By Topic

eCrime Researchers Summit (eCrime), 2012

Date 23-24 Oct. 2012

Filter Results

Displaying Results 1 - 10 of 10
  • [Copyright notice]

    Publication Year: 2012, Page(s): 1
    Request permission for commercial reuse | PDF file iconPDF (45 KB)
    Freely Available from IEEE
  • Agenda

    Publication Year: 2012, Page(s):1 - 7
    Request permission for commercial reuse | PDF file iconPDF (632 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2012, Page(s): 1
    Request permission for commercial reuse | PDF file iconPDF (50 KB)
    Freely Available from IEEE
  • Discovering phishing dropboxes using email metadata

    Publication Year: 2012, Page(s):1 - 9
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (137 KB) | HTML iconHTML

    The criminals who operate phishing scams often deliver harvested credentials to email accounts under their control - but it is difficult, in the general case, to identify these so-called `dropboxes'. We devise three techniques to identify dropboxes and associated phishing websites by leveraging lists of known phishing websites and metadata maintained by email providers. We demonstrate the techniqu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Does context influence responses to firewall warnings?

    Publication Year: 2012, Page(s):1 - 10
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (484 KB) | HTML iconHTML

    Firewall warnings are only effective if users can respond to them in a secure and effective manner. In this paper, we define what the user was doing while receiving the warning message as the context. We evaluate whether either the context in which the user receives the warning or the content of the warning message affects users' response to the warning message. We ran a user study with 56 partici... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Dual canonicalization: An answer to the homograph attack

    Publication Year: 2012, Page(s):1 - 10
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1120 KB) | HTML iconHTML

    Phishing attacks have frequently used homographs since they were first described a decade ago. Though a wide variety of tools and techniques have been used to mitigate the effectiveness of these attacks, none have offered a comprehensive solution. This paper describes the homograph attack as a mathematical problem, identifies the various flavors of the attack, and provides a solution applicable to... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Explaining Cybercrime through the Lens of Differential Association Theory, Hadidi44-2.php PayPal Case Study

    Publication Year: 2012, Page(s):1 - 7
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (660 KB) | HTML iconHTML

    Social learning theories, such as differential association theory, state that criminals develop deviant behaviors and learn the tools of their trade through close association with other deviants. This case study examines a group of 99 email addresses found to be using the same PayPal phishing kit. It uses Open Source Intelligence techniques to determine potential relationships between the holders ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • How do consumers react to cybercrime?

    Publication Year: 2012, Page(s):1 - 12
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (235 KB) | HTML iconHTML

    We conduct a secondary analysis of data collected to survey EU citizens' experiences and concerns with cybercrime. We devise a series of logistic regressions that measure how exposure to cybercrime can inhibit online banking, shopping and other activities. We consider three forms of exposure: directly falling victim, expressing concern about security, and reading news reports. We find that directl... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Investigative response modeling and predictive data collection

    Publication Year: 2012, Page(s):1 - 6
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (249 KB) | HTML iconHTML

    While most enterprise computing environments are proactively monitored for threats and security violations using automated detection engines, the ability to validate reported events as true incidents still requires a non-trivial amount of time and information gathering as well as investment in staffing and training of personnel. To improve an organization's overall reactive security posture and re... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • PhishAri: Automatic realtime phishing detection on twitter

    Publication Year: 2012, Page(s):1 - 12
    Cited by:  Papers (5)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1084 KB) | HTML iconHTML

    With the advent of online social media, phishers have started using social networks like Twitter, Facebook, and Foursquare to spread phishing scams. Twitter is an immensely popular micro-blogging network where people post short messages of 140 characters called tweets. It has over 100 million active users who post about 200 million tweets everyday. Phishers have started using Twitter as a medium t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.