Data Management

Dynamics of Online Scam Hosting Infrastructure

Download Now Free registration required

Executive Summary

This paper studies the dynamics of scam hosting infrastructure, with an emphasis on the role of fast-flux service networks. By monitoring changes in DNS records of over 350 distinct spam-advertised domains collected from URLs in 115,000 spam emails received at a large spam sinkhole, the authors measure the rates and locations of remapping DNS records, and the rates at which "Fresh" IP addresses are used. They find that, unlike the short-lived nature of the scams themselves, the infrastructure that hosts these scams has relatively persistent features that may ultimately assist detection.

  • Format: PDF
  • Size: 401.9 KB