Skip to main content
SpringerLink
Log in

Spamming for Science: Active Measurement in Web 2.0 Abuse Research

  • Conference paper
Financial Cryptography and Data Security (FC 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7398))

Included in the following conference series:

  • 1128 Accesses

Abstract

Spam and other electronic abuses have long been a focus of computer security research. However, recent work in the domain has emphasized an economic analysis of these operations in the hope of understanding and disrupting the profit model of attackers. Such studies do not lend themselves to passive measurement techniques. Instead, researchers have become middle-men or active participants in spam behaviors; methodologies that lie at an interesting juncture of legal, ethical, and human subject (e.g., IRB) guidelines.

In this work two such experiments serve as case studies: One testing a novel link spam model on Wikipedia and another using blackhat software to target blog comments and forums. Discussion concentrates on the experimental design process, especially as influenced by human-subject policy. Case studies are used to frame related work in the area, and scrutiny reveals the computer science community requires greater consistency in evaluating research of this nature.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Curtin: Research management, http://research.curtin.edu.au/guides/

  2. UPenn: Office of regulatory affairs, http://www.upenn.edu/regulatoryaffairs/

  3. XRumer (Blackhat SEO software), http://www.xrumerseo.com/

  4. Abu-Nimeh, S., Chen, T.: Proliferation and detection of blog spam. IEEE Security and Privacy 8(5), 42–47 (2010)

    Article  Google Scholar 

  5. Allman, M.: What ought a program committee to do? In: USENIX Workshop on Organizing Workshops, Conferences, and Symposia for Computer Systems (2008)

    Google Scholar 

  6. Buchanan, E.A., Ess, C.M.: Internet research ethics and institutional review boards: Current practices and issues. SIGCAS Computers and Society 39(3) (2009)

    Google Scholar 

  7. Burstein, A.J.: Conducting cybersecurity research legally and ethically. In: LEET: Proc. of the Wkshp. on Large-Scale Exploits and Emergent Threats (2008)

    Google Scholar 

  8. Dittrich, D., Bailey, M., Dietrich, S.: Building an active computer security ethics community. IEEE Security and Privacy 9(4) (July/August 2011)

    Google Scholar 

  9. Garfinkel, S.L., Cranor, L.F.: Institutional review boards and your research. Communications of the ACM 53(6), 38–40 (2010)

    Article  Google Scholar 

  10. Hayati, P., Firoozeh, N., Potdar, V., Chai, K.: How much money do spammers make from your website? (Working paper, in submission)

    Google Scholar 

  11. Head, B.: Storage bills top $43,000 say spam-busters. ITWire.com (August 2011), http://www.itwire.com/business-it-news/security/49239-storage-bills-top-43000-say-spam-busters

  12. Kanich, C., Chachra, N., McCoy, D., Grier, C., Wang, D., Motoyama, M., Levchenko, K., Savage, S., Voelker, G.M.: No plan survives contact: Experience with cybercrime measurement. In: CSET 2011: Proceedings of the 3rd Workshop on Cyber Security Experimentation and Test (August 2011)

    Google Scholar 

  13. Kanich, C., Kreibich, C., Levchenko, K., Enright, B., Voelker, G.M., Paxson, V., Savage, S.: Spamalytics: An empirical market analysis of spam marketing conversion. In: CCS 2008: Proc. of the Conf. on Computer and Comm. Security (2008)

    Google Scholar 

  14. Kanich, C., Weaver, N., McCoy, D., Halvorson, T., Kreibich, C., Levchenko, K., Paxson, V., Voelker, G.M., Savage, S.: Show me the money: Characterizing spam-advertised revenue. In: Proc. of the USENIX Security Symposium (August 2011)

    Google Scholar 

  15. Levchenko, K., Chachra, N., Enright, B., Felegyhazi, M., Grier, C., Halvorson, T., Kanich, C., Kreibich, C., Liu, H., McCoy, D., Pitsillidis, A., Weaver, N., Paxson, V., Voelker, G.M., Savage, S.: Click trajectories: End-to-end analysis of the spam value chain. In: Proc. of the IEEE Symposium on Security and Privacy (2011)

    Google Scholar 

  16. Matwyshyn, A.M., Cui, A., Keromytis, A.D., Stolfo, S.J.: Ethics in security vulnerability research. IEEE Security and Privacy 8, 67–72 (2010)

    Article  Google Scholar 

  17. Milkman, K.L., Akinola, M., Chugh, D.: The temporal discrimination effect: An audit study of university professors (Working paper)

    Google Scholar 

  18. Moore, T., Anderson, R.: Economics and Internet security: A survey of recent analytical, empirical and behavioral research. Tech. Rep. TR-03-11, Harvard University, Department of Computer Science (2011)

    Google Scholar 

  19. Motoyama, M., Levchenko, K., Kanich, C., McCoy, D., Voekler, G.M., Savage, S.: Re: CAPTCHAs - Understanding CAPTCHA-solving services in an economic context. In: USENIX Security Symposium (August 2010)

    Google Scholar 

  20. Nathaniel, T.J., Johnson, N., Jakobsson, M.: Social phishing. Communications of the ACM 50(10) (October 2007)

    Google Scholar 

  21. Shin, Y., Gupta, M., Myers, S.: The nuts and bolts of a forum spam automator. In: LEET: Proc. of the Wkshp. on Large-Scale Exploits and Emergent Threats (2011)

    Google Scholar 

  22. Ur, B.E., Ganapathy, V.: Evaluating attack amplification in online social networks. In: W2SP 2009: The Workshop on Web 2.0 Security and Privacy (2009)

    Google Scholar 

  23. Walther, J.B.: Research ethics in Internet-enabled research: Human subjects issues and methodological myopia. Ethics and Info. Technology 4(3), 205–216 (2002)

    Article  Google Scholar 

  24. West, A.G., Agrawal, A., Baker, P., Exline, B., Lee, I.: Autonomous link spam detection in purely collaborative environments. In: WikiSym 2011: Proc. of the Seventh International Symposium on Wikis and Open Collaboration (October 2011)

    Google Scholar 

  25. West, A.G., Chang, J., Venkatasubramanian, K., Sokolsky, O., Lee, I.: Link spamming Wikipedia for profit. In: CEAS 2011: Proc. of the Eighth Annual Collaboration, Electronic Messaging, Anti-Abuse, and Spam Conference (September 2011)

    Google Scholar 

  26. West, A.G., Lee, I.: What Wikipedia deletes: Characterizing dangerous collaborative content. In: WikiSym 2011: Proc. of the Seventh International Symposium on Wikis and Open Collaboration (October 2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer and Information Science, University of Pennsylvania, Philadelphia, USA

    Andrew G. West & Insup Lee

  2. Anti-Spam Research Lab, Curtin University, Australia

    Pedram Hayati & Vidyasagar Potdar

Authors
  1. Andrew G. West
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pedram Hayati
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Vidyasagar Potdar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Insup Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. USC Information Sciences Institute, 4676 Admiralty Way, Suite 1001, 90292, Marina del Rey, CA, USA

    Jim Blyth

  2. Department of Computer Science, Stevens Institute of Technology, Castle Point on Hudson, 07030, Hoboken, NJ, USA

    Sven Dietrich

  3. Indiana University, 414 E First St, 47401, Bloomington, IN, USA

    L. Jean Camp

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

West, A.G., Hayati, P., Potdar, V., Lee, I. (2012). Spamming for Science: Active Measurement in Web 2.0 Abuse Research. In: Blyth, J., Dietrich, S., Camp, L.J. (eds) Financial Cryptography and Data Security. FC 2012. Lecture Notes in Computer Science, vol 7398. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34638-5_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-34638-5_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34637-8

  • Online ISBN: 978-3-642-34638-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation