Featured Research

from universities, journals, and other organizations

Thwarting The Growth Of Internet Black Markets

Date:
October 16, 2007
Source:
Carnegie Mellon University
Summary:
Computer scientists have designed new computer tools to better understand and potentially thwart the growth of Internet black markets, where attackers use well-developed business practices to hawk viruses, stolen data and attack services.

Carnegie Mellon University's Adrian Perrig and Jason Franklin, working in conjunction with Vern Paxson of the International Computer Science Institute and Stefan Savage of the University of California, San Diego, have designed new computer tools to better understand and potentially thwart the growth of Internet black markets, where attackers use well-developed business practices to hawk viruses, stolen data and attack services.

"These troublesome entrepreneurs even offer tech support and free updates for their malicious creations that run the gamut from denial of service attacks designed to overwhelm Web sites and servers to data stealing Trojan viruses," said Perrig, an associate professor of electrical and computer engineering and engineering and public policy.

In order to understand the millions of lines of data derived from monitoring the underground markets for more than seven months, Carnegie Mellon researchers developed automated techniques to measure and catalogue the activities of the shadowy online crooks who profit from spewed spam, virus-laden PCs and identity theft. The researchers estimate that the total value of the illegal materials available for sale in the seven-month period could total more than $37 million.

"Our research monitoring found that more than 80,000 potential credit card numbers were available through these illicit underground web economies," said Franklin, a Ph.D. student in computer science. However, the researchers warned that because checking the validity of the card numbers was not possible without credit card company assistance, the cards seen may not have been valid when they were observed.

Whatever the purchases, a buyer will typically contact the black market vendor privately using email, or in some cases, a private instant message. Money generally changes hands through non-bank payment services such as e-gold, making the criminals difficult to track.

To stem the flow of stolen credit cards and identity data, Carnegie Mellon researchers proposed two technical approaches to reduce the number of successful market transactions, including a slander attack and another technique, which were aimed at undercutting the cyber-crooks verification or reputation system.

"Just like you need to verify that individuals are honest on E-bay, online criminals need to verify that they are dealing with 'honest' criminals," Franklin said.

In a slander attack, an attacker eliminates the verified status of a buyer or seller through false defamation. "By eliminating the verified status of the honest individuals, an attacker establishes a lemon market where buyers are unable to distinguish the quality of the goods or services," Franklin said.

The researchers also propose to undercut the burgeoning black market activity by creating a deceptive sales environment.

Perrig's team developed a technique to establish fake verified-status identities that are difficult to distinguish from other-verified status sellers making it hard for buyers to identify the honest verified-status sellers from dishonest verified-status sellers.

"So, when the unwary buyer tries to collect the goods and services promised, the seller fails to provide the goods and services. Such behavior is known as 'ripping.' And it is the goal of all black market site's verification systems to minimize such behavior," said Franklin.

There have been successful takedowns against known black market sites, such as the U.S. Secret Service-run Operation Firewall three years ago. That operation against the notorious Shadowcrew resulted in 28 arrests around the globe, Carnegie Mellon researchers reported.

"The scary thing about all this is that you do not have to be in the know to find black markets, they are easy to find, easy to join and just a mouse click away," Franklin said.

"We believe these black markets are growing, so we will have even more incidents to monitor and study in the future," Perrig said.

That growth is also reflected in the latest Computer Security Institute (CSI) Computer Crime and Security Survey that shows average cyber-losses more than doubled after a five-year decline. The 2007 CSI survey reported that U.S. companies on average lost more than $300,000 to cyber crooks compared to $168,000 last year.


Story Source:

The above story is based on materials provided by Carnegie Mellon University. Note: Materials may be edited for content and length.


Cite This Page:

Carnegie Mellon University. "Thwarting The Growth Of Internet Black Markets." ScienceDaily. ScienceDaily, 16 October 2007. <www.sciencedaily.com/releases/2007/10/071015102827.htm>.
Carnegie Mellon University. (2007, October 16). Thwarting The Growth Of Internet Black Markets. ScienceDaily. Retrieved July 28, 2014 from www.sciencedaily.com/releases/2007/10/071015102827.htm
Carnegie Mellon University. "Thwarting The Growth Of Internet Black Markets." ScienceDaily. www.sciencedaily.com/releases/2007/10/071015102827.htm (accessed July 28, 2014).

Share This




More Computers & Math News

Monday, July 28, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Teen's Phone Ignites Under Her Pillow; How Real Is The Risk?

Teen's Phone Ignites Under Her Pillow; How Real Is The Risk?

Newsy (July 28, 2014) A Texas teen's Samsung phone apparently ignited while she slept, but what was the real problem here? Video provided by Newsy
Powered by NewsLook.com
Google's Next Frontier: The Human Body

Google's Next Frontier: The Human Body

Newsy (July 27, 2014) Google is collecting genetic and molecular information to paint a picture of the perfectly healthy human. Video provided by Newsy
Powered by NewsLook.com
Cellphone Unlocking Bill Clears U.S. House, Heads to Obama

Cellphone Unlocking Bill Clears U.S. House, Heads to Obama

Reuters - US Online Video (July 27, 2014) Congress gets rid of pesky law that made it illegal to "unlock" mobile phones without permission, giving consumers the option to use the same phone on a competitor's wireless network. Mana Rabiee reports. Video provided by Reuters
Powered by NewsLook.com
Congress OKs Unlocking Phones From Carriers

Congress OKs Unlocking Phones From Carriers

Newsy (July 26, 2014) A bill legalizing "unlocking," or untethering a phone from its default wireless carrier, has passed Congress and is expected to be signed into law. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins