Show simple item record

dc.contributor.advisorAhamad, Mustaque
dc.contributor.authorSrinivasan, Bharat Ramakrishnan
dc.date.accessioned2018-01-22T21:11:19Z
dc.date.available2018-01-22T21:11:19Z
dc.date.created2017-12
dc.date.issued2017-11-13
dc.date.submittedDecember 2017
dc.identifier.urihttp://hdl.handle.net/1853/59241
dc.description.abstractRecently we have witnessed rapid consolidation of traditional and emerging communications infrastructures, leading to the convergence of telephony and the Internet. While this convergence has been beneficial in many ways, it has also expanded the arsenal of malicious actors by introducing new attack vectors. Specifically, it offers malicious actors the ability to craft cross-channel attacks that combine both telephony and Internet resources to evade existing defenses, abuse the underlying infrastructure and victimize the end-user in ways that have not been adequately explored in the past. In fact, instances of such abuse have attracted the attention of federal law enforcement and consumer protection agencies such as the Federal Trade Commission (FTC) and the Federal Communications Commission (FCC). In response to strong consumer demand for action against cross-channel abuse, these agencies have pressed for robust solutions to deal with such abuse. In this dissertation, we first introduce the notion of cross-channel abuse and place it in the context of traditional notions of Internet and telephony abuse. Then, as a first case in point, using CHURN, a cross-channel messaging attribution system, we present a data-driven longitudinal study of the support infrastructure aiding cross-channel text-messaging abuse which reveals insights into the domain and IP infrastructure used in text-messaging scams, spam and phishing attacks. As a second case in point, using X-TSS, a system developed to track online search-and-ad based cross-channel abuse in technical support scams (TSS), we extend the data-driven approach to study these infamous scams that have plagued consumers and industry brands for over a decade. The lens of a cross-channel view of TSS helps reveal previously underexposed tactics and infrastructure used in these scams. Lastly, based on the learnings from these two cases, we explore cross-channel intelligence sharing that augments and enhances existing abuse prevention and defense mechanisms on both telephony and Internet channels. By making these contributions, we seek to improve the situational awareness around cross-channel abuse and provide a framework that increases the security and trust of everyday transactions taking place in the converged communications landscape.
dc.format.mimetypeapplication/pdf
dc.language.isoen_US
dc.publisherGeorgia Institute of Technology
dc.subjectNetworks
dc.subjectCommunications
dc.subjectSecurity
dc.titleExposing and mitigating cross-channel abuse that exploits the converged communications infrastructure
dc.typeDissertation
dc.description.degreePh.D.
dc.contributor.departmentComputer Science
thesis.degree.levelDoctoral
dc.contributor.committeeMemberAntonakakis, Manos
dc.contributor.committeeMemberLee, Wenke
dc.contributor.committeeMemberAmmar, Mostafa
dc.contributor.committeeMemberNikiforakis, Nick
dc.date.updated2018-01-22T21:11:19Z


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record