Ecole d'ingénieur et centre de recherche en Sciences du numérique

The role of phone numbers in understanding cyber-crime schemes

Costin, Andrei; Isacenkova, Jelena; Balduzzi, Marco; Francillon, Aurélien; Balzarotti, Davide

PST 2013, 11th International Conference on Privacy, Security and Trust, July 10-12, 2013, Tarragona, Catalonia, Spain

Internet and telephones are part of everyone's modern life. Unfortunately, several criminal activities also rely on these technologies to reach their victims. While the use and importance of the Internet has been largely studied, previous work overlooked the role that phone numbers can play in understanding online threats. In this work we aim at determining if leveraging phone numbers analysis can improve our understanding of the underground markets, illegal computer activities, or cyber-crime in general. This knowledge could then be adopted by several defensive mechanisms, including blacklists or advanced spam heuristics. Our results show that, in scam activities, phone numbers remain often more stable over time than email addresses. Using a combination of graph analysis and geographical Home Location Register (HLR) lookups, we identify recurrent cyber-criminal business models and link together scam communities that spread over different countries.

Document Doi Bibtex

Titre:The role of phone numbers in understanding cyber-crime schemes
Type:Conférence
Langue:English
Ville:Tarragona
Pays:ESPAGNE
Date:
Département:Sécurité numérique
Eurecom ref:4001
Copyright: © 2013 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
Bibtex: @inproceedings{EURECOM+4001, doi = {http://dx.doi.org/10.1109/PST.2013.6596056}, year = {2013}, title = {{T}he role of phone numbers in understanding cyber-crime schemes}, author = {{C}ostin, {A}ndrei and {I}sacenkova, {J}elena and {B}alduzzi, {M}arco and {F}rancillon, {A}ur{\'e}lien and {B}alzarotti, {D}avide}, booktitle = {{PST} 2013, 11th {I}nternational {C}onference on {P}rivacy, {S}ecurity and {T}rust, {J}uly 10-12, 2013, {T}arragona, {C}atalonia, {S}pain}, address = {{T}arragona, {ESPAGNE}}, month = {07}, url = {http://www.eurecom.fr/publication/4001} }
Voir aussi: