TY - GEN
T1 - Click trajectories
T2 - End-to-end analysis of the spam value chain
AU - Levchenko, Kirill
AU - Pitsillidis, Andreas
AU - Chachra, Neha
AU - Enright, Brandon
AU - Félegyházi, Márk
AU - Grier, Chris
AU - Halvorson, Tristan
AU - Kanich, Chris
AU - Kreibich, Christian
AU - Liu, He
AU - McCoy, Damon
AU - Weaver, Nicholas
AU - Paxson, Vern
AU - Voelker, Geoffrey M.
AU - Savage, Stefan
N1 - Copyright:
Copyright 2011 Elsevier B.V., All rights reserved.
PY - 2011
Y1 - 2011
N2 - Spam-based advertising is a business. While it has engendered both widespread antipathy and a multi-billion dollar anti-spam industry, it continues to exist because it fuels a profitable enterprise. We lack, however, a solid understanding of this enterprise's full structure, and thus most anti-spam interventions focus on only one facet of the overall spam value chain (e.g., spam filtering, URL blacklisting, site takedown). In this paper we present a holistic analysis that quantifies the full set of resources employed to monetize spam email - including naming, hosting, payment and fulfillment - using extensive measurements of three months of diverse spam data, broad crawling of naming and hosting infrastructures, and over 100 purchases from spam-advertised sites. We relate these resources to the organizations who administer them and then use this data to characterize the relative prospects for defensive interventions at each link in the spam value chain. In particular, we provide the first strong evidence of payment bottlenecks in the spam value chain; 95% of spam-advertised pharmaceutical, replica and software products are monetized using merchant services from just a handful of banks.
AB - Spam-based advertising is a business. While it has engendered both widespread antipathy and a multi-billion dollar anti-spam industry, it continues to exist because it fuels a profitable enterprise. We lack, however, a solid understanding of this enterprise's full structure, and thus most anti-spam interventions focus on only one facet of the overall spam value chain (e.g., spam filtering, URL blacklisting, site takedown). In this paper we present a holistic analysis that quantifies the full set of resources employed to monetize spam email - including naming, hosting, payment and fulfillment - using extensive measurements of three months of diverse spam data, broad crawling of naming and hosting infrastructures, and over 100 purchases from spam-advertised sites. We relate these resources to the organizations who administer them and then use this data to characterize the relative prospects for defensive interventions at each link in the spam value chain. In particular, we provide the first strong evidence of payment bottlenecks in the spam value chain; 95% of spam-advertised pharmaceutical, replica and software products are monetized using merchant services from just a handful of banks.
UR - http://www.scopus.com/inward/record.url?scp=80051960199&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=80051960199&partnerID=8YFLogxK
U2 - 10.1109/SP.2011.24
DO - 10.1109/SP.2011.24
M3 - Conference contribution
AN - SCOPUS:80051960199
SN - 9780769544021
T3 - Proceedings - IEEE Symposium on Security and Privacy
SP - 431
EP - 446
BT - Proceedings - 2011 IEEE Symposium on Security and Privacy, SP 2011
PB - Institute of Electrical and Electronics Engineers Inc.
ER -