s rsrt Case study: information sharing - PowerPoint PPT Presentation

Jun 08, 2023 •773 likes •913 views

s rsrt Case study: information sharing in incident response Tyler Moore Phishing attacks Challenges of information sharing To combat phishing attacks, defenders take down the

❊❝♦♥♦♠✐❝s ♦❢ ❈②❜❡rs❡❝✉r✐t② Case study: information sharing in incident response Tyler Moore
Phishing attacks
Challenges of information sharing ◮ To combat phishing attacks, defenders “take down” the hacked website hosting the impersonating content ◮ Interested parties must find the offending content and request its removal ◮ Sharing timely incident information is often hard to do well
Lack of coordination among defenders
Non-cooperation in the fight against phishing
Mule-recruitment websites
Mule-recruitment websites
Mule-recruitment websites
Misaligned incentives in combating cybercrime ◮ Incentive on the party requesting content removal matters most ◮ Banks are highly motivated to remove phishing websites ◮ Banks’ incentives remain imperfect: they only remove websites directly impersonating their brand, while overlooking mule-recruitment websites ◮ Scams without a clear champion often operate with impunity
Identifying intervention points ◮ For many forms of intervention, from self-regulation to intermediary liability, finding a suitable intervention point is key ◮ Look for (1) concentrations of badness passing through and (2) an ability to intervene ◮ Lots of natural intervention points in fight against cybercrime, such as ISPs, web hosting providers
Benchmarking to correct information asymmetries ◮ ISP abuse teams help remediate infected customers ensnared in botnets ◮ Some do a better job at dealing with abuse reports than others ◮ Without knowledge of comparative performance, there can be little incentive to improve
Benchmarking to correct information asymmetries ◮ Van Eeten et al. independently tracked infection rates at all major Dutch ISPs ◮ Dutch government requested they not make the results public, but share them only with the group of ISPs, and hide company information ◮ Two ISPs trailed the rest by a wide margin ◮ Equipped with this information, the security teams got management to invest more and they quickly improved
Thank you for your attention! Please post any questions you may have on our discussion forum.

Download Presentation

Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Physics 2D Lecture Slides Oct 6 Vivek Sharma UCSD Physics New Rules of Coordinate

Physics 2D Lecture Slides Oct 6 Vivek Sharma UCSD Physics New Rules of Coordinate Transformation Needed The Galilean/Newtonian rules of transformation could not handles frames of refs or objects traveling fast V C (like v = 0.1 c

496 views • 21 slides

Muli oder Esel? Einfhrung in den Java-ESB Mule Peter Boxberg DEVK Versicherungen Mule and Web

Muli oder Esel? Einfhrung in den Java-ESB Mule Peter Boxberg DEVK Versicherungen Mule and Web Services Dan Diephouse, MuleSource About Me Open Source: Mule, CXF/XFire, Abdera, Apache-* Exploring how to make building distributed

433 views • 39 slides

Setting Up the Rules Acts of Parliament, 1763-1783. First printings. London: by the Crown

Setting Up the Rules Acts of Parliament, 1763-1783. First printings. London: by the Crown Printer,1763-83 http://www.theworldsgreatbooks.com/parliament.htm J. Parman (College of William & Mary) Regulation of Markets, Spring 2017 January 18,

580 views • 26 slides

Anticipating Our Housing Recovery May 13, 2020 All participants are in listen-only mode

As Nevada lays out its "Roadmap to Recovery", how does that look for our Housing Recovery? What can we learn from the Great Recession? What are some of our Nevada stakeholders observing now and anticipating as their biggest challenges?

644 views • 31 slides

From Zygote to Morula: For0fying Weakened ASLR on Android

From Zygote to Morula: For0fying Weakened ASLR on Android Byoungyoung Lee Long Lu Tielei Wang Taesoo Kim Wenke Lee Georgia Tech,

635 views • 30 slides

Outline Requirements Current programs ABCS, FCS, LVC-IA SIMCI Technical

Interoperability Problems Caused by Transitioning to a Service Oriented Environment Chris Black, Dick Brown, Stan Levine, Bill Sudnikovich Simulation to C4I Interoperability (SIMCI) Paper 24 AFCEA-George Mason University Symposium

402 views • 8 slides

Annual Meeting - May 26, 2016 Call to Order Welcome and Introductions Welcome and Introductions

Annual Meeting - May 26, 2016 Call to Order Welcome and Introductions Welcome and Introductions Guests: Melinda Burke, UA Interim SVP , University Relations M Michael Finnegan, ASUA President-Elect Allison Vaillancourt, UA Vice

860 views • 57 slides

The Patcher Case Peter Kruse (pkr@csis.dk), Head of CSIS eCrime and Research &

eCrime unit The Patcher Case Peter Kruse (pkr@csis.dk), Head of CSIS eCrime and Research & Intelligence Unit PGP-ID: 0x715FB4BD eCrime unit Agenda Patcher What is Patcher? Patcher naming? Man in The Browser functions

290 views • 25 slides

GPU Panel for High-Throughput Compu7ng Jimmy Lin University

GPU Panel for High-Throughput Compu7ng Jimmy Lin University of Maryland Dis7nguished Panelists Raju Namburu (Army Research Laboratory) George Stantchev

275 views • 8 slides

Embedding and Data Augmentation yanweifu@fudan.edu.cn

One-shot Learning in Semantic Embedding and Data Augmentation yanweifu@fudan.edu.cn http://yanweifu.github.io One-shot Learning: learning object categories from just a few images, by incorporating

724 views • 61 slides

Supersymmetry searches in ATLAS and CMS in hadronic final

Supersymmetry searches in ATLAS and CMS in hadronic final states Sascha Caron (Nikhef and Radboud University Nijmegen) This presentaDon Searches

432 views • 41 slides

Early Twentieth-Century Fiction e20fic14.blogs.rutgers.edu Prof. Andrew Goldstone

Early Twentieth-Century Fiction e20fic14.blogs.rutgers.edu Prof. Andrew Goldstone (andrew.goldstone@rutgers.edu) (Murray 019, Mondays 2:304:30) CA: Evan Dresman (evan.dresman@rutgers.edu) (36 Union St. 217, Wednesdays 12:002:00) November

422 views • 16 slides

Zeus Financial Malware Samaneh Tajalizadehkhoob Hadi Asghari Carlos Gan Michel van Eeten

Why Them? Extracting Intelligence about Target Selection from Zeus Financial Malware Samaneh Tajalizadehkhoob Hadi Asghari Carlos Gan Michel van Eeten Economics of Cybersecurity Group, Delft University of Technology Outline 1. Problem

679 views • 31 slides

EHEALTH COMMISSION MEETING APRIL 11, 2018 APRIL AGENDA Call to Order 12:00 Roll Call and

EHEALTH COMMISSION MEETING APRIL 11, 2018 APRIL AGENDA Call to Order 12:00 Roll Call and Introductions, Approval of February and March minutes, and April Agenda and Objectives Announcements 12:05 OeHI Updates State Agency, Community

324 views • 17 slides

Basic Structure of a Cell ppt viewing questions part 1 slides 1-26 Review List the main

Basic Structure of a Cell ppt viewing questions part 1 slides 1-26 Review List the main characteristics of living things . Write the levels of organization (living & nonliving) in order beginning with the atom. History & the Cell Theory

595 views • 3 slides

HIVE: Fault Containment for Shared-Memory Multiprocessors J. Chapin, M. Rosenblum, S. Devine, T.

HIVE: Fault Containment for Shared-Memory Multiprocessors J. Chapin, M. Rosenblum, S. Devine, T. Lahiri, D. Teodosiu, A. Gupta CSE 598C Presented by: Sandra Rueda The Problem O.S. for managing FLASH architecture (large shared-memory

464 views • 22 slides

Lindenmayer Systems, Coalgebraically Baltasar Trancn y Widemann 1 Joost Winter 2 1 University

Introduction Principles Extensions Outlook Lindenmayer Systems, Coalgebraically Baltasar Trancn y Widemann 1 Joost Winter 2 1 University of Bayreuth, DE 2 CWI, Amsterdam, NL 11th CMCS, Tallinn, Estonia 2012-03-31 / -04-01 Trancn y

606 views • 38 slides

Symbolic computation to determine parameter regions for multistaionarity in models of the MAPK

Introduction Results Symbolic computation to determine parameter regions for multistaionarity in models of the MAPK network Matthew England - Coventry University Joint work with: R. Bradford, J.H. Davenport, H. Errami, V. Gerdt, D. Grigoriev,

827 views • 44 slides

Challenges and Opportunities: Cellular Cryo-ET 10 -9 m 10 -3 10 -5 10 -6 Julia Mahamid

Challenges and Opportunities: Cellular Cryo-ET 10 -9 m 10 -3 10 -5 10 -6 Julia Mahamid Department of Molecular Structural Biology, MPI of Biochemistry, Martinsried Starting July 2017: Structural & Computational Biology, EMBL, Heidelberg

854 views • 29 slides

COMPLEX SYSTEMS, LIFE, & their ORIGIN PCES 5.61 The t true c comple lexity of real l

COMPLEX SYSTEMS, LIFE, & their ORIGIN PCES 5.61 The t true c comple lexity of real l solid lids and liq liquids is is frig ightening t g to contempla late. T They do NOT lo look lik like s sim imple le models o of crystals

473 views • 13 slides

Biology - the study of all living things Properties of Living Organisms 1. Cellular structure

2/18/2013 Biology - the study of all living things Properties of Living Organisms 1. Cellular structure and function Themes in Biology cell: basic unit of structure and function of organisms, capable of all life functions - covered by

661 views • 4 slides

1 For the last decade and a half, I have had the pleasure of being able to work with Hal Poe

Good morning. [CLICK] 1 For the last decade and a half, I have had the pleasure of being able to work with Hal Poe [CLICK], Colson Professor of Faith and Culture at Union and a member of the ASA Executive Council. [CLICK] This presentation is an

526 views • 28 slides

The Genesis Flood: A Tectonic Cataclysm John Baumgardner Research Professor Emeritus Liberty

The Genesis Flood: A Tectonic Cataclysm John Baumgardner Research Professor Emeritus Liberty University Why do most educated people today regard the Flood merely as a nave myth instead of as an actual part of earth history? The Flood was

886 views • 71 slides

Induced Pluripotent Stem Cells Clinical Assessment Genetic Testing Genotype Phenotype Studies

9/8/2012 Familial Arrhythmogenic Syndromes Modeling of Inherited Arrhythmogenic Abnormal cell-to cell contacts Syndromes with Human Induced Pluripotent (desmosomes): Arrhythmogenic Stem Cells Right Ventricular Dysplasia (ARVD) Abnormal

473 views • 12 slides