Tyler Moore (Wellesley College) is going to present an overview of his current research work.
Speaker: Tyler W Moore
- Date: November 11th, 2011 (Friday)
- Room: CIT 368 (note room change)
- Host: John Savage
- Title: "Gathering Evidence of Large-Scale Internet Frauds"
During the past several years online crime has organized and industrialized substantially. Profit-motivated criminals have identified many new ways to leverage the Internet's openness and scale to perpetrate high-volume, globally distributed frauds that have proven difficult to eradicate. To tackle the challenges posed by this brave new world, I describe an empirically-grounded approach to information security that measures the impact of attacks and examines the incentives of both the perpetrators and defenders in order to craft effective countermeasures. In this talk I discuss two instances of fraud targeting search engines that I have examined closely. First, I investigate the manipulation of web search results to promote the unauthorized sale of prescription drugs. In the pervasive search-redirection attacks, criminals compromise high-ranking websites and dynamically redirect traffic different pharmacies based on the particular search terms issued by the consumer. Second, I study the abuse of "trending'' search terms, in which miscreants place links to malware-distributing or ad-filled web sites in web search and Twitter results, by collecting and analyzing measurements over nine months from multiple sources. As I will demonstrate, both cases exhibit characteristics common to most online crime. For instance, each fraud exploits a lack of coordination between the Internet's defenders, compensates for low individual profits through automation, and avoids detection by spreading the harm across many victims. Furthermore, I present evidence that the vast bulk of the harm is carried out by a few fraudsters. Along the way, I will demonstrate several general techniques for gathering evidence of Internet frauds and analyzing their dynamics.
Tyler Moore is the Norma Wilentz Hess Visiting Assistant Professor of Computer Science at Wellesley College. His research interests include the economics of information security, the study of electronic crime, and the development of policy for strengthening security. Moore completed his PhD in Computer Science at the University of Cambridge, supervised by Professor Ross Anderson. His PhD thesis investigated cooperative attack and defense in the design of decentralized wireless networks and through empirical analysis of phishing attacks on the Internet. Moore has also written reports for the European Union and the US National Academy of Sciences detailing policy recommendations for improving cyber security. Prior to joining Wellesley, Moore was a postdoctoral fellow at Harvard University’s Center for Research on Computation and Society. He is a 2004 Marshall Scholar.