{"468861":{"#nid":"468861","#data":{"type":"event","title":"PhD Defense by Maria Konte","body":[{"value":"\u003Cp\u003E\u003Cstrong\u003EPh.D. Dissertation Defense Announcement\u003C\/strong\u003E\u003Cbr \/\u003E \u003Cbr \/\u003E Title: \u003Cstrong\u003EUnderstanding and Defending Against Internet Infrastructures Supporting Cybecrime Operations\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EMaria Konte\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003ESchool of Computer Science\u003C\/p\u003E\u003Cp\u003ECollege of Computing\u003C\/p\u003E\u003Cp\u003EGeorgia Institute of Technology\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EDate: Friday, November 13, 2015\u003C\/p\u003E\u003Cp\u003ETime: 9:00 AM - 11:00 AM\u003C\/p\u003E\u003Cp\u003ELocation \u003Cstrong\u003E: Klaus Room 3126 (GTISC War Room)\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ECommittee:\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E-------------\u003C\/p\u003E\u003Cp\u003EProf. Nick Feamster, Advisor, Department of Computer Science, Princeton University\u003C\/p\u003E\u003Cp\u003EProf. Roberto Perdisci, Department of Computer Science, University of Georgia\u003Cbr \/\u003E Prof. Wenke Lee, School of Computer Science, Georgia Institute of Technology\u003Cbr \/\u003E Prof. Ellen Zegura, School of Computer Science, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003EProf. Manos Antonakakis, School of Electrical and Computer Engineering, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003EAllison Mankin, Director of Verisign Labs\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EAbstract:\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E-------------\u003C\/p\u003E\u003Cp\u003E\u003Cbr \/\u003E \u003Cbr \/\u003E \u003C\/p\u003EToday\u0027s cybercriminals must carefully manage their network resources to evade detection and maintain profitable businesses. For example, a rogue online enterprise has to have multiple technical and business components in place, to provide the necessary infrastructure to keep the business available. Often, cybercriminals in their effort to protect and maintain their valuable network resources (infrastructures), they manipulate two fundamental Internet protocols; the Domain Name System (DNS) and the Border Gateway Protocol (BGP).\u0026nbsp;\u0026nbsp; \u0026nbsp;A popular countermeasure against cybercriminal infrastructures are Autonomous Systems (AS) reputation systems. Past research efforts have developed several AS reputation systems that monitor the traffic for illicit activities. Unfortunately, these systems have severe limitations; (1) they cannot distinguish between malicious and legitimate but abused ASes, and thus it is not clear how to use them in practice, (2) require direct observation of malicious activity, from many different vantage points and for an extended period of time, thus delaying detection. \u0026nbsp;This dissertation presents empirical studies and a system that help to counteract cybecriminal infrastructures. First, we perform empirical studies that help to advance our understanding, about how these infrastructures operate. We study two representative types of infrastructures: (1) fast-flux service networks which are infrastructures based on DNS manipulation, (b) malicious ASes (hubs of cybercriminal activities) which are infrastructures that are primarily based on BGP manipulation. Second, we build on our observations from these studies, and we design and implement, ASwatch; an AS reputation system that, unlike existing approaches, monitors exclusively the routing level behavior of ASes, to expose malicious ASes sooner. We build ASwatch based on the intuition that, in an attempt to evade possible detection and remediation efforts, malicious ASes exhibit agile routing behavior (e.g. short-lived routes, aggressive re-wiring). We evaluate ASwatch on known malicious ASes, and we compare its performance to a state of the art AS reputation system. \u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E \u003C\/p\u003E","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":"","field_summary_sentence":[{"value":"Understanding and Defending Against Internet Infrastructures Supporting Cybecrime Operations"}],"uid":"27707","created_gmt":"2015-11-11 14:37:31","changed_gmt":"2016-10-08 02:14:47","author":"Tatianna Richardson","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2015-11-13T13:00:00-05:00","event_time_end":"2015-11-13T15:00:00-05:00","event_time_end_last":"2015-11-13T15:00:00-05:00","gmt_time_start":"2015-11-13 18:00:00","gmt_time_end":"2015-11-13 20:00:00","gmt_time_end_last":"2015-11-13 20:00:00","rrule":null,"timezone":"America\/New_York"},"extras":[],"groups":[{"id":"221981","name":"Graduate Studies"}],"categories":[],"keywords":[{"id":"100811","name":"Phd Defense"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78771","name":"Public"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}