No plan survives contact: Experience with cybercrime measurement

Chris Kanich, Neha Chachra, Damon McCoy, Chris Grier, David Y. Wang, Marti Motoyama, Kirill Levchenko, Stefan Savage, Geoffrey M. Voelker

    Research output: Contribution to conferencePaperpeer-review

    Abstract

    An important mode of empirical security research involves analyzing the behavior, capabilities, and motives of adversaries. By definition, such measurements cannot be conducted in controlled settings and require “engagement” directly with adversaries, their infrastructure or their ecosystem. However, the operational complexities required to successfully carry out such measurements are significant and rarely documented; blacklisting, payment instruments, fraud controls and contact management all represent real challenges in such studies. In this paper, we document our experiences conducting such measurements over five years (covering a range of distinct studies) and distill effective operational practices for others who might conduct similar experiments in the future.

    Original languageEnglish (US)
    StatePublished - 2011
    Event4th Workshop on Cyber Security Experimentation and Test, CSET 2011 - San Francisco, United States
    Duration: Aug 8 2011 → …

    Conference

    Conference4th Workshop on Cyber Security Experimentation and Test, CSET 2011
    Country/TerritoryUnited States
    CitySan Francisco
    Period8/8/11 → …

    ASJC Scopus subject areas

    • Computer Networks and Communications
    • Safety, Risk, Reliability and Quality

    Fingerprint

    Dive into the research topics of 'No plan survives contact: Experience with cybercrime measurement'. Together they form a unique fingerprint.

    Cite this