On the effects of registrar-level intervention
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
No plan survives contact: experience with cybercrime measurement
CSET'11 Proceedings of the 4th conference on Cyber security experimentation and test
Show me the money: characterizing spam-advertised revenue
SEC'11 Proceedings of the 20th USENIX conference on Security
Measuring and analyzing search-redirection attacks in the illicit online prescription drug trade
SEC'11 Proceedings of the 20th USENIX conference on Security
Spam detection using web page content: a new battleground
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Proceedings of the 4th ACM workshop on Security and artificial intelligence
Fashion crimes: trending-term exploitation on the web
Proceedings of the 18th ACM conference on Computer and communications security
Cloak and dagger: dynamics of web search cloaking
Proceedings of the 18th ACM conference on Computer and communications security
Suspended accounts in retrospect: an analysis of twitter spam
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Providing safe, user space access to fast, solid state disks
ASPLOS XVII Proceedings of the seventeenth international conference on Architectural Support for Programming Languages and Operating Systems
Poultry markets: on the underground economy of twitter followers
Proceedings of the 2012 ACM workshop on Workshop on online social networks
PharmaLeaks: understanding the business of online pharmaceutical affiliate programs
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Do malware reports expedite cleanup? an experimental study
CSET'12 Proceedings of the 5th USENIX conference on Cyber Security Experimentation and Test
Poultry markets: on the underground economy of twitter followers
ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
Knowing your enemy: understanding and detecting malicious web advertising
Proceedings of the 2012 ACM conference on Computer and communications security
Manufacturing compromise: the emergence of exploit-as-a-service
Proceedings of the 2012 ACM conference on Computer and communications security
Priceless: the role of payments in abuse-advertised goods
Proceedings of the 2012 ACM conference on Computer and communications security
Taster's choice: a comparative analysis of spam feeds
Proceedings of the 2012 ACM conference on Internet measurement conference
Turtles all the way down: a clean-slate, ground-up, first-principles approach to secure systems
Proceedings of the 2012 workshop on New security paradigms
Beyond the blacklist: modeling malware spread and the effect of interventions
Proceedings of the 2012 workshop on New security paradigms
Spamming for science: active measurement in web 2.0 abuse research
FC'12 Proceedings of the 16th international conference on Financial Cryptography and Data Security
AdRob: examining the landscape and impact of android application plagiarism
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
Pick your poison: pricing and inventories at unlicensed online pharmacies
Proceedings of the fourteenth ACM conference on Electronic commerce
Measurement and analysis of child pornography trafficking on P2P networks
Proceedings of the 22nd international conference on World Wide Web
Survey and taxonomy of botnet research through life-cycle
ACM Computing Surveys (CSUR)
Understanding the domain registration behavior of spammers
Proceedings of the 2013 conference on Internet measurement conference
ViceROI: catching click-spam in search ad networks
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
CloudSweeper: enabling data-centric document management for secure cloud archives
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Trafficking fraudulent accounts: the role of the underground market in Twitter spam and abuse
SEC'13 Proceedings of the 22nd USENIX conference on Security
XXXtortion?: inferring registration intent in the .XXX TLD
Proceedings of the 23rd international conference on World wide web
Hi-index | 0.00 |
Spam-based advertising is a business. While it has engendered both widespread antipathy and a multi-billion dollar anti-spam industry, it continues to exist because it fuels a profitable enterprise. We lack, however, a solid understanding of this enterprise's full structure, and thus most anti-Spam interventions focus on only one facet of the overall spam value chain (e.g., spam filtering, URL blacklisting, site takedown).In this paper we present a holistic analysis that quantifies the full set of resources employed to monetize spam email -- including naming, hosting, payment and fulfillment -- usingextensive measurements of three months of diverse spam data, broad crawling of naming and hosting infrastructures, and over 100 purchases from spam-advertised sites. We relate these resources to the organizations who administer them and then use this data to characterize the relative prospects for defensive interventions at each link in the spam value chain. In particular, we provide the first strong evidence of payment bottlenecks in the spam value chain, 95% of spam-advertised pharmaceutical, replica and software products are monetized using merchant services from just a handful of banks.