Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting

Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting

While we have a good understanding of how cyber crime is perpetrated and the profits of the attackers, the harm experienced by humans is less well understood, and reducing this harm should be the ultimate goal of any security intervention. This paper presents a strategy for quantifying the harm caus...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Khan, Mohammad Taha, Xiang Huo, Zhou Li, Kanich, Chris
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Accuracy
Browsers
Computer crime
cybercrime
economics
Internet
Malware
Measurement
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 150
container_issue
container_start_page 135
container_title
container_volume
creator Khan, Mohammad Taha
Xiang Huo
Zhou Li
Kanich, Chris
description While we have a good understanding of how cyber crime is perpetrated and the profits of the attackers, the harm experienced by humans is less well understood, and reducing this harm should be the ultimate goal of any security intervention. This paper presents a strategy for quantifying the harm caused by the cyber crime of typo squatting via the novel technique of intent inference. Intent inference allows us to define a new metric for quantifying harm to users, develop a new methodology for identifying typo squatting domain names, and quantify the harm caused by various typo squatting perpetrators. We find that typo squatting costs the typical user 1.3 seconds per typo squatting event over the alternative of receiving a browser error page, and legitimate sites lose approximately 5% of their mistyped traffic over the alternative of an unregistered typo. Although on average perpetrators increase the time it takes a user to find their intended site, many typo squatters actually improve the latency between a typo and its correction, calling into question the necessity of harsh penalties or legal intervention against this flavor of cyber crime.
doi_str_mv 10.1109/SP.2015.16
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_RIE</sourceid><recordid>TN_cdi_ieee_primary_7163023</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>7163023</ieee_id><sourcerecordid>7163023</sourcerecordid><originalsourceid>FETCH-LOGICAL-i274t-665bc37b9e17f8c786432929ab9a2c4eb6b5cbf8936951f1056fc98619085133</originalsourceid><addsrcrecordid>eNotj71OwzAURo0EEm1hYWXxCyT42okds6EoFKSKHzUbQ2Wb62JUkpI4EXl7IsH0TefofIRcAUsBmL7ZvqScQZ6CPCFLyKQSUmdanZIFsAISyQDOybLvPxnjTOhsQd6qEbuJbtG1zTst26GJ_S19HUwTg59Cs6fxA-kT7k0MI9LqJ2LXmEOIAXvaelpOFjvXhS-kYzC0no5t_z2YGGf0gpx5c-jx8n9XpL6v6vIh2TyvH8u7TRK4ymIiZW6dUFYjKF84VchMcM21sdpwl6GVNnfWF3o-k4MHlkvvdCFBsyIHIVbk-k8bEHF3nFtMN-0USMG4EL_XrFCv</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting</title><source>IEEE Electronic Library (IEL)</source><creator>Khan, Mohammad Taha ; Xiang Huo ; Zhou Li ; Kanich, Chris</creator><creatorcontrib>Khan, Mohammad Taha ; Xiang Huo ; Zhou Li ; Kanich, Chris</creatorcontrib><description>While we have a good understanding of how cyber crime is perpetrated and the profits of the attackers, the harm experienced by humans is less well understood, and reducing this harm should be the ultimate goal of any security intervention. This paper presents a strategy for quantifying the harm caused by the cyber crime of typo squatting via the novel technique of intent inference. Intent inference allows us to define a new metric for quantifying harm to users, develop a new methodology for identifying typo squatting domain names, and quantify the harm caused by various typo squatting perpetrators. We find that typo squatting costs the typical user 1.3 seconds per typo squatting event over the alternative of receiving a browser error page, and legitimate sites lose approximately 5% of their mistyped traffic over the alternative of an unregistered typo. Although on average perpetrators increase the time it takes a user to find their intended site, many typo squatters actually improve the latency between a typo and its correction, calling into question the necessity of harsh penalties or legal intervention against this flavor of cyber crime.</description><identifier>ISSN: 1081-6011</identifier><identifier>EISBN: 1467369497</identifier><identifier>EISBN: 9781467369497</identifier><identifier>DOI: 10.1109/SP.2015.16</identifier><identifier>CODEN: IEEPAD</identifier><language>eng</language><publisher>IEEE</publisher><subject>Accuracy ; Browsers ; Computer crime ; cybercrime ; economics ; Internet ; Malware ; Measurement</subject><ispartof>2015 IEEE Symposium on Security and Privacy, 2015, p.135-150</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/7163023$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,792,23909,23910,25118,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/7163023$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Khan, Mohammad Taha</creatorcontrib><creatorcontrib>Xiang Huo</creatorcontrib><creatorcontrib>Zhou Li</creatorcontrib><creatorcontrib>Kanich, Chris</creatorcontrib><title>Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting</title><title>2015 IEEE Symposium on Security and Privacy</title><addtitle>SP</addtitle><description>While we have a good understanding of how cyber crime is perpetrated and the profits of the attackers, the harm experienced by humans is less well understood, and reducing this harm should be the ultimate goal of any security intervention. This paper presents a strategy for quantifying the harm caused by the cyber crime of typo squatting via the novel technique of intent inference. Intent inference allows us to define a new metric for quantifying harm to users, develop a new methodology for identifying typo squatting domain names, and quantify the harm caused by various typo squatting perpetrators. We find that typo squatting costs the typical user 1.3 seconds per typo squatting event over the alternative of receiving a browser error page, and legitimate sites lose approximately 5% of their mistyped traffic over the alternative of an unregistered typo. Although on average perpetrators increase the time it takes a user to find their intended site, many typo squatters actually improve the latency between a typo and its correction, calling into question the necessity of harsh penalties or legal intervention against this flavor of cyber crime.</description><subject>Accuracy</subject><subject>Browsers</subject><subject>Computer crime</subject><subject>cybercrime</subject><subject>economics</subject><subject>Internet</subject><subject>Malware</subject><subject>Measurement</subject><issn>1081-6011</issn><isbn>1467369497</isbn><isbn>9781467369497</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2015</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotj71OwzAURo0EEm1hYWXxCyT42okds6EoFKSKHzUbQ2Wb62JUkpI4EXl7IsH0TefofIRcAUsBmL7ZvqScQZ6CPCFLyKQSUmdanZIFsAISyQDOybLvPxnjTOhsQd6qEbuJbtG1zTst26GJ_S19HUwTg59Cs6fxA-kT7k0MI9LqJ2LXmEOIAXvaelpOFjvXhS-kYzC0no5t_z2YGGf0gpx5c-jx8n9XpL6v6vIh2TyvH8u7TRK4ymIiZW6dUFYjKF84VchMcM21sdpwl6GVNnfWF3o-k4MHlkvvdCFBsyIHIVbk-k8bEHF3nFtMN-0USMG4EL_XrFCv</recordid><startdate>20150501</startdate><enddate>20150501</enddate><creator>Khan, Mohammad Taha</creator><creator>Xiang Huo</creator><creator>Zhou Li</creator><creator>Kanich, Chris</creator><general>IEEE</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope></search><sort><creationdate>20150501</creationdate><title>Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting</title><author>Khan, Mohammad Taha ; Xiang Huo ; Zhou Li ; Kanich, Chris</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i274t-665bc37b9e17f8c786432929ab9a2c4eb6b5cbf8936951f1056fc98619085133</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2015</creationdate><topic>Accuracy</topic><topic>Browsers</topic><topic>Computer crime</topic><topic>cybercrime</topic><topic>economics</topic><topic>Internet</topic><topic>Malware</topic><topic>Measurement</topic><toplevel>online_resources</toplevel><creatorcontrib>Khan, Mohammad Taha</creatorcontrib><creatorcontrib>Xiang Huo</creatorcontrib><creatorcontrib>Zhou Li</creatorcontrib><creatorcontrib>Kanich, Chris</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Khan, Mohammad Taha</au><au>Xiang Huo</au><au>Zhou Li</au><au>Kanich, Chris</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting</atitle><btitle>2015 IEEE Symposium on Security and Privacy</btitle><stitle>SP</stitle><date>2015-05-01</date><risdate>2015</risdate><spage>135</spage><epage>150</epage><pages>135-150</pages><issn>1081-6011</issn><eisbn>1467369497</eisbn><eisbn>9781467369497</eisbn><coden>IEEPAD</coden><abstract>While we have a good understanding of how cyber crime is perpetrated and the profits of the attackers, the harm experienced by humans is less well understood, and reducing this harm should be the ultimate goal of any security intervention. This paper presents a strategy for quantifying the harm caused by the cyber crime of typo squatting via the novel technique of intent inference. Intent inference allows us to define a new metric for quantifying harm to users, develop a new methodology for identifying typo squatting domain names, and quantify the harm caused by various typo squatting perpetrators. We find that typo squatting costs the typical user 1.3 seconds per typo squatting event over the alternative of receiving a browser error page, and legitimate sites lose approximately 5% of their mistyped traffic over the alternative of an unregistered typo. Although on average perpetrators increase the time it takes a user to find their intended site, many typo squatters actually improve the latency between a typo and its correction, calling into question the necessity of harsh penalties or legal intervention against this flavor of cyber crime.</abstract><pub>IEEE</pub><doi>10.1109/SP.2015.16</doi><tpages>16</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1081-6011
ispartof 2015 IEEE Symposium on Security and Privacy, 2015, p.135-150
issn 1081-6011
language eng
recordid cdi_ieee_primary_7163023
source IEEE Electronic Library (IEL)
subjects Accuracy
Browsers
Computer crime
cybercrime
economics
Internet
Malware
Measurement
title Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-14T09%3A49%3A11IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Every%20Second%20Counts:%20Quantifying%20the%20Negative%20Externalities%20of%20Cybercrime%20via%20Typosquatting&rft.btitle=2015%20IEEE%20Symposium%20on%20Security%20and%20Privacy&rft.au=Khan,%20Mohammad%20Taha&rft.date=2015-05-01&rft.spage=135&rft.epage=150&rft.pages=135-150&rft.issn=1081-6011&rft.coden=IEEPAD&rft_id=info:doi/10.1109/SP.2015.16&rft_dat=%3Cieee_RIE%3E7163023%3C/ieee_RIE%3E%3Curl%3E%3C/url%3E&rft.eisbn=1467369497&rft.eisbn_list=9781467369497&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=7163023&rfr_iscdi=true