nach oben

Erschienen in:

2009 | OriginalPaper | Buchkapitel

10. The Impact of Incentives on Notice and Take-down

verfasst von : Tyler Moore, Richard Clayton

Erschienen in: Managing Information Risk and the Economics of Security

Verlag: Springer US

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

We consider a number of notice and take-down regimes for Internet content. These differ in the incentives for removal, the legal framework for compelling action, and the speed at which material is removed. By measuring how quickly various types of content are removed, we determine that the requester’s incentives outweigh all other factors, from the penalties available, to the methods used to obstruct take-down.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Reinterpreting the Disclosure Debate for Web Infections

Nächstes Kapitel Studying Malicious Websites and the Underground Economy on the Chinese Web

In this chapter we cite UK cases; similar developments occurred in the US, Australia and other jurisdictions.

It would be possible to give numerous instances of sites that have migrated to the US, however we have not provided any examples of this alternative type of ‘forum shopping’ because the authors are currently residing in the UK. In this jurisdiction there is some case law about providing pointers to defamatory material: in Hird v. Wood 1894, the court held that the defendant had defamed the plaintiff by merely standing on a road and mutely pointing out a path which, if followed, allowed one to view a notice on which a defamatory statement had been written, even though the authorship of that statement was never proved.

The International Association of Internet Hotlines: http://www.inhope.org

The data provided by the IWF presents numerous difficulties whenever images reappear on the same website. Using the sanitised data they made available, it is impossible to distinguish between similar and distinct removals on the same website.

For a detailed account of our ‘feeds’ of URLs of phishing websites and our monitoring system, we refer the interested reader to (Moore 2008; Moore and Clayton 2007; Moore and Clayton 2008). In the current context, the key point is that because we receive data from a number of disparate sources, we believe that our database of URLs is one of the most comprehensive available, and the overwhelming majority of phishing websites will come to our attention.

While our method for identifying compromised websites from the structure of phishing URLs has confirmed 193 websites, there are additional websites that we have not yet verified. Hence, the 193 websites should be viewed as a sample of a significantly larger population of compromised websites.

http://www.aa419.org

Occasionally the legitimate escrow service escrow.com goes after fake sites that infringe upon their brand. Of course, additional volunteer groups may be operating, but we are unaware of any.

http://www.phishtank.com

We use the standard formula for capture-recapture:

$$ \frac{{|sample1| \times |sample2|}}{{|overlap|}} $$

Our data does not satisfy all of assumptions necessary for this formula to hold – notably the population is dynamic, with sites appearing and disappearing. (Weaver and Collins 2007) computed the overlap between two phishing feeds and applied capture-recapture analysis to estimate the number of overall phishing attacks. They discuss how the capture-recapture assumptions can be accommodated for phishing. We leave deriving a more accurate estimate to future work.

http://www.spamhaus.org

http://www.team-cymru.org

http://www.stopbadware.org

AOL Feedback Loop Information: http://postmaster.aol.com/fbl/

Microsoft Smart Network Data Services: https://postmaster.live.com/snds/

Financial Services Technology Consortium: http://www.fstc.org; Financial Services Information Sharing and Analysis Center: http://www.fsisac.com; Association for Payment Clearing Services: http://www.apacs.org.uk; Anti-PhishingWorking Group: http://www.antiphishing.org.

http://www.ncmec.org/en_US/documents/CyberTiplineFactSheet.pdf

In this chapter we have not considered whether ‘take-down’ of child sexual abuse images is the optimal strategy. It could be argued that the correct approach is to locate the people behind the websites and that removing websites merely leads to a ‘whack-a-mole’ game that rapidly removes individual websites without decreasing the availability of the material. The attention that has recently been paid to site lifetimes in the IWF annual reports indicates that removal is now seen by them to be important. However (Callanan 2007) found that only 11% of all websites are reported to ISPs by member hotlines. They wish “not to interfere with any ongoing lawenforcement investigation” and say that “depending on national legislation, the ISPsometimes prefers not to be informed about potentially illegal content.” We do not understand this comment, unless it refers to the necessity, in some jurisdictions, for the ISP to make a report to the authorities.

Ahlert, C., Marsden, C., and Yung, C. “How ‘Liberty’ Disappeared from Cyberspace: The Mystery Shopper Tests Internet Content Self-regulation,” 2004, http://pcmlp.socleg.ox.ac.uk/text/ liberty.pdf

Anderson, R., Böhme, R., Clayton, R., and Moore, T. “Security Economics and the Internal Market,” ENISA, January 2008, http://www.enisa.europa.eu/doc/pdf/report_sec_econ_&_int_mark_20080131.pdf

Callanan, C., and Frydas, N.P. “2007 Global Internet Trend Report,” INHOPE, September 2007, https://www.inhope.org/en/system/files/inhope_global_internet_trend_report_v1.0.pdf

Clayton, R. “Judge and Jury? How ‘Notice & Take Down’ Gives ISPs an Unwanted Role in Applying the Law to the Internet,” July 2000, http://www.cl.cam.ac.uk/~rnc1/Judge_and_ Jury.pdf

Dagon, D., Zou, C.C., and Lee, W. “Modelling BotnetPropagation Using Time Zones,” in 13th Annual Network and Distributed System Security Symposium (NDSS), San Diego, California, February 2006, pp. 235–249.

Enright, B. “Exposing Stormworm,” October 2007, http://noh.ucsd.edu/~bmenright/exposing_ storm.ppt

Franklin, J., Paxson, V., Perrig, A., and Savage, S. “An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants,” in 14th ACM Conference on Computer and Communications Security (CCS’07), Alexandria, Virginia, October 2007, pp. 375–388.

Honeynet Project and Research Alliance. “Know Your Enemy: Fast-flux Service Networks, an Ever Changing Enemy,” July 2007, http://www.honeynet.org/papers/ff/fast-flux.pdf

House of Lords Science and Technology Committee. Personal Internet Security, 5th Report of Session 2006–07, The Stationery Office, London, August 2007.

Internet Watch Foundation. 2006 Half-yearly Report, IWF, July 2006, http://www.iwf.org.uk/documents/20060803_2006_bi-annual_report_v7_final4.pdf

Internet Watch Foundation. “IWF Reveals 10 Year Statistics on Child Abuse Images Online,” Press Release, IWF, October 2006. http://www.iwf.org.uk/media/news.archive-2006.179.htm

Internet Watch Foundation. “IWF Reports Increased Severity of Online Child Abuse Content,” Press Release, IWF, April 2007, http://www.iwf.org.uk/media/news.archive-2007.196.htm

Internet Watch Foundation. “2007 Annual and Charity Report,” IWF, April 2008. http://www.iwf.org.uk/documents/20080417_iwf_annual_report_2007_(web).pdf

McMillan, R. “‘Rock Phish’ Blamed for Surge in Phishing,” InfoWorld (12 December), 2006, http://www.infoworld.com/article/06/12/12/HNrockphish_1.html

Moore, T. “Cooperative Attack and Defense in Distributed Networks,” Tech Report UCAM-CL-TR-718, Computer Laboratory, University of Cambridge, June 2008.

Moore, T., and Clayton, R. “Examining the Impact of Website Take-down on Phishing,” in Anti-Phishing Working Group eCrime Researcher’s Summit (APWG eCrime), Pittsburgh, Pennsylvania, October 2007, pp. 1–13.

Moore, T., and Clayton, R. “Evaluating the Wisdom of Crowds in Assessing PhishingWebsites,” in 12th International Financial Cryptography and Data Security Conference (FC 2008), Tsudik, G. (Ed.), LNCS 5143, Springer-Verlag, Berlin, Germany, 2008, pp. 16–30.

Moore, T., and Clayton, R. “Evil Searching: Compromise and Recompromise of Internet Hosts for Phishing”, in submission, June 2008.

Morland J. “Laurence Godfrey v. Demon Internet Limited. Case No: 1998-G-No 30,” March 1999. http://www.hmcourts-service.gov.uk/judgmentsfiles/j932/godfrey2.htm

Nas, S. “The Multatuli Project: ISPNotice & Take Down,” in SANE, October 2004. http://www.bof.nl/docs/researchpaperSANE.pdf

Serjantov, A., and Clayton, R. “Modelling Incentives for Email Blocking Strategies,” in 4th Workshop on the Economics of Information Security (WEIS), Cambridge, Massachusetts, June 2005.

Spamhaus. “Report on the Criminal ‘Rock Phish’ Domains Registered at nic.at,” Press Release, Spamhaus, June 2007. http://www.spamhaus.org/organization/statement.lasso?ref=7

Thomas, R., and Martin, J. “The Underground Economy: Priceless,” USENIX ;login (31:6), December 2006, pp. 7–16.

United Kingdom Government. “The Government Reply to the Fifth Report from the House of Lords Science and Technology Committee Session 2006–07 HL Paper 165 Personal Internet Security,” Cm7234, The Stationery Office, London, October 2007.

Weaver, R., and Collins, M. “Fishing for Phishes: Applying Capture-recapture to Phishing,” in Anti-Phishing Working Group eCrime Researcher’s Summit (APWG eCrime), Pittsburgh, Pennsylvania, October 2007, pp. 14–25.

Titel: The Impact of Incentives on Notice and Take-down
verfasst von: Tyler Moore
Richard Clayton
Verlag: Springer US
Buch: Managing Information Risk and the Economics of Security
Print ISBN: 978-0-387-09761-9

Electronic ISBN: 978-0-387-09762-6

Copyright-Jahr: 2009
DOI: https://doi.org/10.1007/978-0-387-09762-6_10

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner