Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse

Domain squatting is a common adversarial practice where attackers register domain names that are purposefully similar to popular domains. In this work, we study a specific type of domain squatting called "combosquatting," in which attackers register domains that combine a popular trademark with one or more phrases (e.g., betterfacebook[.]com, youtube-live[.]com). We perform the first large-scale, empirical study of combosquatting by analyzing more than 468 billion DNS records---collected from passive and active DNS data sources over almost six years. We find that almost 60% of abusive combosquatting domains live for more than 1,000 days, and even worse, we observe increased activity associated with combosquatting year over year. Moreover, we show that combosquatting is used to perform a spectrum of different types of abuse including phishing, social engineering, affiliate abuse, trademark abuse, and even advanced persistent threats. Our results suggest that combosquatting is a real problem that requires increased scrutiny by the security community.Comment: ACM CCS 1

Intrathreads: Techniques for parallelizing sequential code

The inthreads architecture enables low-level parallelization of serial computation. This paper describes the inthreads architecture and shows several code transformations that can be used for optimizing code with low instruction-level parallelism. Such code can be optimized neither with conventional techniques due to complex branching, nor with conventional concurrent programming due to very low granularity of the parallelizable code sequences

Parallel Processing Letters ❢c World Scientific Publishing Company COMPLEXITY OF VERIFYING JAVA SHARED MEMORY EXECUTION ∗

This paper studies the problem of testing shared memory Java implementations to determine whether the memory behavior they provide is consistent. The complexity of the task is analyzed. The problem is defined as that of analyzing memory access traces. The study showed that the problem is NP-complete, both in the general case and in some particular cases in which the number of memory operations per thread, the number of write operations per variable, and the number of variables are restricted

Human-Targeted Denial of Service

ployed by hackers to plague network services with spurious requests, while semantic attacks have been used to dupe unsuspecting Internet users into various get-rich-quick scams. The former are directed against computers and are completely automatic, while the latter (also known as cognitive hacking) exploit human perceptions and beliefs [1]. The above attack convolves both of these traits, aiming at services rendered by humans. At first glance, HTDoS is quite similar to the infamous spam that keeps flooding despite all the efforts to develop automated filtering solutions. However, there is one crucial difference. In case of spam, the user gets to read the message only if it was analyzed and approved by the filter, while in the live support scenario, the attention of the operator is required from the very beginning of the conversation. A few simple sentences like "Hello, I have a problem" or "How do I use service X?" will keep the session going for long enough to consume significant a