Dynamics of online scam hosting infrastructure

Maria Konte, Nick Feamster, Jaeyeon Jung

Research output: Chapter in Book/Report/Conference proceedingConference contribution

33 Scopus citations

Abstract

This paper studies the dynamics of scam hosting infrastructure, with an emphasis on the role of fast-flux service networks. By monitoring changes in DNS records of over 350 distinct spam-advertised domains collected from URLs in 115,000 spam emails received at a large spam sinkhole, we measure the rates and locations of remapping DNS records, and the rates at which "fresh" IP addresses are used. We find that, unlike the short-lived nature of the scams themselves, the infrastructure that hosts these scams has relatively persistent features that may ultimately assist detection.

Original languageEnglish (US)
Title of host publicationPassive and Active Network Measurement - 10th International Conference, PAM 2009, Proceedings
Pages219-228
Number of pages10
DOIs
StatePublished - 2009
Event10th International Conference on Passive and Active Network Measurement, PAM 2009 - Seoul, Korea, Republic of
Duration: Apr 1 2009Apr 3 2009

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5448
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other10th International Conference on Passive and Active Network Measurement, PAM 2009
Country/TerritoryKorea, Republic of
CitySeoul
Period4/1/094/3/09

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Dynamics of online scam hosting infrastructure'. Together they form a unique fingerprint.

Cite this