Tuesday, September 25, 2012
UC San Diego has won part of a grant that will help researchers understand how the mind of a cybercriminal works by taking apart computer scams bit by bit.
Computer viruses that steal your bank account information. Emails pretending to be from retailers like Amazon that collect your password. Messages from friends over social networks like Facebook and Twitter that get you to click on corrupted links.
These are all workings of cybercriminals, and will be the focus of research funded by a $10 million grant from the National Science Foundation.
Computer scientists at UC San Diego, the International Computer Science Institute at Berkeley and George Mason University will share the five-year grant to do multiple studies on cybersecurity.
Stefan Savage, a computer science professor at UC San Diego, was one of the grant recipients. He said the money will help them understand how the mind of a cybercriminal works by taking apart computer scams bit by bit.
“You probably get spam in your email box asking you to buy Viagra or what have you,” he said. “And that’s probably where you’re thinking it stops, it’s annoying you delete, you move forward.”
But it typically doesn't end there. Savage said they use a simple example like that one and work backward.
“Well if they were going to make money on this, what are all the various pieces that would need to be put together,” he said. “That email would have to be sent, and when you click on it, it takes you to a site, and that site would need to accept your credit card and that credit card needs to be processed, and they need to ship stuff to you, and all these different components need to work together.”
Most computer scams and viruses are ways of extracting money, so Savage and his colleagues will “follow the money” to track cybercriminals.
“We’re trying to map out who is responsible for which components, and who makes how much money, and so on,” he said.
To do that, Savage said they use a number of methods, including making purchases online and following the money, trying to be scammed, collecting as much spam email as they can and allowing their online information to be stolen.
Researchers also monitor underground forums where cybercriminals communicate.
“When you gather enough of that data, you start to be able to map out the social networks of these people,” he said. “Who has influence, who doesn’t, how do ideas spread, how do they establish trust when no one has actually met each other physically.”
By tracking what cybercriminals are talking about, researchers can then link it back to activity they have observed.
The cybersecurity researchers will also work with UC San Diego professor James Fowler, who specializes in studying social networks.
Savage said people are generally more trusting of links and messages they receive over social networks, leaving them more open to scams pretending to be sent by friends.
“People have attached probably an unreasonable level of trust to information that they get from their purported friends,” he said.