Post on 11-Jan-2016
description
Dissecting One Click FraudsAuthors: Nicolas Christin, Sally S. Yanagihara, Keisuke KamatakiProceedings of the ACM CCS 2010Reporter: Jing ChiuAdvisor: Yuh-Jye LeeEmail: D9815013@mail.ntust.edu.tw
112/04/21 1Data Mining & Machine Learning Lab
Outlines• Introduction
▫ One Click Fraud• Data Collection
▫ Channel BBS▫ Koguma-neko Teikoku▫ Wan-Cli Zukan
• Data Analysis▫ Infrastructural loopholes▫ Grouping miscreants▫ Evidence of other illicit activities
• Economic Incentives▫ Cost-benefit analysis▫ Fraud profitability▫ Legal aspects▫ Field measurements
• Conclusions112/04/21 2Data Mining & Machine Learning Lab
•One Click Frauds
Introduction
112/04/21 Data Mining & Machine Learning Lab 3
•2 Channel BBS▫The largest bulletin board in Japan▫March 6, 2006 ~ October 26, 2009
•Koguma-neko Teikoku▫Privately owned website▫August 24, 2006 ~ August 14, 2009
•Wan-Cli Zukan▫Privately owned website▫September 6,2006 ~ October 26, 2009
Data Collection
112/04/21 Data Mining & Machine Learning Lab 4
•Data parsing•Extracted attributes•Store to MySQL database
Data Collection (cont.)
112/04/21 Data Mining & Machine Learning Lab 5
Data Collection (cont.)
112/04/21 Data Mining & Machine Learning Lab 6
• Infrastructural loopholes▫Phone numbers▫Bank▫DNS registrars▫DNS resellers
• Grouping miscreants▫Use undirected graph to represent the dataset▫Fraud distribution
• Evidence of other illicit activities▫Eight blacklisting services and Google Safe
Browsing
Data Analysis
112/04/21 Data Mining & Machine Learning Lab 7
•Cost-benefit analysis•Fraud profitability•Legal aspects•Field measurements
Economic Incentives
112/04/21 Data Mining & Machine Learning Lab 8
•Collect and analyze a corpus of over 2,000 reported One Click Fraud incidents
•Describe a number of potential vulnerabilities which be used for scam
•Shows an important reason for why scam flourish
Conclusions
112/04/21 Data Mining & Machine Learning Lab 9
•Questions?
Thanks for your attention
112/04/21 Data Mining & Machine Learning Lab 10
•Top 10 popular registrars vs. Top 11 in One Click Frauds
DNS Registrars
112/04/21 Data Mining & Machine Learning Lab 11
DNS Resellers
112/04/21 Data Mining & Machine Learning Lab 12
112/04/21 Data Mining & Machine Learning Lab 13
Fraud Distribution
112/04/21 Data Mining & Machine Learning Lab 14
Evidence of other illicit activities
112/04/21 Data Mining & Machine Learning Lab 15
Ten most common amounts of money requested
112/04/21 Data Mining & Machine Learning Lab 16
Press reports of One Click Fraud arrests
112/04/21 Data Mining & Machine Learning Lab 17