Hugo Bijmans (Delft University of Technology), Michel Van Eeten (Delft University of Technology), Rolf van Wegberg (Delft University of Technology)

Various governance instruments aim to fight Internet abuse -- from legislation to take down copyrighted material to blocklists to stop spam.
In turn, these instruments rely on industry standards to handle abuse: reporting abuse to the network owners requesting mitigation.
Although many hosting providers swiftly take action to keep the Internet clean, some do not.
This raises the question as to what type of abuse receives follow-up and what rationale is behind a decision to either mitigate or ignore reported abuse.
Through a unique collaboration with law enforcement in the Netherlands, we were granted access to the operational back-end of a hosting provider with a reputation for abuse.
A rare glimpse into its internal abuse handling allowed for the investigation of the mechanisms in the anti-abuse ecosystem that influence anti-abuse actions.
We find that client notification rates highly depend on the reporter and the abuse category.
CSAM and spam-related abuse reports lead to mitigating actions, whereas reports regarding copyright infringement and port scanning are often neglected.
Governance instruments, such as blocklisting, de-peering, and law enforcement inquiries, that could directly impact business continuity, affect client notifications, whereas individual abuse reporting is often easily ignored.
We hope our work can inform policymakers on aligning governance repertoire with effective abuse handling in practice.

View More Papers

Revealing The Secret Power: How Algorithms Can Influence Content...

Alessandro Galeazzi (University of Padua), Pujan Paudel (Boston University), Mauro Conti (University of Padua and Orebro University), Emiliano De Cristofaro (University of California, Riverside), Gianluca Stringhini (Boston University)

Read More

Poster: Crowdsourcing and Mapping COSPAS-SARSAT 406 MHz Distress Beacons

Ahsan Saleem (Faculty of Information Technology, University of Jyvaskyla, Finland), Andrei Costin (Faculty of Information Technology, University of Jyvaskyla, Finland), Guillermo Suarez-Tangil (IMDEA Networks Institute, Madrid, Spain)

Read More

ObliInjection: Order-Oblivious Prompt Injection Attack to LLM Agents with...

Reachal Wang (Duke University), Yuqi Jia (Duke University), Neil Zhenqiang Gong (Duke University)

Read More