey Marti Motoyama, Kirill Levchenko, Chris Kanich, Damon McCoy, Geoffrey M. Voelker, Stefan Savage, Re: CAPTCHAs -- Understanding CAPTCHA Solving from an Economic Context, Usenix Security 2010 Presenter: Will Nguyen iDefense, Money Mules: Sophisticated Global Cyber Criminal Operations, iDefense White Paper, 2006 Presenter: Gena Thorn The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research Presenter: Justin Novak Majid Yar, The Novelty of 'Cybercrime': An Assessment in Light of Routine Activity Theory, European Journal of Criminology, vol. 2, no. 4, pages 407-427, 2005 |
| week 12, Nov. 13th | Politics and E-Crime Presenter: Ahmad Qushmaq Kurt Thomas, Chris Grier, and Vern Paxson, Adapting Social Spam Infrastructure for Political Censorship, LEET 2012 Presenter: Franklin Cui Stuxnet (Stuxnet Under the Microscope, Bruce Schneier on Stuxnet) Presenter: Matthew Jablonski Flame(sKyWIper (a.k.a. Flame a.k.a. Flamer): A complex malware for targeted attacks, Budapest University of Technology and Economics, Meet Flame, The Massive Spy Malware Infiltrating Iranian Computers, Wired Presenter: Shiva Ghaemi Hong Lu, Et al., A Comparative Analysis of Cybercrimes and Governmental Law Enforcement in China and the United States,Asian Journal of Criminology, vol. 5, no. 2, pages 123-135, 2010 |
| week 13, Nov. 20th | Fraud Presenter: Alex Mbaziira Chris Grier+16, Manufacturing Compromise: The Emergence of Exploit-as-a-Service, CCS 2012 Presenter: Maureen Guild Tyler Moore, Jie Han and Richard Clayton, The Postmodern Ponzi Scheme: Empirical Analysis of High-Yield Investment Programs, FC 2012 Presenter: Ahmed S Ahmed Yi-Min Wang, et al., Spam Double-Funnel: Connecting Web Spammers with Advertisers, WWW 2007 Presenter: Atul Darooka Grant Jordan, Stealing Profits from Stock Market Spammers, DefCon 2009 |
| week 14, Nov. 27th | Effectiveness of Interventions Presenter: Hamza Sirag Jart Armin, et al., Tracking the Russian Business Network (RBN), 2007 Presenter: Jon Shutt Kim Zetter, I Was a Cybercrook for the FBI, 2007 Presenter: Mohammad Karami He Liu, et al., On the Effects of Registrar-level Intervention, LEET 2011 Presenter: Nihant Mineshafts on Treasure Island: A Relief Map of the eBay Fraud Landscape |
| week 15, Dec. 4th | Final Project Presentations |
| week 16, Dec. 11th | Final Paper due at 10pm |