2015 IEEE Symposium on Security and Privacy 2015
DOI: 10.1109/sp.2015.16
|View full text |Cite
|
Sign up to set email alerts
|

Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting

Mohammad Taha Khan
1
,
Xiang Huo
2
,
Zhou Li
3
et al.

Abstract: While we have a good understanding of how cybercrime is perpetrated and the profits of the attackers, the harm experienced by humans is less well understood, and reducing this harm should be the ultimate goal of any security intervention. This paper presents a strategy for quantifying the harm caused by the cybercrime of typosquatting via the novel technique of intent inference. Intent inference allows us to define a new metric for quantifying harm to users, develop a new methodology for identifying typosquatt… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
19
0

Year Published

2016
2016
2024
2024

Publication Types

Select...
5
4
1

Relationship

0
10

Authors

Journals

citations
Cited by 42 publications
(19 citation statements)
references
References 17 publications
0
19
0
Order By: Relevance
“…Typosquatting and mobile phishing. Similar to our squatting attacks, Edelman is the first investigated domain typosquatting [17] and inspired a line of research [41,28,10,33] towards measuring and mitigating such a threat. However, our work exploited the noisy voice channel and limitation of voice recognition techniques.…”
Section: Related Workmentioning
confidence: 99%

Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems

Zhang
1
,
Mi
2
,
Feng
3
et al. 2019
2019 IEEE Symposium on Security and Privacy (SP)
148
2
160
0
View full textAdd to dashboardCite
show abstract
“…Typosquatting and mobile phishing. Similar to our squatting attacks, Edelman is the first investigated domain typosquatting [17] and inspired a line of research [41,28,10,33] towards measuring and mitigating such a threat. However, our work exploited the noisy voice channel and limitation of voice recognition techniques.…”
Section: Related Workmentioning
confidence: 99%

Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems

Zhang
1
,
Mi
2
,
Feng
3
et al. 2019
2019 IEEE Symposium on Security and Privacy (SP)
148
2
160
0
View full textAdd to dashboardCite
show abstract
“…Furthermore, exploiting integrity errors, it can be mitigated easily via hardware and software, e.g., by adopting DNSSEC and leveraging its integrity guarantees. Similar to our technique, typo squatting can be used to lure clients on malicious websites [64][65][66]. It remains important to note that in a typo-squatting attack, the attacker needs to register a new domain and hope that users visit that domain.…”
Section: A Dns Securitymentioning
confidence: 99%

GUTI Reallocation Demystified: Cellular Location Tracking with Changing Temporary Identifier

Hong
1
,
Bae
2
,
Kim
3
2018
Proceedings 2018 Network and Distributed System Security Symposium
56
1
49
0
View full textAdd to dashboardCite
“…In fact, Vissers et al, while researching the types of ads that users who land on parked websites are exposed to, discovered two pages which fit our definition of a technical support scam [16]. To find a sufficient number of parked domains that our crawlers can visit, we take advantage of the fact that prior research has shown that domain parking is the favorite monetization method of domain squatters [17]- [22]. Therefore, as long as we visit typosquatting variants of popular domain names, such as twwitter.com (note the duplication of the ''w'' character), the majority of our visits will end up on domain parking companies which will redirect a fraction of these visits to technical support scams.…”
Section: A Source Of Technical Support Scam Pagesmentioning
confidence: 99%

Dial One for Scam: A Large-Scale Analysis of Technical Support Scams

Miramirkhani1,
Starov2,
Nikiforakis3
2017
Proceedings 2017 Network and Distributed System Security Symposium
61
0
69
2
View full textAdd to dashboardCite
show abstract
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.