[an error occurred while processing this directive]
TRISC: 20 September 2005
Visualization and Data Sharing for Fighting Internet Crime
John S. Quarterman, InternetPerils, Inc.
Austin, 20 September 2005
Abstract
Phishing, Pharming, spam, 419 scams, and other online crime assualts
many of us at once, so we need to take collective action. We need
to reorganize how we share data about Internet activity. Mapping how
the affected nodes are connected to the Internet, and the applications,
criminal and otherwise, that are cast over it, can show aggregation such
as multiple phishing web servers hosted by the same hosting center or
domains that appear to be in one country but are actually in another.
Visualization of such arrays of compromised technology that drive
criminal
enterprise gives investigators (forensic and otherwise; corporate
and law enforcement) toolsets to grasp in human-friendly formats the
behavior of networks. In effect, criminal enterprise has forced us to
chase ecriminals into the network and learn how to map its topology,
however dynamic. Follow the ferrets to find out where the holes go.
The presentation includes background on the data repository work of the
501(c)6 Anti-Phishing Working Group (APWG) and cooperative projects
of its members, with specific visual examples of aggregation.
Last changed: $Date: 2006/06/23 01:24:14 $
