Thomas Vissers scite author profile

Thomas Vissers

4Publications

111Citation Statements Received

30Citation Statements Given

How they've been cited

191

110

How they cite others

Affiliations

IMEC, KU Leuven, University of Antwerp

Publications

Order By: Most citations

Parking Sensors: Analyzing and Detecting Parked Domains

Vissers¹,

Joosen²,

Nikiforakis³

2015

View full text Add to dashboard Cite

Abstract-A parked domain is an undeveloped domain which has no content other than automatically computed advertising banners and links, used to generate profit. Despite the apparent popularity of this practice, little is known about parked domains and domain parking services that assist domain owners in parking and monetizing unused domains.This paper presents and in-depth exploration of the ecosystem of domain parking services from a security point of view, focusing mostly on the consequences for everyday users who land on parked pages. By collecting data from over 8 million parked domains, we are able to map out the entities that constitute the ecosystem, thus allowing us to analyze the domain owners, parking services, and advertisement syndicators involved. We show that users who land on parked websites are exposed to malware, inappropriate content, and elaborate scams, such as fake antivirus warnings and costly remote "technicians". At the same time, we find a significant number of parked domains to be abusing popular names and trademarks through typosquatting and through domain names confusingly similar to authoritative ones.Given the extent of observed abuse, we propose a set of features that are representative of parked pages and build a robust client-side classifier which achieves high accuracy with a negligible percentage of false positives.

show abstract

DDoS defense system for web services in a cloud environment

Vissers

Somasundaram²,

Pieters

et al. 2014

Future Generation Computer Systems

View full text Add to dashboard Cite

Exploring the Ecosystem of Malicious Domain Registrations in the .eu TLD

Vissers

Spooren

Agten

et al. 2017

View full text Add to dashboard Cite

This study extensively scrutinizes 14 months of registration data to identify large-scale malicious campaigns present in the .eu TLD. We explore the ecosystem and modus operandi of elaborate cybercriminal entities that recurrently register large amounts of domains for one-shot, malicious use. Although these malicious domains are short-lived, by incorporating registrant information, we establish that at least 80.04% of them can be framed in to 20 larger campaigns with varying duration and intensity. We further report on insights in the operational aspects of this business and observe, amongst other findings, that their processes are only partially automated. Finally, we apply a post-factum clustering process to validate the campaign identification process and to automate the ecosystem analysis of malicious registrations in a TLD zone.

show abstract

Maneuvering Around Clouds

Vissers

Goethem

Joosen

et al. 2015

View full text Add to dashboard Cite

The increase of Distributed Denial-of-Service (DDoS) attacks in volume, frequency, and complexity, combined with the constant required alertness for mitigating web application threats, has caused many website owners to turn to Cloud-based Security Providers (CBSPs) to protect their infrastructure. These solutions typically involve the rerouting of tra c from the original website through the CBSP's network, where malicious tra c can be detected and absorbed before it ever reaches the servers of the protected website. The most popular Cloud-based Security Providers do not require the purchase of dedicated tra c-rerouting hardware, but rely solely on changing the DNS settings of a domain name to reroute a website's tra c through their security infrastructure. Consequently, this rerouting mechanism can be completely circumvented by directly attacking the website's hosting IP address. Therefore, it is crucial for the security and availability of these websites that their real IP address remains hidden from potential attackers. In this paper, we discuss existing, as well as novel "originexposing" attack vectors which attackers can leverage to discover the IP address of the server where a website protected by a CBSP is hosted. To assess the impact of the discussed origin-exposing vectors on the security of CBSP-protected websites, we consolidate all vectors into Cloudpiercer, an automated origin-exposing tool, which we then use to conduct the first large-scale analysis of the e↵ectiveness of the origin-exposing vectors. Our results show that the problem is severe: 71.5% of the 17,877 CBSP-protected websites that we tested, expose their real IP address through at least one of the evaluated vectors. The results of our study categorically demonstrate that a comprehensive adoption of CBSPs is harder than just changing DNS records. Our findings can steer CBSPs and site administrators towards e↵ective countermeasures, such as proactively scanning for origin exposure and using appropriate network configurations that can greatly reduce the threat.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Thomas Vissers

Parking Sensors: Analyzing and Detecting Parked Domains

DDoS defense system for web services in a cloud environment

Exploring the Ecosystem of Malicious Domain Registrations in the .eu TLD

Maneuvering Around Clouds

Contact Info

Product

Resources

About