Over the past two decades, the Internet has become an essential tool in the lives of millions of people. Unfortunately, this success has also attracted cybercriminals who exploit the Internet as a platform for illicit gain. Perhaps the most familiar scam is sending unsolicited advertisements (spam), clogging inboxes and putting people’s computers at risk of dangerous malware infections. Understanding the mechanisms and effectiveness of these scams is essential to building effective countermeasures to cybercrime. In this talk, I’ll explain the modern spamming landscape and present research that help us better understand how spammers make their money online. One effort uses the technique of botnet infiltration to examine a spam campaign from the point of view of the spammers. Botnet infiltration allows us to measure their operation including the advertisements’ effectiveness and the worldwide use of spam filtering techniques. The second effort exploits key information leaks to answer key questions about the modern affiliate marketing-based spam ecosystem, from estimating their worldwide gross revenue, to understanding customer demographics and their most popular products. I’ll end by discussing future work in this space and outline research directions that exploit criminal’s online architecture and motivations to develop effective defenses.
Chris Kanich is a Ph.D. Candidate at the University of California at San Diego in the Computer Science & Engineering Department. His research interests lie within security and computer networks, with an emphasis on the economic and human elements of Internet security. He received a B.S. degree in Computer Science and Mathematics from Purdue University in 2005, and will complete his Ph.D. at UC San Diego in 2012.