{"681929":{"#nid":"681929","#data":{"type":"event","title":"PhD Defense by Athanasios Avgetidis","body":[{"value":"\u003Cp\u003E\u003Cstrong\u003ETitle\u003C\/strong\u003E: \u003Cem\u003ETowards Understanding the Lifecycle of Malicious Network Infrastructure\u003C\/em\u003E\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EDate\u003C\/strong\u003E: Tuesday, May 6th, 2025\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ETime\u003C\/strong\u003E: 3:00 PM \u2013 5:00 PM ET\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ELocation\u003C\/strong\u003E: \u0026nbsp;3402 Conference Room Klaus \u0026amp; Zoom\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EZoom Link:\u0026nbsp;\u003C\/strong\u003E\u003Ca href=\u0022https:\/\/gatech.zoom.us\/j\/97713909669?pwd=DwZVSA0p8pc3rM2wzRubDJnQLyEOW1.1\u0022\u003Ehttps:\/\/gatech.zoom.us\/j\/97713909669?pwd=DwZVSA0p8pc3rM2wzRubDJnQLyEOW1.1\u003C\/a\u003E\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EAthanasios Avgetidis\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003EPh.D. CS Student\u003C\/p\u003E\u003Cp\u003ESchool of Cybersecurity and Privacy\u003C\/p\u003E\u003Cp\u003ECollege of Computing\u003C\/p\u003E\u003Cp\u003EGeorgia Institute of Technology\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ECommittee:\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003EDr. Manos Antonakakis (Advisor),\u0026nbsp;School of Electrical and Computer Engineering, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003EDr. Angelos D. Keromytis (Co-Advisor), School of Electrical and Computer Engineering, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003EDr. Fabian Monrose, School of Electrical and Computer Engineering, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003EDr. Roberto Perdisci, School of Computing, University of Georgia\u003C\/p\u003E\u003Cp\u003EDr. Alberto Dainotti, School of Computer Science, Georgia Institute of Technology\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EAbstract:\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cbr\u003ENetwork infrastructure is an important component of malicious cyber operations. Cyber adversaries utilize network infrastructure for command and control, data exfiltration, malware hosting, and social engineering among others. Over the years, while there have been several studies that have focused on detecting, blocking, and characterizing malicious infrastructure, the temporal dynamics of how this infrastructure changes over time and the characteristics of the stakeholders interacting with it have often been overlooked. This thesis shows that the temporal analysis of malicious infrastructure reveals network attributes that can characterize the stakeholders that interact with it. The systematic analysis of such network attributes can aid the accurate discovery of previously unreported malicious infrastructure and increase our awareness of the behaviors of the stakeholders that interact with it.\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EThis dissertation focuses on shedding light on the lifecycle and utilization of malicious infrastructure through the lens of DNS and HTTP network vantage points. In this thesis, I demonstrate that the network interactions of the stakeholders associated with malicious domain names are largely temporally dynamic and have implications in victim estimation analysis. Second, I characterize the HTTP interactions of malicious cyber actors with their infrastructure and quantify the importance of detection in the duration of their infrastructure utilization. Lastly, I demonstrate how the longitudinal characterization of malicious domain names of known cybercriminal actors, can reveal network attributes that can characterize different types of hosting infrastructure associated historically with them and enable the accurate discovery of three times more attacker-utilized IP addresses than those present on public threat reports.\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E","summary":"","format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp\u003ETowards Understanding the Lifecycle of Malicious Network Infrastructure\u003C\/p\u003E","format":"limited_html"}],"field_summary_sentence":[{"value":"Towards Understanding the Lifecycle of Malicious Network Infrastructure"}],"uid":"27707","created_gmt":"2025-04-22 12:51:16","changed_gmt":"2025-04-22 12:51:43","author":"Tatianna Richardson","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2025-05-06T15:00:00-04:00","event_time_end":"2025-05-06T17:00:00-04:00","event_time_end_last":"2025-05-06T17:00:00-04:00","gmt_time_start":"2025-05-06 19:00:00","gmt_time_end":"2025-05-06 21:00:00","gmt_time_end_last":"2025-05-06 21:00:00","rrule":null,"timezone":"America\/New_York"},"location":"3402 Conference Room Klaus \u0026 Zoom","extras":[],"groups":[{"id":"221981","name":"Graduate Studies"}],"categories":[],"keywords":[{"id":"100811","name":"Phd Defense"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78771","name":"Public"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}