Monjur Alam scite author profile

Technical Support Scams (TSS), which combine online abuse with social engineering over the phone channel, have persisted despite several law enforcement actions. Although recent research has provided important insights into TSS, these scams have now evolved to exploit ubiquitously used online services such as search and sponsored advertisements served in response to search queries. We use a data-driven approach to understand search-and-ad abuse by TSS to gain visibility into the online infrastructure that facilitates it. By carefully formulating tech support queries with multiple search engines, we collect data about both the support infrastructure and the websites to which TSS victims are directed when they search online for tech support resources. We augment this with a DNSbased amplification technique to further enhance visibility into this abuse infrastructure. By analyzing the collected data, we provide new insights into search-and-ad abuse by TSS and reinforce some of the findings of earlier research. Further, we demonstrate that tech support scammers are (1) successful in getting major as well as custom search engines to return links to websites controlled by them, and (2) they are able to get ad networks to serve malicious advertisements that lead to scam pages. Our study period of approximately eight months uncovered over 9,000 TSS domains, of both passive and aggressive types, with minimal overlap between sets that are reached via organic search results and sponsored ads. Also, we found over 2,400 support domains which aid the TSS domains in manipulating organic search results. Moreover, to our surprise, we found very little overlap with domains that are reached via abuse of domain parking and URL-shortening services which was investigated previously. Thus, investigation of search-and-ad abuse provides new insights into TSS tactics and helps detect previously unknown abuse infrastructure that facilitates these scams.

show abstract

Syndrome: Spectral analysis for anomaly detection on medical IoT and embedded devices

Sehatbakhsh

Alam

Nazari

et al. 2018

View full text Add to dashboard Cite

Effect of glitches against masked AES S-box implementation and countermeasure

et al. 2009

View full text Add to dashboard Cite

Masking of gates is one of the most popular techniques to prevent differential power analysis (DPA) of AES algorithm. It has been shown that the logic circuits used in the implementation of cryptographic algorithms leak side-channel information inspite of masking, which can be exploited, in differential power attacks. The phenomenon in CMOS circuits responsible for the leakage of masked circuits is known as glitching. Motivated by this fact, the authors analyse the effect of glitches in CMOS circuits against masked implementation of the AES S-box. The authors explicitly demonstrate that glitches do not affect always. There exists a relation between combinational path delay of the circuit and timing difference of input vectors to the circuit, which has a bearance on the amount of information leaked by the masked gates. A balanced masked S-box circuit is proposed where the inputs are synchronised by sequential components. Detailed SPICE results are shown to support the claim that the modifications indeed reduce the vulnerability of the masked AES S-box against DPA attacks.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Monjur Alam

HDFI: Hardware-Assisted Data-Flow Isolation

Parallel crypto-devices for GF(p) elliptic curve multiplication resistant against side channel attacks

Exposing Search and Advertisement Abuse Tactics and Infrastructure of Technical Support Scammers

Syndrome: Spectral analysis for anomaly detection on medical IoT and embedded devices

Effect of glitches against masked AES S-box implementation and countermeasure

Contact Info

Product

Resources

About