WEIS'08: "Studying Malicious Websites and the Underground Economy on the Chinese Web"
Friday, July 4. 2008
The 7th Workshop on the Economics of Information Security (WEIS'08) took place last week at Dartmouth College's Tuck School of Business. Several interesting papers like "Security Economics and European Policy", "Do Data Breach Disclosure Laws Reduce Identity Theft?", or "The Impact of Incentives on Notice and Take-down" were presented during the workshop. Our paper entitled "Studying Malicious Websites and the Underground Economy on the Chinese Web" deals with several aspects of the underground economy within China's part of the World Wide Web. Amongst other techniques, we use client-side honeypots to study malicious websites.
Abstract:
The World Wide Web gains more and more popularity within China with more than 1.31 million websites on the Chinese Web in June 2007. Driven by the economic profits, cyber criminals are on the rise and use the Web to exploit innocent users. In fact, a real underground black market with thousand of participants has developed which brings together malicious users who trade exploits, malware, virtual assets, stolen credentials, and more. In this paper, we provide a detailed overview of this underground black market and present a model to describe the market. We substantiate our model with the help of measurement results within the Chinese Web. First, we show that the amount of virtual assets traded on this underground market is huge. Second, our research proves that a significant amount of websites within China’s part of the Web contain some kind of malicious content: our measurements reveal that about 1.49% of the examined sites contain malicious content that tries to attack the visitor’s browser.
The paper is a collaboration with several researchers from China (Jianwei Zhuge, Chengyu Song, Jinpeng Guo, Xinhui Han, and Wei Zou) and a revised version of our technical report on the same topic. The full version of the paper is now available.
Abstract:
The World Wide Web gains more and more popularity within China with more than 1.31 million websites on the Chinese Web in June 2007. Driven by the economic profits, cyber criminals are on the rise and use the Web to exploit innocent users. In fact, a real underground black market with thousand of participants has developed which brings together malicious users who trade exploits, malware, virtual assets, stolen credentials, and more. In this paper, we provide a detailed overview of this underground black market and present a model to describe the market. We substantiate our model with the help of measurement results within the Chinese Web. First, we show that the amount of virtual assets traded on this underground market is huge. Second, our research proves that a significant amount of websites within China’s part of the Web contain some kind of malicious content: our measurements reveal that about 1.49% of the examined sites contain malicious content that tries to attack the visitor’s browser.
The paper is a collaboration with several researchers from China (Jianwei Zhuge, Chengyu Song, Jinpeng Guo, Xinhui Han, and Wei Zou) and a revised version of our technical report on the same topic. The full version of the paper is now available.
Continue reading "WEIS'08: "Studying Malicious Websites and the Underground Economy on the Chinese Web""
".
