In the cybercrime ecosystem attackers have understood that tackling the entire monetization chain is a daunting task requiring highly developed skills and resources. Thus, specialized services have emerged to outsource key parts to third parties such as malware toolkits, exploit marketplaces, and pay-per-install services. Such outsourcing encourages innovation and specialization, enabling attackers to focus on their end goals. This talk describes different components of this complex ecosystem, highlights key research issues, and discusses operational implications.
Juan Caballero is an Assistant Research Professor at the IMDEA Software Institute in Madrid, Spain. His research focuses on security issues in systems, software, and networks. He received his Ph.D. in Electrical and Computer Engineering from Carnegie Mellon University, USA on 2010 and was a visiting researcher at University of California, Berkeley for two years. His research has appeared (and has won best paper awards) at top security venues. He has been in the technical committee of venues such as IEEE S&P, WWW, RAID, and DIMVA. He is program co-chair for the Digital Forensics Research Symposium (DFRWS) for 2013 and 2014.
This talk is organized by the Automation Systems Group at the Institute of Computer Aided Automation.