Carnegie Mellon's Adrian Perrig studies black markets

October 15, 2007

PITTSBURGH -- Carnegie Mellon University's Adrian Perrig and Jason Franklin, working in conjunction with Vern Paxson of the International Computer Science Institute and Stefan Savage of the University of California, San Diego, have designed new computer tools to better understand and potentially thwart the growth of Internet black markets, where attackers use well-developed business practices to hawk viruses, stolen data and attack services.

"These troublesome entrepreneurs even offer tech support and free updates for their malicious creations that run the gamut from denial of service attacks designed to overwhelm Web sites and servers to data stealing Trojan viruses," said Perrig, an associate professor of electrical and computer engineering and engineering and public policy.

In order to understand the millions of lines of data derived from monitoring the underground markets for more than seven months, Carnegie Mellon researchers developed automated techniques to measure and catalogue the activities of the shadowy online crooks who profit from spewed spam, virus-laden PCs and identity theft. The researchers estimate that the total value of the illegal materials available for sale in the seven-month period could total more than $37 million.

"Our research monitoring found that more than 80,000 potential credit card numbers were available through these illicit underground web economies," said Franklin, a Ph.D. student in computer science. However, the researchers warned that because checking the validity of the card numbers was not possible without credit card company assistance, the cards seen may not have been valid when they were observed.

Whatever the purchases, a buyer will typically contact the black market vendor privately using email, or in some cases, a private instant message. Money generally changes hands through non-bank payment services such as e-gold, making the criminals difficult to track.

To stem the flow of stolen credit cards and identity data, Carnegie Mellon researchers proposed two technical approaches to reduce the number of successful market transactions, including a slander attack and another technique, which were aimed at undercutting the cyber-crooks verification or reputation system.

"Just like you need to verify that individuals are honest on E-bay, online criminals need to verify that they are dealing with 'honest' criminals," Franklin said.

In a slander attack, an attacker eliminates the verified status of a buyer or seller through false defamation. "By eliminating the verified status of the honest individuals, an attacker establishes a lemon market where buyers are unable to distinguish the quality of the goods or services," Franklin said.

The researchers also propose to undercut the burgeoning black market activity by creating a deceptive sales environment.

Perrig's team developed a technique to establish fake verified-status identities that are difficult to distinguish from other-verified status sellers making it hard for buyers to identify the honest verified-status sellers from dishonest verified-status sellers.

"So, when the unwary buyer tries to collect the goods and services promised, the seller fails to provide the goods and services. Such behavior is known as 'ripping.' And it is the goal of all black market site's verification systems to minimize such behavior," said Franklin.

There have been successful takedowns against known black market sites, such as the U.S. Secret Service-run Operation Firewall three years ago. That operation against the notorious Shadowcrew resulted in 28 arrests around the globe, Carnegie Mellon researchers reported.

"The scary thing about all this is that you do not have to be in the know to find black markets, they are easy to find, easy to join and just a mouse click away," Franklin said.

"We believe these black markets are growing, so we will have even more incidents to monitor and study in the future," Perrig said.

That growth is also reflected in the latest Computer Security Institute (CSI) Computer Crime and Security Survey that shows average cyber-losses more than doubled after a five-year decline. The 2007 CSI survey reported that U.S. companies on average lost more than $300,000 to cyber crooks compared to $168,000 last year.
About Carnegie Mellon: Carnegie Mellon is a private research university with a distinctive mix of programs in engineering, computer science, robotics, business, public policy, fine arts and the humanities. More than 10,000 undergraduate and graduate students receive an education characterized by its focus on creating and implementing solutions for real problems, interdisciplinary collaboration and innovation. A small student-to-faculty ratio provides an opportunity for close interaction between students and professors. While technology is pervasive on its 144-acre Pittsburgh campus, Carnegie Mellon is also distinctive among leading research universities for the world-renowned programs in its College of Fine Arts. A global university, Carnegie Mellon has campuses in Silicon Valley, Calif., and Qatar, and programs in Asia, Australia and Europe. For more, see

Carnegie Mellon University

Related Adrian Perrig Articles from Brightsurf:

DNA sleuths target ivory poachers
The tiniest amount of DNA is being accurately analysed to identify the origins of old ivory.

Similarities and dissimilarities between automatic learning in bees and humans
This study provides the first systematic comparison of automatic visual learning in humans and honeybees, showing that while both species extract statistical information about co-occurrence contingencies of visual scenes, in contrast to humans, bees do not automatically encode predictability information in those scenes.

Why the goby can conquer the waters of the world
The round goby, one of the most common invasive freshwater fish in the world, boasts a particularly robust immune system, which could be one of the reasons for its excellent adaptability.

Mutation's role in blood cancers revealed by ideal team-up
Researchers from CSHL and MSKCC have determined that a mutation affecting the important process of RNA splicing can manipulate the 'quality control' in your cell.

Ethics and Human Research, January-February 2020
Exploitation in 'crowdsourced' research, oversight of right-to-try access to experimental drugs, and more.

A curiosity-driven genetic discovery that should impact cancer treatments
A team of geneticists with a desire to understand the inner workings of genes implicated in cellular identity has discovered new biological targets that may help devise alternative therapies for cancers that are becoming resistant to existing drugs.

Study reveals hip and knee replacement performance in England and Wales
The performance of different prosthetic implant combinations used in patients undergoing hip and knee replacements in England and Wales over the last 14 years have, for the first time, been directly compared in two new studies.

It's spring already? Physics explains why time flies as we age
Duke University researchers have a new explanation for why those endless days of childhood seemed to last so much longer than they do now -- physics.

University of Konstanz gains new insights into development of the human immune system
Scientists at the University of Konstanz identify fierce competition between the human immune system and bacterial pathogens.

Two-pronged device enables maverick immune cells to identify and kill cancers
Immune cells called Gamma Delta T cells can act independently to identify and kill cancer cells, defying the conventional view of the immune system.

Read More: Adrian Perrig News and Adrian Perrig Current Events is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to