A Large-Scale Study of Phishing PDF Documents

Phishing PDFs are malicious PDF documents that do not embed malware but trick victims into visiting malicious web pages leading to password theft or drive-by downloads. While recent reports indicate a surge of phishing PDFs, prior works have largely neglected this new threat, positioning phishing PDFs as accessories distributed via email phishing campaigns. This paper challenges this belief and presents the first systematic and comprehensive study centered on phishing PDFs. Starting from a real-world dataset, we first identify 44 phishing PDF campaigns via clustering and characterize them by looking at their volumetric, temporal, and visual features. Among these, we identify three large campaigns covering 89% of the dataset, exhibiting significantly different volumetric and temporal properties compared to classical email phishing, and relying on web UI elements as visual baits. Finally, we look at the distribution vectors and show that phishing PDFs are not only distributed via attachments but also via SEO attacks, placing phishing PDFs outside the email distribution ecosystem. This paper also assesses the usefulness of the VirusTotal scoring system, showing that phishing PDFs are ranked considerably low, creating a blind spot for organizations. While URL blocklists can help to prevent victims from visiting the attack web pages, PDF documents seem not subjected to any form of content-based filtering or detection

From Attachments to SEO: Click Here to Learn More about Clickbait PDFs!

Clickbait PDFs are PDF documents that do not embed malware but trick victims into visiting malicious web pages leading to attacks like password theft or drive-by download. While recent reports indicate a surge of clickbait PDFs, prior works have largely neglected this new threat, considering PDFs only as accessories of email phishing campaigns. This paper investigates the landscape of clickbait PDFs and presents the first systematic and comprehensive study of this phenomenon. Starting from a real-world dataset, we identify 44 clickbait PDF clusters via clustering and characterize them by looking at their volumetric, temporal, and visual features. Among these, we identify three large clusters covering 89% of the dataset, exhibiting significantly different volumetric and temporal properties compared to classical email phishing, and relying on web UI elements as visual baits. Finally, we look at the distribution vectors and show that clickbait PDFs are not only distributed via attachments but also via Search Engine Optimization attacks, placing clickbait PDFs outside the email distribution ecosystem. Clickbait PDFs seem to be a lurking threat, not subjected to any form of content-based filtering or detection: AV scoring systems, like VirusTotal, rank them considerably low, creating a blind spot for organizations. While URL blocklists can help to prevent victims from visiting the attack web pages, we observe that they have a limited coverage

Combined cloud:a mixture of voluntary cloud and reserved instance marketplace

Voluntary cloud is a new paradigm of cloud computing.It provides an alternative selection along with some well-provisioned clouds.However,for the uncertain time span that participants share their computing resources in voluntary cloud,there are some challenging issues,i.e.,fluctuation,under-capacity and low-benefit.In this paper,an architecture is first proposed based on Bittorrent protocol.In this architecture,resources could be reserved or requested from Reserved Instance Marketplace and could be accessed with a lower price in a short circle.Actually,these resources could replenish the inadequate resource pool and relieve the fluctuation and under-capacity issue in voluntary cloud.Then,the fault rate of each node is used to evaluate the uncertainty of its sharing time.By leveraging a linear prediction model,it is enabled by a distribution function which is used for evaluating the computing capacity of the system.Moreover,the cost optimization problem is investigated and a computational method is presented to solve the low-benefit issue in voluntary cloud.At last,the system performance is validated by two sets of simulations.And the experimental results show the effectiveness of our computational method for resource reservation optimization

A Nearly Four-Year Longitudinal Study of Search-Engine Poisoning

We investigate the evolution of search-engine poisoning using data on over 5 million search results collected over nearly 4 years. We build on prior work investigating search-redirection attacks, where criminals compromise high-ranking websites and direct search traf-fic to the websites of paying customers, such as unlicensed phar-macies who lack access to traditional search-based advertisements. We overcome several obstacles to longitudinal studies by amalga-mating different resources and adapting our measurement infras-tructure to changes brought by adaptations by both legitimate op-erators and attackers. Our goal is to empirically characterize how strategies for carrying out and combating search poisoning have evolved over a relatively long time period. We investigate how the composition of search results themselves has changed. For in-stance, we find that search-redirection attacks have steadily grown to take over a larger share of results (rising from around 30 % in late 2010 to a peak of nearly 60 % in late 2012), despite efforts by search engines and browsers to combat their effectiveness. We also study the efforts of hosts to remedy search-redirection attacks. We find that the median time to clean up source infections has fallen from around 30 days in 2010 to around 15 days by late 2013, yet the number of distinct infections has increased considerably over the same period. Finally, we show that the concentration of traffic to the most successful brokers has persisted over time. Further, these brokers have been mostly hosted on a few autonomous systems, which indicates a possible intervention strategy. Categories and Subject Descriptors K.4.1 [Public Policy Issues]: Abuse and crime involving comput-er

E-COMMERCE

Preface ................................................ 7 Introduction ........................................... Chapter 1. KNOWLEDGE MANAGEMENT PECULIARITIES IN E- 9 BUSINESS: ACTUALITY AND TENDENCIES ......... 12 Introduction............................................ 1.1. The importance of knowledge management to increase the 12 efficiency of the organisations activity in e-business ...... 15 1.2. Employee competency integrated assessment in e-business 1.2.1.Theoretical evaluation aspects of factors affecting em- 19 ployee competency .......................................... 1.2.2. The identification of the factors affecting the employee 21 competency ................................................ 1.2.3. Concept complex competency assessment model of e- 26 business organisation ........................................ 1.3. Analysis of factors motivating human resources in e-busi- 33 ness .................................................. 1.3.1. Theoretical evaluation aspects of factors affecting human 34 resources motivation ........................................ 1.3.2. Analysis of factors that influence the motivation of human 36 resources .................................................. 1.4. Evaluation system of factors affecting creativity in e-busi- 37 ness .................................................. 1.4.1. Theoretical evaluation aspects of factors affecting creativ- 41 ity ......................................................... 1.4.2. Identification of factors affecting creativity. Partial inte- 42 grated criterion (third stage) ................................ 48 1.4.3. Evaluation system of factors affecting creativity ........ 49 1.5. Knowledge appliance process in e-business organisation .. 1.5.1. The factors proceeding efficiency of knowledge appliance 53 process in e-business ........................................ 1.5.2. The selection of the method to evaluate efficiency of know- 56 ledge appliance process in e-business ......................... 59 Conclusions ........................................... 60 Self test questions ..................................... 63 References ............................................ Chapter 2. CONTENT MANAGEMENT IN VIRTUAL ORGANIZA 64 TIONS ............................................... 70 5 Table of Contents Introduction ........................................... 2.1. A systematical approach to automate content management 70 in a vitual ogranization ................................. 71 2.2. The concept of the content. Content Management ..... 73 2.3. The life cycle of the document ......................... 74 2.4. Document management in a virtual organization ........ 76 2.5. Content capture technology ............................ 77 2.6. Cloud technologies in business processes CMS .......... 83 Conclusion ............................................. 85 References ............................................ 86 Chapter 3. MARKETING COMMUNICATION IN DIGITAL AGE ... 87 Introduction ........................................... 87 3.1. The growing potential of the market ................... 88 3.2. Previous studies in e-business and e-marketing areas .... 91 3.3. The specifics of Internet marketing in B2B communication 92 3.4. E-marketing tools ..................................... 94 3.5. Social networks in marketing ........................... 98 6 3.6. Effectiveness evaluation theories ........................ 100 3.7. Website quality and efficiency evaluation ................ 101 3.8. Cases: resent research results .......................... 106 3.8.1. Online advertisements efficiency research .............. 106 3.8.2. Evaluation of Lithuanian e-shops ...................... 109 Conclusions ........................................... 110 Self test questions ..................................... 111 References ............................................ 111 Chapter 4. IMPROVING THE EFFICIENCY OF E-COMMERCE .. 116 Introduction ........................................... 116 4.1. Scientific research. E-commerce as the Internet technology 116 4.2. Promotion of e-business ............................... 120 4.3. A set of basic tools for e-business ...................... 121 4.4. Security in e-commerce ................................ 124 Conclusion ............................................ 133 Self-examination questions ............................. 133 References ............................................ 134 Chapter 5. ELECTRONIC PAYMENT SYSTEMS.................. 135 Introduction............................................ 135 5.1. The concept of electronic payments.National payment system in Russia ....................................... 136 5.2. Electronic payment systems based on «Client-Bank» and online banking ......................................... 143 5.3. Electronic payments via bank cards ..................... 151 Table of Contents 5 5.4. Electronic payments via digital cash .................... 160 5.5. Internet payment system based on virtual accounts ...... 164 Conclusion ............................................ 166 Self-examination questions ............................. 166 References ............................................ 167 Chapter 6. MANAGEMENT OF THE VIRTUAL ENTERPRISE .... 168 6.1. Virtual enterprise, electronic business, electronic commerce, model of management, manager .................... 168 6.2. Manager .............................................. 174 6.3. Channel ............................................... 175 6.4. Information environment. Knowledge ................... 175 6.5. Problem field .......................................... 176 Self-examination questions ............................. 178 References ............................................ 178 Chapter 7. INTERNET MARKETING ............................ 180 Introduction ........................................... 180 7.1. The concept and structure of the Internet Marketing .... 180 7.2. Market research on the Internet ........................ 182 7.3. Internet advertizing .................................... 187 7.3.1. The concept of Internet advertising .................... 187 7.3.2. Announcement of the search engines and search engine optimization. The concept and purpose of search engine optimization ................................................... 189 7.3.3. Search Engine Advertising ............................ 209 7.3.4. Participation in the rankings and registration in catalogs 215 7.3.5. Banner advertising ................................... 219 7.3.6. Link Exchange ....................................... 236 7.3.7. Profiling and personalization in online advertising........ 239 7.3.8. E-mail-advertising. Basic concepts and advantages e-mailadvertising ................................................. 242 7.3.9. Discussion lists ....................................... 248 7.3.10. Virus marketing. Concept and principles of virus marketing ........................................................ 251 7.3.11. Other methods of advertizing ........................ 258 7.3.12. Analysis of efficiency of Internet advertizing ........... 259 7.3.13. Methods of the collection of information, used for the analysis .................................................... 263 7.4. Marketing in social networks and blogs ................. 282 7.5. Partner programs ...................................... 287 7.6. The problem of return visitors and create a captive audience 292 7.6.1. Statement of the problem of creating a virtual community 292 7.6.2. Methods for creating a virtual community .............. 294 9 Table of Contents 7.7. Off-line support for online projects ...................... 297 Self-examination questions.............................. 298 References ............................................ 299 Chapter 8. REACHING SUSTAINABLE DEVELOPMENT GOALS THROUGH E-GOVERNMENT IN THE POST-2015 AGENDA ............................................. 301 Introduction ........................................... 310 8.1. E-government: definition, functions and stages .......... 302 8.2. E-government: global tendencies ....................... 304 8.3. Formation and development of e-government in Uzbekistan 308 Self-examination questions ............................. 314 References ............................................ 314The development of the universities’ ability to quickly respond to new demands of the labor market and to adapt, update, develop and introduce new areas of study to ensure demand for the graduates provides the participation in the international projects of the European program improving higher education «TEMPUS». The project TEMPUS — ECOMMIS («double-level training programs of e-commerce developing the information society in Russia, Ukraine and Israel») was launched in October 2011, and belongs to a class of joint projects to develop new courses and courses for bachelor’s and master’s degrees. The project consortium involves 12 universities from Germany, the Netherlands, Lithuania, Israel, Russia and Ukraine. The main objective of the project is to develop and implement new academic courses and areas of study, taking into account the current status and trends of economic development and the specific requirements of the labor market on the basis of cooperation between universities in different countries. The main feature and complexity of the project academic content of is that e-commerce as an academic concept is absolute new and it appeared just only in the last decade. It is a new interdisciplinary field of knowledge, which is located at the intersection of economics and computer science and it is not covered by the classical training courses in economics and computer science technology. The aspects of national and international law in connection with the growth of international trade, economic cooperation and the development of new Internet based technologies should be taken into account. For the project’s period of three years on the basis of international cooperation the following results were obtained: 11 Preface 1) The analysis and modernization of existing curricula in the field of e-commerce were carried out; 2) new training modules with the introduction of the European creditmodular system of accumulation and transfer transcripts units ( ECTS ) were developed; new modules and courses: e-commerce, electronic payment systems; Internet trading in the financial markets and the stockmarket systems; Information systems for financial analysis and investment; Information systems for business process modeling; corporate information systems and portals; Customer-oriented systems; Internet Marketing; electronic systems for document management; legal aspects of e-commerce; advanced course security for e-commerce were introduced; 3) two international online games to enhance practical skills in the field with online marketing and online trading were developed and conducted among university students; 4) skills training courses e-commerce for various social groups (students, housewives, pensioners, unemployed) were developed and tested; 5) business offices, e-commerce were established to strengthen cooperation between the universities in the labor market and to create the conditions of commercialization of the project results after the end of financial support from the TEMPUS Program. 6) textbooks on the topic of the project were developed and published. In May — July 2013. 62 teachers targeted universities in Israel, Russia and Ukraine received intensive training in the field of e-commerce in three European universities: FONTYS (NL), TU Berlin (DE), VGTU ( LT ). From October 2013 in target universities of Israel, Russia and Ukraine students’ training began on the courses developed in the framework of the new training courses and modules with using computer classes, equipped in accordance with the project plan with new hardware and software tools. The final stage of the project was intended to develop a five-year detailed plan for sustainable development of the results. Such plan that includes coordinated action to disseminate best practices, development of new joint courses for graduate and post-graduate students, scientificmethodical conferences, joint publications will support the further dynamics of the activities involved universities. Joint work on the implementation of the project ECOMMIS led to the emergence of sustainable professional relationships between organizations in the consortium as the training of new qualified professionals, as well as in the field of scientific and methodological developments. This is confirmed by the present collective monograph E-commerc

The Structure of Search Engine Law

This Article provides a road map to issues of search engine law. It indicates what questions we must consider when thinking about search engines, and it indicates the interconnections among those questions. It does not endorse any particular normative framework for search. Nor does it recommend who should regulate search. Instead, it provides the necessary foundation for informed decision-making, by whatever regulator and whatever its normative approach. Part I will explain how modern search engines function and describe the business environment within which they operate. Search engine operations can be understood in terms of the information flows among four principal actors: search engines themselves, their users, information providers, and third parties (such as copyright holders and censorious governments) with interests in particular content flows. There are, in turn, four significant information flows: the indexing by which a search engine leans what content providers are making available, user queries to the search engine for information about particular topics, the results returned by the search engine to users, and finally, the context that providers send to users who have found them through searching. Because so many major search engines are funded through advertising, this Part will also includes a survey of how search engine advertising works and the distinctive fraud problems confronting search engines and their advertisers. Part II, the heart of the Article, will present a descriptive analysis of the legal struggles over search, showing how questions of search policy, many of which have long been latent in different fields of Internet law, are increasingly confronting lawyers, courts, and regulators. It will describe those struggles in terms of the legitimate interests that each of these actors brings to debates over search. Users want high-quality results without too great a sacrifice of privacy. Content providers want favorable placement in search results without paying more than their fair share of the costs of supporting search and without facing unfair competition from search engines. Third parties want to prevent unauthorized distribution of copyrighted content, to preserve their own privacy, to protect their reputation, and to preserve user virtue. And finally, search engines want to preserve their ability to innovate, to protect themselves from fraud, and to ensure that the search market remains open to competition. Each entry in this list of a dozen interests has its own associated legal theories; this systematic taxonomy allows us to recognize how any given legal theory affects the search ecology. Part III will then show, with five examples, how taking a broad view of search yields otherwise unavailable insights into pressing controversies. This is not to say that the end result must be a body of search-specific law, only to note that failing to consider the larger forces at work in search is antithetical to sensible policy-making. First, the broad, systematic view illustrates how various claims in search engine disputes can serve as functional substitutes for each other. Second, it shows that the degree of transparency of the search process is a highly contested variable, which some concerns pressing for greater transparency and some pressing for less. Third, it illustrates that user privacy is a deeply knotty problem, and that preserving reasonable user expectations will involve difficult trade-offs with other interests—including some of users’ own. Fourth, it shows that we require a theory of search engine speech; the most well-developed theory of search engine results as speech so far articulated by a court is insufficiently complex. And fifth, it illustrates the richness of debates over search engines’ relationship to providers’ trademarks

The Role of Informal Workers in Online Economic Crime

(Context) Online economic crime leverages information technologies (IT) for illegal wealth redistribution, such as banking theft. Such crime requires a series of actions, a scheme, to be successful. Informal workers, individuals whose economic activities escape regulations, can be leveraged to execute various tasks surrounding these schemes. However, what these workers represent for online economic crime organizations, and their impact on the reach and sophistication of the crime, has yet to be uncovered. This thesis focuses on understanding the contexts, motivations, and organizations of those behind online economic crime. While doing so, it assesses the role and availability of an informal IT workforce surrounding the crime organization and its likelihood to participate in such criminal schemes. (Methods and Data) This thesis builds on three data sources: (1) 21 semi-structured interviews with experts, (2) a private chat log containing discussions among individuals involved in online economic crime, and (3) two datasets on an informal IT workforce operating on a digital labor platform. A blend of qualitative and quantitative analyses is developed, including inductive thematic analysis, non-parametric statistical hypothesis tests, and group-based trajectory modeling. (Results) The findings illustrate three key contextual factors influencing those behind online economic crime: a lack of legal economic opportunities, a lack of deterrents and the availability of drifting means. Organizations behind online economic crime are found to take various forms, from organized, to enterprise-like, loose networks or communities. They are also characterized by a large sphere of influence given the indispensable workers hired to help with the crime orchestration. Among them, informal workers from the IT sector are found to be particularly important: they represent a pool of potential workers for all legal tasks surrounding online economic crime, and they can be leveraged easily due to digital labor platforms. However, further investigations illustrate that the benefits of hiring informal IT workers may be hindered by high transaction costs, including high hiring, switching, and monitoring costs. Moreover, the likelihood of informal IT workers to participate in crime-oriented spaces is found to be limited. (Conclusion) This study sheds light on the organization of online economic crime and the role of informal IT workers at the periphery. It provides both theoretical and empirical explanations as to why online economic crime is characterized by long reach, in terms of victims, and sophistication. It also offers nuanced concepts (e.g., drifters, informal workforce) to better grasp the organization of online economic crime and the degrees of involvement of those surrounding the crime

Remedying Security Concerns at an Internet Scale

The state of security across the Internet is poor, and it has been so since the advent of the modern Internet. While the research community has made tremendous progress over the years in learning how to design and build secure computer systems, network protocols, and algorithms, we are far from a world where we can truly trust the security of deployed Internet systems. In reality, we may never reach such a world. Security concerns continue to be identified at scale through-out the software ecosystem, with thousands of vulnerabilities discovered each year. Meanwhile, attacks have become ever more frequent and consequential.As Internet systems will continue to be inevitably affected by newly found security concerns, the research community must develop more effective ways to remedy these issues. To that end, in this dissertation, we conduct extensive empirical measurements to understand how remediation occurs in practice for Internet systems, and explore methods for spurring improved remediation behavior. This dissertation provides a treatment of the complete remediation life cycle, investigating the creation, dissemination, and deployment of remedies. We start by focusing on security patches that address vulnerabilities, and analyze at scale their creation process, characteristics of the resulting fixes, and how these impact vulnerability remediation. We then investigate and systematize how administrators of Internet systems deploy software updates which patch vulnerabilities across the many machines they manage on behalf of organizations. Finally, we conduct the first systematic exploration of Internet-scale outreach efforts to disseminate information about security concerns and their remedies to system administrators, with an aim of driving their remediation decisions. Our results show that such outreach campaigns can effectively galvanize positive reactions.Improving remediation, particularly at scale, is challenging, as the problem space exhibits many dimensions beyond traditional computer technical considerations, including human, social, organizational, economic, and policy facets. To make meaningful progress, this work uses a diversity of empirical methods, from software data mining to user studies to Internet-wide network measurements, to systematically collect and evaluate large-scale datasets. Ultimately, this dissertation establishes broad empirical grounding on security remediation in practice today, as well as new approaches for improved remediation at an Internet scale

Measuring for privacy: From tracking to cloaking

We rely on various types of online services to access information for different uses, and often provide sensitive information during the interactions with these services. These online services are of different types; e.g. commercial websites (e.g., banking, education, news, shopping, dating, social media), essential websites (e.g., government). Online services are available through websites as well as mobile apps. The growth of web sites, mobile devices and apps that run on those devices, have resulted in the proliferation of online services. This whole ecosystem of online services had created an environment where everyone using it are being tracked. Several past studies have performed privacy measurements to assess the prevalence of tracking in online services. Most of these studies used institutional (i.e., non-residential) resources for their measurements, and lacked global perspective. Tracking on online services and its impact to privacy may differ at various locations. Therefore, to fill in this gap, we perform a privacy measurement study of popular commercial websites, using residential networks from various locations. Unlike commercial online services, there are different categories (e.g., government, hospital, religion) of essential online services where users do not expect to be tracked. The users of these essential online services often use information of extreme personal and sensitive in nature (e.g., social insurance number, health information, prayer requests/confessions made to a religious minister) when interacting with those services. However, contrary to the expectations of users, these essential services include user tracking capabilities. We built frameworks to perform privacy measurements of these online services (include both web sites and Android apps) that are of different types (i.e., governments, hospitals and religious services in jurisdictions around the world). The instrumented tracking metrics (i.e., stateless, stateful, session replaying) from the privacy measurements of these online services are then analyzed. Malicious sites (e.g., phishing) mimic online services to deceive users, causing them harm. We found 80% of analyzed malicious sites are cloaked, and not blocked by search engine crawlers. Therefore, sensitive information collected from users through these sites is exposed. In addition, underlying Internet-connected infrastructure (e.g., networked devices such as routers, modems) used by online users, can suffer from security issues due to nonuse of TLS or use of weak SSL/TLS certificates. Such security issues (e.g., spying on a CCTV camera) can compromise data integrity, confidentiality and user privacy. Overall, we found tracking on commercial websites differ based on the location of corresponding residential users. We also observed widespread use of tracking by commercial trackers, and session replay services that expose sensitive information from essential online services. Sensitive information are also exposed due to vulnerabilities in online services (e.g., Cross Site Scripting). Furthermore, a significant proportion of malicious sites evade detection by security/search engine crawlers, which may make such sites readily available to users. We also detect weaknesses in the TLS ecosystem of Internet-connected infrastructure that supports running these online services. These observations require more research on privacy of online services, as well as information exposure from malicious online services, to understand the significance of privacy issues, and to adopt appropriate mitigation strategies