DOCSLIB.ORG

Internet Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Internet Security In the News Articles in the news from the past month • “Security shockers: 75% of US bank websites Internet Security have flaws” • “Blank robbers swipe 3,000 ‘fraud-proof’ UK passports” • “Korean load sharks feed on hacked data” • “Worms spread via spam on Facebook and Nan Niu ([email protected]) MySpace” CSC309 -- Fall 2008 • “Beloved websites riddled with crimeware” • “Google gives GMail always-on encryption” http://www.theregister.co.uk 2 New Targets of 2007 Scenario 1 • Cyber criminals and cyber spies have • The Chief Information Security Officer shifted their focus again of a medium sized, but sensitive, federal – Facing real improvements in system and agency learned that his computer was network security sending data to computers in China. • The attackers now have two new targets • He had been the victim of a new type of spear phishing attack highlighted in this – users who are easily misled year’s Top 20. – custom-built applications • Once they got inside, the attackers had • Next, 4 exploits scenarios… freedom of action to use his personal • Reported by SANS (SysAdmin, Audit, Network, computer as a tunnel into his agency’s Security), http://www.sans.org systems. 3 4 Scenario 2 Scenario 3 • Hundreds of senior federal officials and business • A hospital’s website was compromised executives visited a political think-tank website that had been infected and caused their computers to because a Web developer made a become zombies. programming error. • Keystroke loggers, placed on their computers by the • Sensitive patient records were taken. criminals (or nation-state), captured their user names and passwords when their stock trading accounts and • When the criminals proved they had the their employers computers, and sent the data to data, the hospital had to choose between computers in different countries. paying extortion or allowing their • Bank balances were depleted; stock accounts lost money; servers inside their organizations were patients health records to be spread all compromised and sensitive data was copied and sent to over the Internet. outsiders. • Back doors were placed on some of those computers are still there. 5 6 1 Scenario 4 Top 20 Internet Security Risks of • A teenager visits a website that exploits the old 2007 Reported by SANS version of her media player that she never updated. • She didn’t do anything but visit the site; the video • Client-side • Server-side started up automatically when the page opened. Vulnerability in: Vulnerability in: – C1. Web Browsers – S1. Web Applications • The attackers put a keystroke logger on her – C2. Office Software – S2. Windows Services computer. – C3. Email Client – S3. Unix and Mac OS • Her father used the same computer to access the – C4. Media Players Services family bank account. – S4. Backup Software • The attackers got his user name and password and – S5. Anti-virus Software emptied his bank account (the bank reimbursed him). – S6. Management • US law enforcement officials followed the money Servers and found that it ended up in an account being used – S7. Database Software by a terrorist group that recruits suicide bombers. 7 8 Top 20 of 2007 (Cont’d) C1. Web Browsers • Microsoft Internet Explorer (IE) – World’s most popular Web browser • Security Policy and • Application Abuse: – Un-patched or older versions of IE: memory Personnel: – A1. Instant Messaging corruption, spoofing and execution of arbitrary – H1. Excessive User – A2. Peer-to-peer scripts or code Rights and Programs – The most critical issue: allowing remote code Unauthorized Devices • Network Devices: – H2. Phishing/Spear execution without any user interaction when a user – N1. VoIP Servers and visits a malicious Web page or reads a malicious Phishing Phones – H3. Unencrypted email Laptops and Removable • Zero Day Attacks: – IE has been leveraged to exploit vulnerabilities in Media – Z1. Zero Day Attacks other core Windows components such as HTML Help and the Graphics Rendering Engine and hundreds of vulnerabilities in ActiveX controls installed by Microsoft and other software vendors • Mozilla Firefox, the 2nd most popular browser, 9 has its fair share of vulnerabilities too 10 C1. Web Browsers (Cont’d) S1. Web Applications • Increase in the number of Browser Helper Object and third-party plug-ins – Inspired by the offering of rich content in websites – Used to access various MIME file types (multimedia documents) – Plug-ins often support client-side Web scripting languages • Web application/framework security defects • Macromedia Flash or Shockware – Ranging from insufficient validation to application logic – Installed (semi-)transparently by a website errors • Users may not even be aware that an at-risk – Frameworks: PHP, .NET, J2EE, ColdFusion, etc. helper object or plug-in is installed on his/her • Most exploited types of vulnerabilities system – SQL Injection • The additional plug-ins introduce more avenues for – Cross-Site Scripting (XSS) hackers to exploit and compromise users’ – Cross-Site Request Forgeries (CSRF) computers while visiting malicious websites – PHP Remote File Inclusion 11 12 2 S7. Database Software Z1. Zero-day Attack • The most common vulnerabilities in database • A computer threat that exposes undisclosed or systems are: unpatched computer application vulnerabilities – Use of default configurations with default user • Zero-day attack take advantage of computer names and passwords security holes for which no solution is – SQL Injection via the database’s own tools, third- currently available party applications or Web front-ends added by users • A.k.a. Zero-hour Attack • Huge number of vulnerabilities in this class are announced every year • Use of weak passwords for privileged accounts • Buffer overflows in processes that listen on well-known ports 13 14 Passerby Attack (Shoulder- Common Attacks Overview surfing) • What is it? • Using direct observation techniques, such as • What are commonly used techniques? looking over someone’s shoulder, to get information • What are the damages caused by the attack? • What are the responses to the attack? – Social – Technical – Legal – … 15 16 Malware and Spam Denial of Service (DoS) Attacks • Distribution of malware • Common attack method – Virus, Trojans, keyloggers, spyware, adware, – Saturating the target (victim) machine with external rootkits communications requests • Spam – Such that it cannot respond to legitimate traffic in reasonable time – Unsolicited or undesired bulk of electronic messages – Email spam • Common implementations – Mobile phone spam – Forcing the targeted computer(s) to reset, or consume its resources such that it can no longer – Forum spam provide its intended service – Messaging spam (SPIM) – Obstructing the communication media between the – … intended users and the victim so that they can no longer communicate adequately 17 18 3 Spoofing Attacks Phishing Attack • A situation in which one person or program • Attempts to lure users into revealing her passwords or successfully masquerades as another by other confidential information by masquerading as a falsifying data and thereby gaining an trustworthy entity in an electronic communication – The word “phishing” was first used around 1996 when hackers illegitimate advantage began stealing AOL accounts by sending email to AOL users, – In the network security context that appeared to come from AOL – Variant of “fishing”: alludes to baits used to “capture” financial • Sample methods information and passwords – Man-in-the-Middle attack • A form of Identity Theft – Phishing – Most major banks in US, UK, and AUS have been hit – Login spoofing • Phishing technqiues – Link manipulation – Filter evasion – Phone phishing 19 – … 20 Identity Theft Spear Phishing Attack • Describe an action where a person uses the • A highly targeted phishing attack identity of another to fraudulently obtain • Spear phishers send emails that include credit, goods, services, or to commit crimes information about stuff or current • Examples of these crimes are bank and credit organizational issues that make it appear card fraud, wire fraud, mail fraud, money genuine to employees or members within a laundering, bankruptcy fraud, and computer certain company, government agency, crimes organization, or group • Anti-phishing • UofT alert (http://www.news.utoronto.ca/campus- news/u-of-t-computer-staff-warn-of-phishing-scams.html) – April-May 2008, more than 2,000 UTORmail customers received an email that looked as if it came from the university’s help desk – Asking for user IDs and passwords 21 22 SQL Injection A Picture is Worth a Thousand Words • Injections are possible due to intermingling of user supplied data within dynamic queries or within poorly constructed stored procedures – Incorrectly filtered escape characters – Incorrect type handling • Examples – statement := “SELECT * FROM users WHERE name = ‘ ” + userName + “ ‘; ” – userName being “ a’; DROP TABLE users’ ” • SQL injections allow attackers: – To create, read, update, or delete any arbitrary data available to the application – In the worst case, to completely compromise the database system and systems around it 23 24 4 Attack Prevention Measures JavaScript Security Policy • You cannot control that which you cannot • Set of rules governing what scripts can measure! do under what circumstances – JavaScript Security Model – For example, to prohibit JavaScript Web pages from accessing to the local file system – Secure Sockets Layer (SSL) • If not, any Web page you visit could potentially – Secure Java Programming steal or
Load more

Recommended publications
  • A Rule Based Approach for Spam Detection
    A RULE BASED APPROACH FOR SPAM DETECTION Thesis submitted in partial fulfillment of the requirements for the award of degree of Master of Engineering In Computer Science & Engineering By: Ravinder Kamboj (Roll No. 800832030) Under the supervision of: Dr. V.P Singh Mrs. Sanmeet Bhatia Assistant Professor Assistant Professor Computer Science & Engineering Department of SMCA COMPUTER SCIENCE AND ENGINEERING DEPARTMENT THAPAR UNIVERSITY PATIALA – 147004 JULY- 2010 i ii Abstract Spam is defined as a junk Email or unsolicited Email. Spam has increased tremendously in the last few years. Today more than 85% of e-mails that are received by e-mail users are spam. The cost of spam can be measured in lost human time, lost server time and loss of valuable mail. Spammers use various techniques like spam via botnet, localization of spam and image spam. According to the mail delivery process anti-spam measures for Email Spam can be divided in to two parts, based on Emails envelop and Email data. Black listing, grey listing and white listing techniques can be applied on the Email envelop to detect spam. Techniques based on the data part of Email like heuristic techniques and Statistical techniques can be used to combat spam. Bayesian filters as part of statistical technique divides the income message in to words called tokens and checks their probability of occurrence in spam e-mails and ham e-mails. Two types of approaches can be followed for the detection of spam e-mails one is learning approach other is rule based approach. Learning approach required a large dataset of spam e-mails and ham e-mails is required for the training of spam filter; this approach has good time characteristics filter can be retrained quickly for new Spam.
    [Show full text]
  • Address Munging: the Practice of Disguising, Or Munging, an E-Mail Address to Prevent It Being Automatically Collected and Used
    Address Munging: the practice of disguising, or munging, an e-mail address to prevent it being automatically collected and used as a target for people and organizations that send unsolicited bulk e-mail address. Adware: or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used. Some types of adware are also spyware and can be classified as privacy-invasive software. Adware is software designed to force pre-chosen ads to display on your system. Some adware is designed to be malicious and will pop up ads with such speed and frequency that they seem to be taking over everything, slowing down your system and tying up all of your system resources. When adware is coupled with spyware, it can be a frustrating ride, to say the least. Backdoor: in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device. A back door is a point of entry that circumvents normal security and can be used by a cracker to access a network or computer system. Usually back doors are created by system developers as shortcuts to speed access through security during the development stage and then are overlooked and never properly removed during final implementation.
    [Show full text]
  • Adversarial Web Search by Carlos Castillo and Brian D
    Foundations and TrendsR in Information Retrieval Vol. 4, No. 5 (2010) 377–486 c 2011 C. Castillo and B. D. Davison DOI: 10.1561/1500000021 Adversarial Web Search By Carlos Castillo and Brian D. Davison Contents 1 Introduction 379 1.1 Search Engine Spam 380 1.2 Activists, Marketers, Optimizers, and Spammers 381 1.3 The Battleground for Search Engine Rankings 383 1.4 Previous Surveys and Taxonomies 384 1.5 This Survey 385 2 Overview of Search Engine Spam Detection 387 2.1 Editorial Assessment of Spam 387 2.2 Feature Extraction 390 2.3 Learning Schemes 394 2.4 Evaluation 397 2.5 Conclusions 400 3 Dealing with Content Spam and Plagiarized Content 401 3.1 Background 402 3.2 Types of Content Spamming 405 3.3 Content Spam Detection Methods 405 3.4 Malicious Mirroring and Near-Duplicates 408 3.5 Cloaking and Redirection 409 3.6 E-mail Spam Detection 413 3.7 Conclusions 413 4 Curbing Nepotistic Linking 415 4.1 Link-Based Ranking 416 4.2 Link Bombs 418 4.3 Link Farms 419 4.4 Link Farm Detection 421 4.5 Beyond Detection 424 4.6 Combining Links and Text 426 4.7 Conclusions 429 5 Propagating Trust and Distrust 430 5.1 Trust as a Directed Graph 430 5.2 Positive and Negative Trust 432 5.3 Propagating Trust: TrustRank and Variants 433 5.4 Propagating Distrust: BadRank and Variants 434 5.5 Considering In-Links as well as Out-Links 436 5.6 Considering Authorship as well as Contents 436 5.7 Propagating Trust in Other Settings 437 5.8 Utilizing Trust 438 5.9 Conclusions 438 6 Detecting Spam in Usage Data 439 6.1 Usage Analysis for Ranking 440 6.2 Spamming Usage Signals 441 6.3 Usage Analysis to Detect Spam 444 6.4 Conclusions 446 7 Fighting Spam in User-Generated Content 447 7.1 User-Generated Content Platforms 448 7.2 Splogs 449 7.3 Publicly-Writable Pages 451 7.4 Social Networks and Social Media Sites 455 7.5 Conclusions 459 8 Discussion 460 8.1 The (Ongoing) Struggle Between Search Engines and Spammers 460 8.2 Outlook 463 8.3 Research Resources 464 8.4 Conclusions 467 Acknowledgments 468 References 469 Foundations and TrendsR in Information Retrieval Vol.
    [Show full text]
  • A Survey on Spam Detection Techniques
    ISSN (Online) : 2278-1021 ISSN (Print) : 2319-5940 International Journal of Advanced Research in Computer and Communication Engineering Vol. 3, Issue 12, December 2014 A survey on spam detection techniques Anjali Sharma1, Manisha 2, Dr.Manisha 3 , Dr.Rekha Jain 4 1,2,3,4 Bansthali Vidyapith, Jaipur Campus, India Abstract: Today e-mails have become one of the most popular and economical forms of communication for Internet users. Thus due to its popularity, the e-mail is going to be misused. One such misuse is the posting of unwelcome, unwanted e-mails known as spam or junk e-mails [1]. E-mail spam has various consequences. It reduces productivity, takes extra space in mail boxes, extra time, extend software damaging viruses, and materials that contains potentially harmful information for Internet users, destroy stability of mail servers, and as a result users spend lots of time for sorting incoming mail and deleting unwanted correspondence. So there is a need of spam detection so that its consequences can be reduced [2]. In this paper, we present various spam detection techniques. Keywords: Spam, Spam detection techniques, Email classification I. INTRODUCTION Spam refers to unsolicited commercial email. Also known firewalls; therefore, it is an especially useful way for as junk mail, spam floods Internet users’ electronic spammers. It targets the users when they join any chat mailboxes. These junk mails can contain various types of room to find new friends. It spoils enjoy of people and messages such as pornography, commercial advertising, waste their time also. doubtful product, viruses or quasi legal services [3].
    [Show full text]
  • Before the FEDERAL COMMUNICATIONS COMMISSION Washington, D.C
    Before the FEDERAL COMMUNICATIONS COMMISSION Washington, D.C. 20554 In the Matter of ) Petition of Twilio Inc. for an Expedited ) WT Docket No. 08-7 ) Declaratory Ruling Stating That Messaging Services Are Title II Services ) ) REPLY COMMENTS OF MOBILE FUTURE Mobile Future submits these reply comments opposing the Petition for Expedited Declaratory Ruling of Twilio Inc.1 in the above referenced docket, which seeks counterproductive common carrier regulation of some forms of mobile messaging, but not others. Mobile messaging has become an integral method of communication for American consumers. Consumers rely on messaging not only to stay in touch with relatives and friends, but also to conduct business and receive critical information, such as emergency and medical alerts. Messaging exists as we know it today in part because of the proactive efforts the industry has taken to ensure that the platform remains free from spam and harmful, unwanted communications such as phishing attempts or those that contain malware. Twilio’s Petition to treat messaging as a common carrier service would disrupt those spam filtering efforts, and could cause consumers to be inundated with unwanted communications. Twilio’s Petition similarly fails as a matter of law, and should therefore be rejected. 1 Petition of Twilio, Inc. for an Expedited Declaratory Ruling Stating That Messaging Services Are Title II Services (filed Aug. 28, 2015). I. CONSUMERS RELY ON AN UNPRECEDENTED NUMBER OF OPTIONS TO COMMUNICATE VIA MOBILE TEXT Mobile messaging has quickly become
    [Show full text]
  • Battling the Internet Water Army: Detection of Hidden Paid Posters
    Battling the Internet Water Army: Detection of Hidden Paid Posters Cheng Chen Kui Wu Venkatesh Srinivasan Xudong Zhang Dept. of Computer Science Dept. of Computer Science Dept. of Computer Science Dept. of Computer Science University of Victoria University of Victoria University of Victoria Peking University Victoria, BC, Canada Victoria, BC, Canada Victoria, BC, Canada Beijing, China Abstract—We initiate a systematic study to help distinguish on different online communities and websites. Companies are a special group of online users, called hidden paid posters, or always interested in effective strategies to attract public atten- termed “Internet water army” in China, from the legitimate tion towards their products. The idea of online paid posters ones. On the Internet, the paid posters represent a new type of online job opportunity. They get paid for posting comments is similar to word-of-mouth advertisement. If a company hires and new threads or articles on different online communities enough online users, it would be able to create hot and trending and websites for some hidden purposes, e.g., to influence the topics designed to gain popularity. Furthermore, the articles opinion of other people towards certain social events or business or comments from a group of paid posters are also likely markets. Though an interesting strategy in business marketing, to capture the attention of common users and influence their paid posters may create a significant negative effect on the online communities, since the information from paid posters is usually decision. In this way, online paid posters present a powerful not trustworthy. When two competitive companies hire paid and efficient strategy for companies.
    [Show full text]
  • The History of Digital Spam
    The History of Digital Spam Emilio Ferrara University of Southern California Information Sciences Institute Marina Del Rey, CA [email protected] ACM Reference Format: This broad definition will allow me to track, in an inclusive Emilio Ferrara. 2019. The History of Digital Spam. In Communications of manner, the evolution of digital spam across its most popular appli- the ACM, August 2019, Vol. 62 No. 8, Pages 82-91. ACM, New York, NY, USA, cations, starting from spam emails to modern-days spam. For each 9 pages. https://doi.org/10.1145/3299768 highlighted application domain, I will dive deep to understand the nuances of different digital spam strategies, including their intents Spam!: that’s what Lorrie Faith Cranor and Brian LaMacchia ex- and catalysts and, from a technical standpoint, how they are carried claimed in the title of a popular call-to-action article that appeared out and how they can be detected. twenty years ago on Communications of the ACM [10]. And yet, Wikipedia provides an extensive list of domains of application: despite the tremendous efforts of the research community over the last two decades to mitigate this problem, the sense of urgency ``While the most widely recognized form of spam is email spam, the term is applied to similar abuses in other media: instant remains unchanged, as emerging technologies have brought new messaging spam, Usenet newsgroup spam, Web search engine spam, dangerous forms of digital spam under the spotlight. Furthermore, spam in blogs, wiki spam, online classified ads spam, mobile when spam is carried out with the intent to deceive or influence phone messaging spam, Internet forum spam, junk fax at scale, it can alter the very fabric of society and our behavior.
    [Show full text]
  • Text Normalization and Semantic Indexing to Enhance Instant Messaging and SMS Spam filtering
    Knowledge-Based Systems 108 (2016) 25–32 Contents lists available at ScienceDirect Knowle dge-Base d Systems journal homepage: www.elsevier.com/locate/knosys Text normalization and semantic indexing to enhance Instant Messaging and SMS spam filtering ∗ Tiago A. Almeida a, , Tiago P. Silva a, Igor Santos b, José M. Gómez Hidalgo c a Department of Computer Science, Federal University of São Carlos (UFSCar), Sorocaba, São Paulo, 18052-780, Brazil b Universidad de Deusto, DeustoTech –Computing (S3Lab), Avenida de las Universidades 24, Bilbao, Vizcaya, 48007, Spain c Analytics Department, Pragsis, Manuel Tovar 49-53, Madrid, 28034, Spain a r t i c l e i n f o a b s t r a c t Article history: The rapid popularization of smart phones has contributed to the growth of online Instant Messaging and Received 30 October 2015 SMS usage as an alternative way of communication. The increasing number of users, along with the trust Revised 25 April 2016 they inherently have in their devices, makes such messages a propitious environment for spammers. In Accepted 6 May 2016 fact, reports clearly indicate that volume of spam over Instant Messaging and SMS is dramatically increas- Available online 14 May 2016 ing year by year. It represents a challenging problem for traditional filtering methods nowadays, since Keywords: such messages are usually fairly short and normally rife with slangs, idioms, symbols and acronyms that Instant Messaging spam filtering make even tokenization a difficult task. In this scenario, this paper proposes and then evaluates a method SMS spam filtering to normalize and expand original short and messy text messages in order to acquire better attributes and SPIM enhance the classification performance.
    [Show full text]
  • Image Spam Detection: Problem and Existing Solution
    International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 06 Issue: 02 | Feb 2019 www.irjet.net p-ISSN: 2395-0072 Image Spam Detection: Problem and Existing Solution Anis Ismail1, Shadi Khawandi2, Firas Abdallah3 1,2,3Faculty of Technology, Lebanese University, Lebanon ----------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Today very important means of communication messaging spam, Internet forum spam, junk fax is the e-mail that allows people all over the world to transmissions, and file sharing network spam [1]. People communicate, share data, and perform business. Yet there is who create electronic spam are called spammers [2]. nothing worse than an inbox full of spam; i.e., information The generally accepted version for source of spam is that it crafted to be delivered to a large number of recipients against their wishes. In this paper, we present a numerous anti-spam comes from the Monty Python song, "Spam spam spam spam, methods and solutions that have been proposed and deployed, spam spam spam spam, lovely spam, wonderful spam…" Like but they are not effective because most mail servers rely on the song, spam is an endless repetition of worthless text. blacklists and rules engine leaving a big part on the user to Another thought maintains that it comes from the computer identify the spam, while others rely on filters that might carry group lab at the University of Southern California who gave high false positive rate. it the name because it has many of the same characteristics as the lunchmeat Spam that is nobody wants it or ever asks Key Words: E-mail, Spam, anti-spam, mail server, filter.
    [Show full text]
  • History of Spam
    1 Max W. Mosing1 THE UPS AND DOWNS IN THE HISTORY OF EU-SPAM-REGULATIONS AND THEIR PRACTICAL IMPACT “Two years from now, spam will be solved. I promise a spam-free world by 2006” (Bill Gates; January 2004) Table of content: 1. (Legal) History of Spam................................................................................................................................................................................... 1 1.1. „Monty Python“and „Canter and Seigel“............................................................................................................................................ 2 1.2. Definition of Spam from a Legal Perspective ...................................................................................................................................... 2 1.3. Harm of Spam and– if the Internet community wants to ban spam – why is spam so successful?........................................... 3 1.4. Legal Framework and legal background of spam .............................................................................................................................. 4 2. “Spam-Regulations” in EU-Directives .......................................................................................................................................................... 6 2.1. Directive 97/66/EC concerning the processing of personal data and the protection of privacy in the telecommunications sector – ISDN-Directive and National Laws..............................................................................................................................................
    [Show full text]
  • Asian Anti-Spam Guide 1
    Asian Anti-Spam Guide 1 © MediaBUZZ Pte Ltd January 2009 Asian Anti-SpamHighlights Guide 2 • Combating the latest inbound threat: Spam and dark traffic, Pg. 13 • Secure Email Policy Best Practices, Pg. 17 • The Continuous Hurdle of Spam, Pg. 29 • Asian Anti Spam Acts, Pg. 42 Contents: • Email Spam: A Rising Tide 4 • What everyone should know about spam and privacy 7 • Scary Email Issues of 2008 12 • Combating the latest inbound threat: Spam and dark 13 • Proofpoint survey viewed spam as an increasing threat 16 • Secure Email Policy Best Practices 17 • Filtering Out Spam and Scams 24 • The Resurgence of Spam 26 • 2008 Q1 Security Threat landscape 27 • The Continuous Hurdle of Spam 29 • Spam Filters are Adaptive 30 • Liberating the inbox: How to make email safe and pro- 31 ductive again • Guarantee a clear opportunity to opt out 33 • The Great Balancing Act: Juggling Collaboration and 34 Authentication in Government IT Networks • The Not So Secret Cost of Spam 35 • How to Avoid Spam 36 • How to ensure your e-mails are not classified as spam 37 • Blue Coat’s Top Security Trends for 2008 38 • The Underground Economy 40 • Losing Email is No Longer Inevitable 42 • Localized malware gains ground 44 • Cyber-crime shows no signs of abating 45 MEDIABUZZ PTE LTD • Asian Anti-Spam Acts 47 ASIAN ANTI-SPAM GUIDE © MediaBUZZ Pte Ltd January 2009 Asian Anti-SpamHighlights Guide 3 • Frost & Sullivan: Do not underestimate spam, Pg. 65 • Unifying email security is key, Pg. 71 • The many threats of network security, Pg. 76 • The UTM story, Pg.
    [Show full text]
  • Understanding the Business Ofonline Pharmaceutical Affiliate Programs
    PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs Damon McCoy Andreas Pitsillidis∗ Grant Jordan∗ Nicholas Weaver∗† Christian Kreibich∗† Brian Krebs‡ Geoffrey M. Voelker∗ Stefan Savage∗ Kirill Levchenko∗ Department of Computer Science ∗Department of Computer Science and Engineering George Mason University University of California, San Diego †International Computer Science Institute ‡KrebsOnSecurity.com Berkeley, CA Abstract driven by competition between criminal organizations), a broad corpus of ground truth data has become avail- Online sales of counterfeit or unauthorized products able. In particular, in this paper we analyze the content drive a robust underground advertising industry that in- and implications of low-level databases and transactional cludes email spam, “black hat” search engine optimiza- metadata describing years of activity at the GlavMed, tion, forum abuse and so on. Virtually everyone has en- SpamIt and RX-Promotion pharmaceutical affiliate pro- countered enticements to purchase drugs, prescription- grams. By examining hundreds of thousands of orders, free, from an online “Canadian Pharmacy.” However, comprising a settled revenue totaling over US$170M, even though such sites are clearly economically moti- we are able to provide comprehensive documentation on vated, the shape of the underlying business enterprise three key aspects of underground advertising activity: is not well understood precisely because it is “under- Customers. We provide detailed analysis on the con- ground.” In this paper we exploit a rare opportunity to sumer demand for Internet-advertised counterfeit phar- view three such organizations—the GlavMed, SpamIt maceuticals, covering customer demographics, product and RX-Promotion pharmaceutical affiliate programs— selection (including an examination of drug abuse as a from the inside.
    [Show full text]