Adversarial behaviours knowledge area

The technological advancements witnessed by our society in recent decades have brought improvements in our quality of life, but they have also created a number of opportunities for attackers to cause harm. Before the Internet revolution, most crime and malicious activity generally required a victim and a perpetrator to come into physical contact, and this limited the reach that malicious parties had. Technology has removed the need for physical contact to perform many types of crime, and now attackers can reach victims anywhere in the world, as long as they are connected to the Internet. This has revolutionised the characteristics of crime and warfare, allowing operations that would not have been possible before. In this document, we provide an overview of the malicious operations that are happening on the Internet today. We first provide a taxonomy of malicious activities based on the attacker’s motivations and capabilities, and then move on to the technological and human elements that adversaries require to run a successful operation. We then discuss a number of frameworks that have been proposed to model malicious operations. Since adversarial behaviours are not a purely technical topic, we draw from research in a number of fields (computer science, criminology, war studies). While doing this, we discuss how these frameworks can be used by researchers and practitioners to develop effective mitigations against malicious online operations.Published versio

BlogForever: D2.5 Weblog Spam Filtering Report and Associated Methodology

This report is written as a first attempt to define the BlogForever spam detection strategy. It comprises a survey of weblog spam technology and approaches to their detection. While the report was written to help identify possible approaches to spam detection as a component within the BlogForver software, the discussion has been extended to include observations related to the historical, social and practical value of spam, and proposals of other ways of dealing with spam within the repository without necessarily removing them. It contains a general overview of spam types, ready-made anti-spam APIs available for weblogs, possible methods that have been suggested for preventing the introduction of spam into a blog, and research related to spam focusing on those that appear in the weblog context, concluding in a proposal for a spam detection workflow that might form the basis for the spam detection component of the BlogForever software

Spammer and hacker, two old friends

Spammers are always looking for new ways to bypass filters and spread spam content. Currently, spammers have not only improved their spam methods but have also moved towards exploiting software security vulnerabilities in order to spread their spam content. Spammers use weaknesses inside web applications to inject their spam content into legitimate websites, redirect users to their own campaign, misuse web users resources, and hide their footprints. In this paper, we investigate security vulnerabilities that are exploited by spammers. We explain these security vulnerabilities, list their importance and provide a scenario of how spammers can exploit them. Additionally, we discuss two possible solutions to counter problems by patching and secure software development. The result of our work highlights importance of concerning security best-practices in developing secure software which lack of that would result to demotion of website popularity, blacklisting of website and lose of users' trust

The influence of mobile ad fraud on intercompany relationships : the case of Hang My Ads

Mestrado em MarketingDesde o seu início, a indústria da publicidade mobile tem vindo a enfrentar problemas de fraude associados a grandes perdas financeiras e danos na forma como as empresas se relacionam. O presente estudo explora os efeitos dos problemas de fraude nas relações entre empresas da indústria; abordando o ecosistema da publicidade das aplicações mobile, o contexto focal da Hang My Ads e os processos de adaptação necessários para lidar com os efeitos da fraude. O ecosistema da publicidade de aplicações mobile revela organizar-se em advertisers, intermediários, publishers e empresas de tecnologia, e é marcado por desafios como a fraude, a falta de transparência e a falta de regulamentação. Advertisers e publishers parecem adaptar-se de formas semelhantes, embora diferenças sejam detetadas nos processos de planeamento e agendamento do serviço, produção, e ?outro? ? onde advertisers adaptam mais e investem mais recursos; mas também ao nível de estrutura organizacional ? onde as adaptações parecem estar relacionadas com a dimensão da empresa. Além disto, a investigação confirma a ocorrência de adaptações ao nível da díade, que se propagam para a rede de empresas mais alargada. Além de perdas financeiras e baixo ROI, a realocação de orçamentos de acordo com a competência do publisher para lidar com fraude é confirmada; o estudo revela ainda como efeitos da fraude danos aos níveis da experiência do utilizador, da reputação da indústria e da eficiência das empresas. Um esquema visual do mapeamento do ecosistema e um modelo de análise modificado são propostos.Since its emergence, the mobile advertising industry has been struggling with fraud issues that cause great financial losses and damage how companies relate to one another. The present study exlores the effects of fraud issues taking place in the mobile advertising industry on intercompany relationships; particularly, it looks at the mobile app advertising ecosystem, the focal context of Hang My Ads and the adaptation processes undertaken by advertisers and publishers to tackle the effects of fraud. The mobile app advertising ecosystem is found to be organized in advertisers, intermediates, publishers and technology companies, and characterized by marking challenges such as fraud, lack of transparency and lack of regulation. Advertisers and publishers seem to adapt in similar ways to one another, but differences are found at the processes of service planning and scheduling, production, and "other" - where advertisers adapt more and seem to invest more resources; and at the level of organization structure - where adaptations appear to be related with company size. Furthermore, the case confirms the occurrence of adaptations taking place in the dyad and propagating to the broader network. In addition to financial losses and poor ROI, the reallocation of budgets according to a publisher's competence to handle fraud is confirmed; moreover, it is found that damages at the levels of user experience, industry's reputation and companies' efficiency are caused by fraud. A visual scheme of the ecosystem's mapping and a modified framework of analysis are proposed.info:eu-repo/semantics/publishedVersio

Link-based similarity search to fight web spam

www.ilab.sztaki.hu/websearch We investigate the usability of similarity search in fighting Web spam based on the assumption that an unknown spam page is more similar to certain known spam pages than to honest pages. In order to be successful, search engine spam never appears in isolation: we observe link farms and alliances for the sole purpose of search engine ranking manipulation. The artificial nature and strong inside connectedness however gave rise to successful algorithms to identify search engine spam. One example is trust and distrust propagation, an idea originating in recommender systems and P2P networks, that yields spam classificators by spreading information along hyperlinks from white and blacklists. While most previous results use PageRank variants for propagation, we form classifiers by investigating similarity top lists of an unknown page along various measures such as co-citation, companion, nearest neighbors in low dimensional projections and SimRank. We test our method over two data sets previously used to measure spam filtering algorithms. 1