Further Adventures in Evidence-Based Security

Опубликовано 23 марта 2018, 22:37

Over the last decade, our group has undertaken an "evidence-based" approach to measure, analyze, and undermine various kinds of abuse and cybercrime on the Internet. In this talk, I will describe our evidence-based approach and present work on two recent projects. The first is a technique for inferring site compromise from a third-party perspective using honey accounts, and a measurement study that detected 19 site compromises over a year (including an Alexa top-500 site) and our experiences disclosing our findings to these sites. The second is a measurement study exploring the impact of ICANN's New gTLD Program on the domain name ecosystem, classifying the intent of registrations in new TLDs (including speculative and defensive registrations) and impact on old TLDs. I will end briefly summarizing where our group is headed going forward.

This work reflects a long-standing collaborative effort between UCSD and ICSI/Berkeley, with more information available at: evidencebasedsecurity.org

See more at microsoft.com/en-us/research/v...