Spamalytics – investigating botnets on October 21, 2009

Posted October 21st, 2009 by Martin Stein and filed in ACM Meeting
Tags: , ,
2 Comments

Unfortunately we have to cancel the OpenStreetMaps talk scheduled for this day. I hope we can bring them back at a later date.

Instead we picked a subject from a recent CACM article: spam the article describes how the authors infiltrated a spam botnet and looked into how many people fall for those offers flooding inboxes.

Abstract

In his script for “All The President’s Men”, author William Goldman coined the famous adage “follow the money”, giving Woodward and Bernstein crucial advice for their investigation. In the past years, the growth of the Internet has enabled a financially motivated underground marketplace that presents a case perhaps less politically motivated but surely no less thrilling, in which this classic strategy has remained almost entirely unused.

In this talk I will present a study that sheds light on one component of this market, namely spam-based advertising. The “conversion rate” of spam — the probability that an unsolicited email with ultimately elicit a “sale” — underlies the entire spam value proposition. However, our understanding of this critical behavior is quite limited, and the literature lacks any quantitative study concerning its true value. I will describe a methodology for using parasitic infiltration of botnets — large networks of infected computers responsible for the vast majority of spam observed today — to empirically infer the delivery and conversion rates of spam campaigns. I will present an analysis of over 400 million instrumented spam emails across two campaigns and quantify the underlying processes that modulate its profits.

The results provide insights into the entire spam conversion pipeline and illuminate some of the market pressures on the spammers and botmasters involved — and thus point out initial avenues for following the money in this poorly understood economy.

Speaker Biography

Speaker - Chr Kreibich

Christian Kreibich is a staff research scientist at the International Computer Science Institute in Berkeley. He received his Ph.D. from the University of Cambridge, UK, and a Diplom in Computer Science from the Technical University of Munich, Germany. His research focuses on topics in network architecture, distributed systems, and network security.

Video

http://fora.tv/2009/10/21/Christian_Kreibich_Infiltrating_a_Botnet

2 Responses to “Spamalytics – investigating botnets on October 21, 2009”

  1. Hesham ElBakoury says:
    October 19, 2009 at 4:49 pm

    Please let me know the location and date/time of this seminar.

    Thanks

    Hesham

  2. UK Data Centre says:
    February 23, 2010 at 12:58 am

    I like the first point you made there, but I am not sure I could pratcially apply that in a contructive way.

Leave a Reply