New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here


by: Vito Kilback

ComputerandNetworkSecurity CS475

Marketplace > Drexel University > ComputerScienence > CS475 > ComputerandNetworkSecurity
Vito Kilback
GPA 3.88


Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Class Notes
25 ?




Popular in Course

Popular in ComputerScienence

This 34 page Class Notes was uploaded by Vito Kilback on Wednesday September 23, 2015. The Class Notes belongs to CS475 at Drexel University taught by RachelGreenstadt in Fall. Since its upload, it has received 26 views. For similar materials see /class/212433/cs475-drexel-university in ComputerScienence at Drexel University.

Similar to CS475 at Drexel

Popular in ComputerScienence


Reviews for ComputerandNetworkSecurity


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 09/23/15
Reinterpreting the Disclosure Debate for Web Infections Oliver Day Brandon Palmen Rachel Greenstadt Harvard University Drexel University 1 stopwareorg Overview 0 Background 0 Actors 0 Methodology 0 Statistics 0 Possible Solutions 0 Conclusions 2 stopwareorg Background Driveby Downloads Internet users can be infected simply by viewing a compromised website DONATE Tc 1 FquotgtKI39K 39 CAL39ANDRA TVquot W 39 q mm In mn num SENIORS 1M MVINGSW hrJKIV te n39rargln lopmalgm quot matglnwndtw v n argmherght 0quot r z 5 r w w r J w Iable wtdthquot99quot harden I allgnquotcenter cellpadumgf39 cellspacmg hardercotot 00l D30 stop BAD waregorg Background Google s Interstitial Warnings Google Mona m We Llarl39 Puma aw May 2i JJJS u U Jb ta comw ert L 2 am HI P3 F s httgnmvmlw39 7 Wanting vlsltlng lhls web all may harm your computer 5mquot stopwareorg Background StopBadware Review Process 0 We provide independent transparent and manual website testing 0 We receive urls from partners 0 We assume the majority of sites are victims stopwareorg Attack Trends 0 The longtail approach Attacking well defended sites takes a long time infections are detected quickly Attacking poorly defended sites is quick infections can remain hidden for long periods of time o Facilitated by Weaponized exploit packs Google hacking Infected advertising networks 6 stopwareorg Consumer Webmasters o Are not tech geeks Just want things to work Use offthe shelf software Do not believe they are infected Can not identify or remove badware 0 Security is an unobservable attribute 0 Budget constraints make them choose between features and security 7 stopwareorg Web Hosting vs CoIocation 0 Web Hosting provides both the physical machine and the administration of the operating system 0 CoIocation provides neither 39Value39 Web Hosting Providers 0 Technical properties Feature bloat Offthe shelf control panels Nonuniform security patching 100s1000s ofwebsites per server 0 Economic properties Both hidden actions and hidden characteristics exist in the market Consumers cannot monitor hosting providers security practices Hosting providers may fall into moral hazard 9 stopwareorg Economics of Security in brief 0 Markets work when people have incentives to do the right thing 0 But Externalities Asymmetric Information Hidden characteristics gt Adverse Selection 0 Hidden actions gt Moral Hazard o All present in web security market 1 stopwareorg Externalities o Occurwhen decisions cause external costs or benefits to stakeholders who did not directly affect the transaction 1 stqprwareors Externalized Costs of Web Insecurity 0 Web infections typically affect the end users browsers of websites Often don39t know that they are infected Ifthey do they don39t know why Some evidence to suggest overt security measures actually reduce customer confidence Revealing infections can only harm companies brands and reputations 0 Most harm is even further removed Attacks carried out phishing sites hosted SPAM sent from infected machines 1 stopwareorg Akerlof39s Market for Lemons o Comes from analysis of Used Car market 0 Hidden characteristics Buyer doesn39t know if the carthey are buying is good or a 39lemon39 0 Seller does have this information 0 Given uncertainty buyer will not pay much 0 Result Adverse Selection sellers won39t sell good cars can39t get a good price only lemons 0 Solution Reduce customer uncertainty 0 Independent Inspections Guarantees etc 1 stopwareorg 3 Hidden Characteristics in Web Insecurity 0 End user doesn39t know if site they visit is safe or attacking them 0 Adverse selection Takes resources to be secure so why bother if no one can notice 0 Hosting provider doesn39t know if webmaster is incompetent or malicious o Webmasters don39t know if hosting provider is secure or not 1 stopwareorg 4 Adverse Selection in Web Privacy 0 End users don39t know privacy policies of websites 0 Bad sites endeavorto make signaling hard coopt signals 0 Example privacy seals like Truste Do little or no audit Edelman 2006 Sites with seals more likely to be bad 1 stopwareorg Hidden Actions and Moral Hazard o Webmasters unable to monitor hosting providers39 security practices 0 Maintaining secure sewers is expensive tendency to skimp o Moral hazard when contracted to efforts are costly and unobservable economic entities are likely to not make those efforts 1 stopwareorg Market Failures in Web Security Infected web users do not know howwhere they became infected 0 Consumer webmasters do not know iftheir hosting providers have poor security 0 Both web hosts and webmasters are incented to keep infection points hidden to protect their brands and revenues 1 stopwareorg Disclosure Theory 0 Browsers portals incentivized to protect web users from attack 0 Publicize andor block infected website Users more protected Webmasters incentivized to x sites or go away Webmasters incentivized to nd secure hosting 1 stopwareorg Disclosure for Software Vulnerabilities 0 Similar economic theory holds for software vulnerabilities 0 Without vulnerability disclosure software vendors have no incentive to disclose or fix security holes 0 lfno exploit exists and no patch disclosure poses risk of more attacked users before hole xed 0 Accepted practice Delayed disclosure tell the vendor wait speci ed period then tell world 0 Vendor can deploy patch during delay 0 Arora Telang Xu Optimal delay 1 stopwareorg Vulnerability Disclosure Debate Website owners want similar notice 0 Hosting provider also want similar notice 0 Web infections are attacks not vulnerabilities 0 Delay only optimal if no exploit oothenNise increases harm o Mandatory immediate disclosure of web infections helps to optimize social welfare 2 stopwareorg 0 Methodology 0 Query clearinghouse for all bad urls 0 Translate domain name to IP address 0 Team Cymru IP gt ASN translation 0 Group by ASN and by IP address 0 Process repeated at least weekly z stopwareorg Global Infection Share 2008 2 4 2 A 39U39 W C May 2008 2 stopwareorg Global Infection Share 2009 I ON I US I KR I RU I DE I ROW Jan 2009 stopwareorg US Web Infections 2008 The Planet IPower Aquot M MW n March 2007 January 2008 z stopwareorg 5mm S E a 2 1lWIHIHIHIHUUHIHHN ll llllmlll T hePlanet 2009397 4 208 109 stopwareorg Endurance 2009 I nnnnnn nsl 208 109 7 130m wane 7 12m mane 7 soon 7 mm mu 7 stopwareorg McCoIo Infections 208 1108 2 s waremg Intercage Infections I 908 208 stop BAD wareorg Webhost Disclosure Example 3mm threal of disclosure 25W mceole depeered mm 7 V iconfcall 7 mmm mu m 208 109 2 stopwareorg Possible Solutions 0 Broader Disclosure Gatekeepers Baidu gt China ISPs and hosting providers Notification of mass infections Browsers Firefox 3 Google amp SBW Opera 95 HauteSecure 3 stopwareorg Possible Solutions 0 Community CastIeCops retired Badware Busters Disclosure This is a SBW project 3 stopwareorg Possible Solutions Market 0 Consumer screening Educating consumer webmasters to screen hosting providers for security information o Hosting provider signaling Vulnerability scanning Patching policy 3 stopwareorg Conclusions 0 Information asymmetry exists between consumer webmasters and hosting providers 0 Webmasters and hosting providers have little economic incentive to disclose infections publicly 0 Immediate disclosure bluntly protects Internet users and applies economic pressure to webmasters and hosting providers who othenNise would not clean their sites 3 stopwareorg Questions 0 Oliver Day odaycyberlawharvardedu 0 Brandon Palmen bpalmencvberlawharvardedu 0 Rachel Greenstadt qreeniecsdrexeledu U


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Jim McGreen Ohio University

"Knowing I can count on the Elite Notetaker in my class allows me to focus on what the professor is saying instead of just scribbling notes the whole time and falling behind."

Kyle Maynard Purdue

"When you're taking detailed notes and trying to help everyone else out in the class, it really helps you learn and understand the I made $280 on my first study guide!"

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"

Parker Thompson 500 Startups

"It's a great way for students to improve their educational experience and it seemed like a product that everybody wants, so all the people participating are winning."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.