Zhengyi Li (Indiana University Bloomington), Xiaojing Liao (Indiana University Bloomington)

An appraisal system is a feedback mechanism that has gained popularity in underground marketplaces. This system allows appraisers, who receive free samples from vendors, to provide assessments (i.e., appraisal reviews) for products in underground marketplaces. In this paper, we present the first measurement study on the appraisal system within underground marketplaces. Specifically, from 17M communication traces from eight marketplaces spanning from Feb 2006 to Mar 2023, we discover 56,229 appraisal reviews posted by 18,701 unique appraisers. We look into the appraisal review ecosystem, revealing five commonly used requirements and merits in the appraiser selection process. These findings indicate that the appraisal system is a well-established and structured process within the underground marketplace ecosystem. Furthermore, we reveal the presence of high-quality and unique cyber threat intelligence (CTI) in appraisal reviews. For example, we identify the geolocations of followers for a social booster and programming languages used for malware. Leveraging our extraction model, which integrates 41 distinct types of CTI, we capture 23,978 artifacts associated with 16,668 (50.2%) appraisal reviews. In contrast, artifacts are found in only 8.9% of listings and 2.7% of non-appraisal reviews. Our study provides valuable insights into this under-explored source of CTI, complementing existing research on threat intelligence gathering.

View More Papers

The Impact of Workload on Phishing Susceptibility: An Experiment

Sijie Zhuo (University of Auckland), Robert Biddle (University of Auckland and Carleton University, Ottawa), Lucas Betts, Nalin Asanka Gamagedara Arachchilage, Yun Sing Koh, Danielle Lottridge, Giovanni Russello (University of Auckland)

Read More

Phoenix: Surviving Unpatched Vulnerabilities via Accurate and Efficient Filtering...

Hugo Kermabon-Bobinnec (Concordia University), Yosr Jarraya (Ericsson Security Research), Lingyu Wang (Concordia University), Suryadipta Majumdar (Concordia University), Makan Pourzandi (Ericsson Security Research)

Read More

FirmLine: a Generic Pipeline for Large-Scale Analysis of Non-Linux...

Alexander Balgavy (Independent), Marius Muench (University of Birmingham)

Read More

Bernoulli Honeywords

Ke Coby Wang (Duke University), Michael K. Reiter (Duke University)

Read More