Peng Wang (Indiana University Bloomington), Xiaojing Liao (Indiana University Bloomington), Yue Qin (Indiana University Bloomington), XiaoFeng Wang (Indiana University Bloomington)

E-commerce miscreants heavily rely on instant messaging (IM) to promote their illicit businesses and coordinate their operations. The threat intelligence provided by IM communication, therefore, becomes invaluable for understanding and mitigating the threats of e-commerce frauds. However, such information is hard to get since it is usually shared only through one-on-one conversations with the criminals. In this paper, we present the first chatbot, called Aubrey, to actively collect such intelligence through autonomous chats with real-world e-commerce miscreants. Our approach leverages the question-driven conversation pattern of small-time workers, who seek from e-commerce fraudsters jobs and/or attack resources, to model the interaction process as a finite state machine, thereby enabling an autonomous conversation. Aubrey successfully chatted with 470 real-world e-commerce miscreants and gathered a large amount of fraud-related artifact, including 40 SIM gateways, 323K fraud phone numbers, and previously-unknown attack toolkits, etc. Further, the conversations reveal the supply chain of e-commerce fraudulent activities on the deep web and the complicated relations (e.g., complicity and reselling) among miscreant roles.

View More Papers

Prevalence and Impact of Low-Entropy Packing Schemes in the...

Alessandro Mantovani (EURECOM), Simone Aonzo (University of Genoa), Xabier Ugarte-Pedrero (Cisco Systems), Alessio Merlo (University of Genoa), Davide Balzarotti (EURECOM)

Read More

You Are What You Do: Hunting Stealthy Malware via...

Qi Wang (University of Illinois Urbana-Champaign), Wajih Ul Hassan (University of Illinois Urbana-Champaign), Ding Li (NEC Laboratories America, Inc.), Kangkook Jee (University of Texas at Dallas), Xiao Yu (NEC Laboratories America, Inc.), Kexuan Zou (University Of Illinois Urbana-Champaign), Junghwan Rhee (NEC Laboratories America, Inc.), Zhengzhang Chen (NEC Laboratories America, Inc.), Wei Cheng (NEC Laboratories America,…

Read More

Complex Security Policy? A Longitudinal Analysis of Deployed Content...

Sebastian Roth (CISPA Helmholtz Center for Information Security), Timothy Barron (Stony Brook University), Stefano Calzavara (Università Ca' Foscari Venezia), Nick Nikiforakis (Stony Brook University), Ben Stock (CISPA Helmholtz Center for Information Security)

Read More

Proof of Storage-Time: Efficiently Checking Continuous Data Availability

Giuseppe Ateniese (Stevens Institute of Technology), Long Chen (New Jersey Institute of Technology), Mohammard Etemad (Stevens Institute of Technology), Qiang Tang (New Jersey Institute of Technology)

Read More