{"id":476238,"date":"2018-02-15T00:00:10","date_gmt":"2018-02-15T08:00:10","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/research\/?post_type=msr-research-item&#038;p=476238"},"modified":"2018-03-23T15:36:36","modified_gmt":"2018-03-23T22:36:36","slug":"adventures-evidence-based-security","status":"publish","type":"msr-video","link":"https:\/\/www.microsoft.com\/en-us\/research\/video\/adventures-evidence-based-security\/","title":{"rendered":"Further Adventures in Evidence-Based Security"},"content":{"rendered":"<p>Over the last decade, our group has undertaken an &#8220;evidence-based&#8221; approach to measure, analyze, and undermine various kinds of abuse and cybercrime on the Internet. In this talk, I will describe our evidence-based approach and present work on two recent projects. The first is a technique for inferring site compromise from a third-party perspective using honey accounts, and a measurement study that detected 19 site compromises over a year (including an Alexa top-500 site) and our experiences disclosing our findings to these sites. The second is a measurement study exploring the impact of ICANN&#8217;s New gTLD Program on the domain name ecosystem, classifying the intent of registrations in new TLDs (including speculative and defensive registrations) and impact on old TLDs. I will end briefly summarizing where our group is headed going forward.<\/p>\n<p>This work reflects a long-standing collaborative effort between UCSD and ICSI\/Berkeley, with more information available at: <a class=\"msr-external-link glyph-append glyph-append-open-in-new-tab glyph-append-xsmall\" href=\"http:\/\/www.evidencebasedsecurity.org\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/www.evidencebasedsecurity.org<span class=\"sr-only\"> (opens in new tab)<\/span><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Over the last decade, our group has undertaken an &#8220;evidence-based&#8221; approach to measure, analyze, and undermine various kinds of abuse and cybercrime on the Internet. In this talk, I will describe our evidence-based approach and present work on two recent projects. The first is a technique for inferring site compromise from a third-party perspective using [&hellip;]<\/p>\n","protected":false},"featured_media":476250,"template":"","meta":{"msr-url-field":"","msr-podcast-episode":"","msrModifiedDate":"","msrModifiedDateEnabled":false,"ep_exclude_from_search":false,"_classifai_error":"","msr_hide_image_in_river":0,"footnotes":""},"research-area":[13558],"msr-video-type":[],"msr-locale":[268875],"msr-post-option":[],"msr-session-type":[],"msr-impact-theme":[],"msr-pillar":[],"msr-episode":[],"msr-research-theme":[],"class_list":["post-476238","msr-video","type-msr-video","status-publish","has-post-thumbnail","hentry","msr-research-area-security-privacy-cryptography","msr-locale-en_us"],"msr_download_urls":"","msr_external_url":"https:\/\/youtu.be\/eChFE0VB5vo","msr_secondary_video_url":"","msr_video_file":"","_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-video\/476238","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-video"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/types\/msr-video"}],"version-history":[{"count":2,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-video\/476238\/revisions"}],"predecessor-version":[{"id":476253,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-video\/476238\/revisions\/476253"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/media\/476250"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/media?parent=476238"}],"wp:term":[{"taxonomy":"msr-research-area","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/research-area?post=476238"},{"taxonomy":"msr-video-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-video-type?post=476238"},{"taxonomy":"msr-locale","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-locale?post=476238"},{"taxonomy":"msr-post-option","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-post-option?post=476238"},{"taxonomy":"msr-session-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-session-type?post=476238"},{"taxonomy":"msr-impact-theme","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-impact-theme?post=476238"},{"taxonomy":"msr-pillar","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-pillar?post=476238"},{"taxonomy":"msr-episode","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-episode?post=476238"},{"taxonomy":"msr-research-theme","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-research-theme?post=476238"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}