Skip to main content

Distinguished Seminar:  Blackmarket-driven Interventions: From Research to Practice

Date:October 5, 2015 
Talk Title:Blackmarket-driven Interventions: From Research to Practice
Speaker:Kurt Thomas, Security & Abuse Researcher, Google
Time & Location:12:00pm - 1:00pm
DEC, CIC Building, Pittsburgh

Abstract

Internet crime has become increasingly dependent on the underground economy: a loose federation of specialists selling capabilities, services, and resources explicitly tailored to the abuse ecosystem. While migration to this marketplace streamlines for-profit scams, it also exposes participants to a range of new countermeasures that disrupt criminal supply chains. In this talk, we discuss how Google is translating blackmarket-driven research into a practical tool for fighting bulk account creation, fake engagement, cloaking, ad fraud, and unwanted software. We demonstrate how underground services yield a wealth of training data on emerging threats as well as serve as a canary for failures in Google's defenses. However, this approach is not without pitfalls: we highlight challenges in interacting with blackmarket segments, sanitizing polluted data, and ultimately measuring the impact of interventions. We argue that researchers and industry can leverage our techniques to make a drastic departure from focusing solely on protecting users and systems (tantamount to a fire fight) and instead disrupt cost-sensitive dependencies that pin up entire abuse verticals.

Speaker Bio

Kurt Thomas is a research scientist at Google specializing in security and abuse. He earned his Ph.D. in Computer Science from the University of California, Berkeley in 2014. His research involves large-scale measurement of the criminal underground and using infiltration as a tool for disrupting cybercrime.