Skip to main content

A scientific approach to fighting web-based cybercrime

Tyler Moore

In this talk, I demonstrate how a scientific approach can be used to combat web-based cybercrime. First, I present an observational study of the prevalence of abuse at shared web hosting providers. I examine the the distribution of web security features and software patching practices in shared hosting providers, the influence of providers on these security practices, and their impact on web compromise rates.

Using a fixed-effect regression model, I demonstrate that providers exert significant influence over the security of web infrastructure and applications, whereas individual webmasters tend to control the security of website content and configurations. I also show that the identified security and software patching factors explain between 10-19% of the variance in phishing and malware abuse at providers, after controlling for size. Second, I present two experiments that evaluate the effectiveness of sending individual abuse reports to operators whose websites have been hacked. Sending abuse reports can expedite cleanup significantly, but only if the notifications include details of the compromise.  Finally, I describe an observational study of bulk reports of compromised websites sent to the responsible web hosting providers. By examining over 28,000 URLs shared with 41 organizations between 2010 and 2015, I find that sharing has an immediate effect of cleaning the reported URLs and reducing the likelihood that they will be recompromised. However, there is only limited evidence that one-time sharing of malware data improves the malware cleanup response over the long term.

Speaker bio

Tyler Moore is an Assistant Professor of Computer Science at the University of Tulsa, where he holds the Tandy Chair of Cyber Security and Information Assurance. His research focuses on security economics, cybercrime measurement, and cybersecurity policy. Dr. Moore serves as Director of StopBadware, a non-profit anti-malware organization. He is a founding Editor in Chief of the Journal of Cybersecurity, a new interdisciplinary journal published by Oxford University Press. He was a 2016-17 New America Cybersecurity Fellow. Prior to joining TU, he was a postdoctoral fellow at the Center for Research on Computation and Society (CRCS) at Harvard University, the Hess Visiting Assistant Professor of Computer Science at Wellesley College, and an assistant professor at Southern Methodist University. A British Marshall Scholar, Prof. Moore completed his PhD at the University of Cambridge, while he holds BS degrees in Computer Science and Applied Mathematics from the University of Tulsa.

Share this: