TorrentGuard: Stopping scam and malware distribution in the BitTorrent ecosystem

@article{Rumn2014TorrentGuardSS,
  title={TorrentGuard: Stopping scam and malware distribution in the BitTorrent ecosystem},
  author={Rub{\'e}n Cuevas Rum{\'i}n and Michal Kryczka and Roberto Gonzalez and {\'A}ngel Cuevas and Arturo Azcorra},
  journal={Comput. Networks},
  year={2014},
  volume={59},
  pages={77-90}
}
In this paper we conduct a large scale measurement study in order to analyse the fake content publishing phenomenon in the BitTorrent ecosystem. Our results reveal that fake content represents an important portion (35%) of those files shared in BitTorrent and just a few tens of users are responsible for 90% of this content. Furthermore, more than 99% of the analysed fake files are linked to either malware or scam websites. This creates a serious threat for the BitTorrent ecosystem. To address… 
Unveiling the Incentives for Content Publishing in Popular BitTorrent Portals
TLDR
It is demonstrated that profit-driven publishers attract more loyal consumers than altruistic top publishers, whereas the latter have a larger fraction of loyal consumers with a higher degree of loyalty than the former.
A Cause-Based Classification Approach for Malicious DNS Queries Detected Through Blacklists
TLDR
This paper proposes an approach for classifying malicious DNS queries detected through blacklists by their causes, and indicates that administrators can briefly pursue all the causes by investigating only representative queries of each cluster, and thereby swiftly address the problem of infected machines in the network.
Clustering Malicious DNS Queries for Blacklist-Based Detection
TLDR
A malicious DNS query clustering approach for blacklist-based detection and causebased classification can efficiently analyze malware communications, allowing infected machines in the network to be addressed swiftly.
Predict Malicious Torrents online
Torrent has become a more and more popular way for users to share large files. Since files are break to pieces when downloaded from a torrent, it makes it possible for malicious files to be hidden
Understanding the detection of fake view fraud in Video Content Portals
TLDR
This paper evaluates the performance of the audit systems of five major online video portals and reveals that YouTube's detection system significantly outperforms all the others, despite this, a systematic evaluation indicates that it may still be susceptible to simple attacks.
Experimental analysis of the socio-economic phenomena in the BitTorrent ecosystem
BitTorrent is the most successful Peer-to-Peer (P2P) application and is responsible for a major portion of Internet traffic. It has been largely studied using simulations, models and real
TESIS DOCTORAL E XPERIMENTAL ANALYSIS OF THE SOCIO-ECONOMIC PHENOMENA IN THE BITTORRENT ECOSYSTEM
TLDR
The factors that seem to drive the popularity of the BitTorrent and, as a result, could affect its associated traffic in the Internet are focused on.
Understanding the Detection of View Fraud in Video Content Portals
TLDR
This paper evaluates the performance of the audit systems of five major online video portals and reveals that YouTube's detection system significantly outperforms all the others, but a systematic evaluation indicates that it may still be susceptible to simple attacks.
Who Watches the Watchmen: Exploring Complaints on the Web
TLDR
Critical light is shed on how complaints are issued, who they pertain to and which domains go offline shortly after complaints are generated.
Global Information Assurance Certification Paper
Every organization is at risk for zero-day exploits regardless of size. These exploits will often circulate for months until the vulnerability is made public, leaving organizations unprotected. This
...
1
2
...

References

SHOWING 1-10 OF 49 REFERENCES
A study of malware in peer-to-peer networks
TLDR
A useful insight into filtering malware is provided: filtering downloads based on the most commonly seen sizes of the most popular malware could block a large portion of malicious files with a very low rate of false positives.
Spying the World from Your Laptop: Identifying and Profiling Content Providers and Big Downloaders in BitTorrent
TLDR
It is shown that a few content providers inject most contents into BitTorrent and that those content providers are located in foreign data centers and that infringement on users' privacy poses a significant impediment to the legal adoption of BitTorrent.
One Bad Apple Spoils the Bunch: Exploiting P2P Applications to Trace and Profile Tor Users
TLDR
It is shown that linkability allows us to trace 193% of additional streams, including 27% of HTTP streams possibly originating from "secure" browsers, and results suggesting the existence of an underground BitTorrent ecosystem on Tor are presented.
A Crawler-based Study of Spyware in the Web
TLDR
This paper performs a large-scale, longitudinal study of the Web, sampling both executables and conventional Web pages for malicious objects, and quantifies the density of spyware, the types of of threats, and the most dangerous Web zones in which spyware is likely to be encountered.
Malware prevalence in the KaZaA file-sharing network
TLDR
Using a light-weight crawler built for the KaZaA file-sharing network, this work finds that over 15% of the crawled files were infected by 52 different viruses, many of which open a backdoor through which an attacker can remotely control the compromised machine, send spam, or steal a user's confidential information.
Unraveling the BitTorrent Ecosystem
TLDR
This work develops a high-performance tracker crawler, and over a narrow window of 12 hours, crawl essentially all of the public BitTorrent Ecosystem's trackers, obtaining peer lists for all referenced torrents.
Measuring the bittorrent ecosystem: Techniques, tips, and tricks
TLDR
The first survey of macroscopic, microscopic, and complementary measurement techniques that constitutes a first step in the design of future measurement techniques and tools for analyzing large-scale systems are presented.
An Analysis of BitTorrent’s Two Kademlia-Based DHTs
TLDR
It is shown that Kademlia’s lack of iterative routing and its lack of a preferential refresh of its local ne ighborhood cause correctness problems and poor performance in these DHTs.
Deep diving into BitTorrent locality
TLDR
This work attempts to deepen and scale the understanding of locality and its potential, and considers tens of thousands of concurrent torrents, to capture ISP-wide implications that cannot be appreciated by looking at only a handful of torrents.
Deep diving into BitTorrent locality
TLDR
This work attempts to deepen and scale the understanding of locality and its potential, and considers tens of thousands of concurrent torrents, to capture ISP-wide implications that cannot be appreciated by looking at only a handful of torrents.
...
1
2
3
4
5
...