The Abuse Sharing Economy: Understanding the Limits of Threat Exchanges

@inproceedings{Thomas2016TheAS,
  title={The Abuse Sharing Economy: Understanding the Limits of Threat Exchanges},
  author={Kurt Thomas and Rony Amira and Adi Ben-Yoash and Ori Folger and Amir Hardon and A. Berger and Elie Bursztein and M. Bailey},
  booktitle={RAID},
  year={2016}
}
The underground commoditization of compromised hosts suggests a tacit capability where miscreants leverage the same machine—subscribed by multiple criminal ventures—to simultaneously profit from spam, fake account registration, malicious hosting, and other forms of automated abuse. To expedite the detection of these commonly abusive hosts, there are now multiple industry-wide efforts that aggregate abuse reports into centralized threat exchanges. In this work, we investigate the potential… Expand
12 Citations
Clairvoyance: Inferring Blocklist Use on the Internet
  • PDF
A different cup of TI? The added value of commercial threat intelligence
  • 2
  • PDF
Reading the Tea leaves: A Comparative Analysis of Threat Intelligence
  • 18
  • Highly Influenced
  • PDF
Blacklists Assemble : Aggregating Blacklists for Accuracy
  • 1
  • PDF
Strategic Aspects of Cyber Risk Information Sharing
  • 21
Network entity characterization and attack prediction
  • 14
  • PDF
Understanding the Mirai Botnet
  • 754
  • PDF
Understanding the Mirai Botnet Manos Antonakakis
  • 4
  • PDF
Towards A User-Level Understanding of IPv6 Behavior
  • 2
  • PDF
...
1
2
...

References

SHOWING 1-10 OF 34 REFERENCES
Characterizing Large-Scale Click Fraud in ZeroAccess
  • 50
  • PDF
Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse
  • 230
  • PDF
Framing Dependencies Introduced by Underground Commoditization
  • 92
  • PDF
Estimating the number of users behind ip addresses for combating abusive traffic
  • 22
  • PDF
Click Trajectories: End-to-End Analysis of the Spam Value Chain
  • 259
  • PDF
Suspended accounts in retrospect: an analysis of twitter spam
  • 444
  • PDF
Measuring Pay-per-Install: The Commoditization of Malware Distribution
  • 273
  • PDF
Peering Through the Shroud: The Effect of Edge Opacity on IP-Based Client Identification
  • 120
  • PDF
Understanding the network-level behavior of spammers
  • 375
  • PDF
...
1
2
3
4
...