Finding the linchpins of the dark web: Understanding and detecting malicious infrastructure


Malicious activities continue to be a major threat to the safety of online users. Despite the plethora forms of attacks and the diversity of their delivery channels, in the back end, they are all orchestrated through malicious hosting infrastructures, enabling miscreants to do business with each other and utilize others’ resources. Identifying the linchpins of the dark infrastructures and distinguishing those valuable to the adversaries from those disposable are critical for gaining an upper hand in the battle against them. In this talk, Sumayah will survey a number of malicious hosting infrastructures for different services and approaches to detecting them. Among them are works on an emerging trend of Bulletproof hosting services reselling infrastructure from lower-end service providers, use of residential proxy as a service to avoid server-side blocking and DNS based hosting infrastructure.

Brief Biography

Sumayah Alrwais is an assistant professor at King Saud University. She received her Ph.D. in Computer science from Indiana University and was a post-doctoral fellow in network security at the International Computer Science Institute (ICSI) in Berkeley. She is an active researcher in system security and her research interests are data-driven security and privacy providing security intelligence to characterize and detect security threats. Sumayah is a published author at top tier security conferences such as IEEE security and privacy, USENIX Security, ACM CCS, and NDSS.

Contact Person