In recent years, the goals and modes of operation of malicious hackers have changed dramatically. As hackers realized the potential monetary gains associated with Internet fraud, there has been a shift from “hacking for fun” to “hacking for profit.” This shift has been leveraged and supported by more traditional crime organizations, which eventually realized the potential of the Internet for their endeavors. The integration of sophisticated computer attacks with well-established fraud mechanisms devised by organized crime has resulted in an underground economy that trades compromised hosts, personal information, and services in a way similar to other legitimate economies. This expanding underground economy makes it possible to significantly increase the scale of the frauds carried out on the Internet and allows criminals to reach millions of potential victims. Also, criminals are taking full advantage of sophisticated mechanisms, such as the service bots used on IRC channels to automatically verify stolen credit card numbers, the use of e-casinos to launder money, and the use of fast-flux networks to create attack-resilient services.
Over the last few years the UCSB Security Group has been developing novel techniques and tools to analyze the underground economy and to obtain a comprehensive picture of the complete criminal process. To do this, we have created models of the underground market, its actors, the processes and interactions between actors, and the underlying infrastructure. The plan is to leverage these models and develop techniques that can help to disrupt parts of the criminal process.
In this talk I will discuss one of the projects that we have recently completed, which is an analysis of the underground economy of fake antivirus software.
Richard A. Kemmerer is the Computer Science Leadership Professor and a past Department Chair of the Department of Computer Science at the University of California, Santa Barbara. Dr. Kemmerer received his Ph.D. degree in Computer Science from the University of California, Los Angeles, in 1979. His research interests include formal specification and verification of systems, computer system security and reliability, programming and specification language design, and software engineering. He is the author of the book “Formal Specification and Verification of an Operating System Security Kernel” and a co-author of “Computers at Risk: Safe Computing in the Information Age,” “For the Record: Protecting Electronic Health Information,” and “Realizing the Potential of C4I: Fundamental Challenges.”
Dr. Kemmerer has served as a member of the National Academy of Science’s Committee on Computer Security in the DOE, the System Security Study Committee, the Committee for Review of the Oversight Mechanisms for Space Shuttle Flight Software Processes, the Committee on Maintaining Privacy and Security in Health Care Applications of the National Information Infrastructure, and the Committee on the Review of Programs for C4I. He also served as a member of the National Computer Security Center’s Formal Verification Working Group and was a member of the NIST’s Computer and Telecommunications Security Council. He has served on a review panel for the DOI to evaluate their Natural Resource’s Damage Assessment Model, and as an expert consultant for the Nuclear Regulatory Commission’s Advisory Committee on Nuclear Reactor Safety.
Dr. Kemmerer is a past Chair of the IEEE Technical Committee on Security and Privacy and a past member of the Advisory Board for the ACM’s Special Interest Group on Security, Audit, and Control. He is a Fellow of the IEEE Computer Society, a Fellow of the Association for Computing Machinery, a past Editor-in-Chief of the IEEE Transactions on Software Engineering, and a past Vice President and member of the Board of Governors of the IEEE Computer Society. He has also served on the editorial boards of the ACM Computing Surveys, and the IEEE Security & Privacy magazine. He served on Microsoft’s Trustworthy Computing Academic Advisory Board (2002-2010) and on the National Science Foundation’s/CISE Advisory Board (2002-2004).