Presentation is loading. Please wait.

Presentation is loading. Please wait.

Flux in Fraud Infrastructures Minaxi Gupta Computer Science Dept. Indiana University, Bloomington.

Published byNathaniel Carlson Modified over 10 years ago

Similar presentations

Presentation on theme: "Flux in Fraud Infrastructures Minaxi Gupta Computer Science Dept. Indiana University, Bloomington."— Presentation transcript:

1 Flux in Fraud Infrastructures Minaxi Gupta Computer Science Dept. Indiana University, Bloomington

2 Fraud evolution Economically driven Pull vs push-based Much is Web-based Uses botnets extensively

3 Internet fraud has an infrastructure behind it Phishing Scam sites Drive-by downloads Socially-engineered malware

4 It is provisioned differently Flux in phishing Fast flux DNS flux Double flux Helps escape detection and promotes longevity of fraud

5 Observations 10-30% of phishing Web servers exhibit fast flux 60% of their DNS servers exhibit DNS flux Most fluxing Web servers are part of double-flux infrastructure Same machines act as Web and DNS servers in many cases One host name resolves to many IPs but many names share a common pool of IPs

6 Take away Fraud infrastructures have telltale signs It may be possible to create signatures that distinguish fraud infrastructures from regular Internet infrastructure Need to investigate what the signatures should look like

7 Caution DoS attacks do not have Web sites Hacked sites can be used to host fraud This talk takes a DNS perspective on fraud infrastructures Many by-pass DNS by using IP addresses Signatures in the absence of flux? Can criminals evolve to bypass signatures?

Download ppt "Flux in Fraud Infrastructures Minaxi Gupta Computer Science Dept. Indiana University, Bloomington."

Similar presentations

© Ravi Sandhu www.list.gmu.edu Introduction to Information Security Ravi Sandhu.

© Ravi Sandhu Introduction to Information Security Ravi Sandhu.
Dynamics of Online Scam Hosting Infrastructure

Dynamics of Online Scam Hosting Infrastructure
11/20/09 ONR MURI Project Kick-Off 1 Network-Level Monitoring for Tracking Botnets Nick Feamster School of Computer Science Georgia Institute of Technology.

11/20/09 ONR MURI Project Kick-Off 1 Network-Level Monitoring for Tracking Botnets Nick Feamster School of Computer Science Georgia Institute of Technology.
1 Dynamics of Online Scam Hosting Infrastructure Maria Konte, Nick Feamster Georgia Tech Jaeyeon Jung Intel Research.

1 Dynamics of Online Scam Hosting Infrastructure Maria Konte, Nick Feamster Georgia Tech Jaeyeon Jung Intel Research.
(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.
ICANN SSAC, Cairo Nov 2008 Page 1 Summary of Fast Flux Dave Piscitello ICANN SSAC.

ICANN SSAC, Cairo Nov 2008 Page 1 Summary of Fast Flux Dave Piscitello ICANN SSAC.
An Internet Without IP Minaxi Gupta Computer Science Dept. Indiana University, Bloomington.

An Internet Without IP Minaxi Gupta Computer Science Dept. Indiana University, Bloomington.
INTERNET SAFETY. WHY Every parent and student needs to be aware of the issues that come with the internet. Most parents spend time with their children.

INTERNET SAFETY. WHY Every parent and student needs to be aware of the issues that come with the internet. Most parents spend time with their children.
Internet Basics The Internet Is… – a network of networks – a community of people, businesses, schools and organizations – E-mail, web pages, databases,

Internet Basics The Internet Is… – a network of networks – a community of people, businesses, schools and organizations – , web pages, databases,
K-State IT Security Training Ken Stafford CIO and Vice Provost for IT Services Harvard Townsend Chief Information Security Officer

K-State IT Security Training Ken Stafford CIO and Vice Provost for IT Services Harvard Townsend Chief Information Security Officer
A look into Bullet Proof Hosting November 2014 - DefCamp 5 Silviu Sofronie – Head of Forensics

A look into Bullet Proof Hosting November DefCamp 5 Silviu Sofronie – Head of Forensics
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Copyright © Pearson Education Limited 2015. Computer Fraud and Abuse Techniques Chapter 6 6-1.

Copyright © Pearson Education Limited Computer Fraud and Abuse Techniques Chapter
1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW 2007 2008.09.09 Yue Zhang, Jason Hong, and Lorrie Cranor.

1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW Yue Zhang, Jason Hong, and Lorrie Cranor.
Hack Firefox to steal web-secrets Sunil Arora. How many of you use Firefox ?

Hack Firefox to steal web-secrets Sunil Arora. How many of you use Firefox ?
Investigating Malicious Software Steve Romig The Ohio State University April 2002.

Investigating Malicious Software Steve Romig The Ohio State University April 2002.
ECrime Research Richard Clayton Luxembourg 11 th May 2010.

ECrime Research Richard Clayton Luxembourg 11 th May 2010.
Taxonomy of Botnets Team Mag Five Valerie Buitron Jaime Calahorrano Derek Chow Julia Marsh Mark Zogbaum.

Taxonomy of Botnets Team Mag Five Valerie Buitron Jaime Calahorrano Derek Chow Julia Marsh Mark Zogbaum.
Cyber X-Force-SMS alert system for E-mail threats.

Cyber X-Force-SMS alert system for threats.
Building Trust in Digital Online World Dr. Shekhar Kirani Vice President VeriSign India 5th June 2009 IBA Conference.

Building Trust in Digital Online World Dr. Shekhar Kirani Vice President VeriSign India 5th June 2009 IBA Conference.

Similar presentations

Ads by Google