• Publications
  • Influence
Understanding the Mirai Botnet
TLDR
The Mirai botnet, composed primarily of embedded and IoT devices, took the Internet by storm in late 2016 when it overwhelmed several high-profile targets with massive distributed denial-of-service (DDoS) attacks. Expand
  • 700
  • 86
  • PDF
@spam: the underground on 140 characters or less
TLDR
In this work we present a characterization of spam on Twitter. Expand
  • 560
  • 64
  • PDF
Suspended accounts in retrospect: an analysis of twitter spam
TLDR
In this study, we examine the abuse of online social networks at the hands of spammers through the lens of the tools, techniques, and support infrastructure they rely upon. Expand
  • 438
  • 49
  • PDF
Design and Evaluation of a Real-Time URL Spam Filtering Service
TLDR
We present Monarch, a real-time system that crawls URLs as they are submitted to web services and determines whether the URLs direct to spam. Expand
  • 454
  • 30
  • PDF
Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse
TLDR
We investigate the market for fraudulent Twitter accounts to monitor prices, availability, and fraud perpetrated by 27 merchants over the course of a 10-month period. Expand
  • 226
  • 18
  • PDF
Manufacturing compromise: the emergence of exploit-as-a-service
TLDR
We investigate the emergence of the exploit-as-a-service model for driveby browser compromise. Expand
  • 218
  • 17
  • PDF
Neither Snow Nor Rain Nor MITM...: An Empirical Analysis of Email Delivery Security
TLDR
The SMTP protocol is responsible for carrying some of users' most intimate communication, but like other Internet protocols, authentication and confidentiality were added only as an afterthought. Expand
  • 80
  • 14
  • PDF
Ad Injection at Scale: Assessing Deceptive Advertisement Modifications
TLDR
In this work we illuminate the scope and negative impact of one of these forms, ad injection, in which users have ads imposed on them in addition to, or different from, those that websites originally sent them. Expand
  • 79
  • 9
  • PDF
Consequences of Connectivity: Characterizing Account Hijacking on Twitter
TLDR
In this paper, we expose the serious large-scale threat of criminal account hijacking and the resulting damage incurred by users and web services. Expand
  • 58
  • 9
  • PDF
Investigating Commercial Pay-Per-Install and the Distribution of Unwanted Software
TLDR
In this work, we explore the ecosystem of commercial pay-per-install (PPI) and the role it plays in the proliferation of unwanted software. Expand
  • 51
  • 9
  • PDF