Online services are abused by a multitude of malicious parties, from cybercriminals using them to monetize botnets and malware, to scammers looking to defraud innocent users, to trolls spreading hate speech and bullying. Despite the threats that they pose to the safety of Internet users, we still lack a satisfactory knowledge of how different types of malicious users operate. In this talk I will provide an overview of our recent work in the area. I will first illustrate the findings that we made when deploying honeypot accounts on Gmail and deliberately giving access to them to cybercriminals. I will then talk about the problem of scams happening on online dating sites, focusing on why blocking malicious activity on these platforms is a particularly challenging task. Finally, I will talk about our measurement study of 4chan, the “dark underbelly of the Internet,” in which we characterized “raid” behavior, a phenomenon that sees online trolls gather and deliberately attacking an entity on a third party service, such as a Youtube video or a Twitter account.
Gianluca Stringhini is an Assistant Professor in the Department of Computer Science and Security and Crime Science at University College London. He obtained his PhD from UCSB in 2014, where he worked under the supervision of Christopher Kruegel and Giovanni Vigna. Gianluca works in the area of data-driven security, analyzing large datasets to better understand complex cybercriminal operations and developing mitigation techniques to fight them. He was awarded a Google Faculty Research Award in 2015, a Symantec Research Labs Fellowship in 2012, and multiple Best Paper Awards. He published in top security conferences such as CCS, NDSS, and USENIX Security, as well as top measurement and web conferences such as IMC, WWW, and ICWSM.