A5037313918- Spam and Phishing Detection
- Cybercrime and Law Enforcement Studies
- Internet Traffic Analysis and Secure E-voting
- Advanced Malware Detection Techniques
- Crime, Illicit Activities, and Governance
- Network Security and Intrusion Detection
- Hate Speech and Cyberbullying Detection
- Social Media and Politics
- Sexuality, Behavior, and Technology
- Wireless Networks and Protocols
- User Authentication and Security Systems
- Privacy, Security, and Data Protection
- Gender, Feminism, and Media
- Blockchain Technology Applications and Security
- Vehicular Ad Hoc Networks (VANETs)
- Sex work and related issues
- Misinformation and Its Impacts
- Bullying, Victimization, and Aggression
- Advanced Steganography and Watermarking Techniques
- Privacy-Preserving Technologies in Data
- Opportunistic and Delay-Tolerant Networks
- Bluetooth and Wireless Communication Technologies
- Authorship Attribution and Profiling
- Veterinary Equine Medical Research
- Stock Market Forecasting Methods
New York University
2015-2024
Drexel University
2022
International Computer Science Institute
2015-2020
IMDEA Networks
2020
Universidad Carlos III de Madrid
2020
University of California, Davis
2020
University of Iowa
2020
Max Planck Institute for Software Systems
2017
University of California, Berkeley
2015-2017
Carnegie Mellon University
2017
Modern automobiles are no longer mere mechanical devices; they pervasively monitored and controlled by dozens of digital computers coordinated via internal vehicular networks. While this transformation has driven major advancements in efficiency safety, it also introduced a range new potential risks. In paper we experimentally evaluate these issues on modern automobile demonstrate the fragility underlying system structure. We that an attacker who is able to infiltrate virtually any...
Bitcoin is a purely online virtual currency, unbacked by either physical commodities or sovereign obligation; instead, it relies on combination of cryptographic protection and peer-to-peer protocol for witnessing settlements. Consequently, has the unintuitive property that while ownership money implicitly anonymous, its flow globally visible. In this paper we explore unique characteristic further, using heuristic clustering to group wallets based evidence shared authority, then...
Tor has become one of the most popular overlay networks for anonymizing TCP traffic. Its popularity is due in part to its perceived strong anonymity properties and relatively low latency service. Low achieved through Tor's ability balance traffic load by optimizing router selection probabilistically favor routers with high bandwidth capabilities.
Underground forums, where participants exchange information on abusive tactics and engage in the sale of illegal goods services, are a form online social network (OSN). However, unlike traditional OSNs such as Facebook, underground forums pattern communications does not simply encode pre-existing relationships, but instead captures dynamic trust relationships forged between mutually distrustful parties. In this paper, we empirically characterize six different --- BlackHatWorld, Carders,...
Bitcoin is a purely online virtual currency, unbacked by either physical commodities or sovereign obligation; instead, it relies on combination of cryptographic protection and peer-to-peer protocol for witnessing settlements. Consequently, has the unintuitive property that while ownership money implicitly anonymous, its flow globally visible. In this paper we explore unique characteristic further, using heuristic clustering to group wallets based evidence shared authority, then...
Ransomware is a type of malware that encrypts the files infected hosts and demands payment, often in crypto-currency like Bitcoin. In this paper, we create measurement framework use to perform large-scale, two-year, end-to-end ransomware payments, victims, operators. By combining an array data sources, including binaries, seed ransom victim telemetry from infections, large database bitcoin addresses annotated with their owners, sketch outlines burgeoning ecosystem associated third-party...
We investigate the emergence of exploit-as-a-service model for driveby browser compromise. In this regime, attackers pay an exploit kit or service to do "dirty work" exploiting a victim's browser, decoupling complexities and plugin vulnerabilities from challenges generating traffic website under attacker's control. Upon successful exploit, these kits load execute binary provided by attacker, effectively transferring control machine attacker.
Survivors of intimate partner violence increasingly report that abusers install spyware on devices to track their location, monitor communications, and cause emotional physical harm. To date there has been only cursory investigation into the used in such surveillance (IPS). We provide first in-depth study IPS ecosystem. design, implement, evaluate a measurement pipeline combines web app store crawling with machine learning find label apps are potentially dangerous contexts. Ultimately we...
Stylometry is a method for identifying anonymous authors of texts by analyzing their writing style. While stylometric methods have produced impressive results in previous experiments, we wanted to explore performance on challenging dataset particular interest the security research community. Analysis underground forums can provide key information about who controls given bot network or sells service, and size scope cybercrime underworld. Previous analyses been accomplished primarily through...
Today, web injection manifests in many forms, but fundamentally occurs when malicious and unwanted actors tamper directly with browser sessions for their own profit. In this work we illuminate the scope negative impact of one these ad injection, which users have ads imposed on them addition to, or different from, those that websites originally sent them. We develop a multi-staged pipeline identifies wild captures its distribution revenue chains. find has entrenched itself as cross-browser...
We argue that existing security, privacy, and antiabuse protections fail to address the growing threat of online hate harassment. In order for our community understand this gap, we propose a taxonomy reasoning about Our draws on over 150 interdisciplinary research papers cover disparate threats ranging from intimate partner violence coordinated mobs. process, identify seven classes attacks—such as toxic content surveillance—that each stem different attacker capabilities intents. also provide...
We present the design and evaluation of an 802.11-like wireless link layer protocol that obfuscates all transmitted bits to increase privacy. This includes explicit identifiers such as MAC addresses, contents management messages, other fields existing 802.11 relies on be sent in clear. By obscuring these fields, we greatly difficulty identifying or profiling users from their transmissions ways are otherwise straightforward. Our design, called SlyFi, is nearly efficient schemes WPA for...
Underground forums are widely used by criminals to buy and sell a host of stolen items, datasets, resources, criminal services. These contain important resources for understanding cybercrime. However, the number forums, their size, domain expertise required understand markets makes manual exploration these unscalable. In this work, we propose an automated, top-down approach analyzing underground forums. Our uses natural language processing machine learning automatically generate high-level...
At the current stratospheric value of Bitcoin, miners with access to significant computational horsepower are literally printing money.For example, first operator a USD $1,500 custom ASIC mining platform claims have recouped his investment in less than three weeks early February 2013, and bitcoin has more tripled since then.Not surprisingly, cybercriminals also been drawn this potentially lucrative endeavor, but instead leveraging resources available them: stolen CPU hours form botnets.We...