CRCS Seminar
Date: Wednesday, February 17, 2010
Time: 10:00am – 11:30am
Place: Pierce Hall 100F
We describe a method for identifying "typosquatting", the intentional registration of misspellings of popular website addresses. We estimate that at least 938,000 typosquatting domains target the top 3,264 .com sites, and we crawl more than 285,000 of these domains to analyze their revenue sources. We find that 80% are supported by pay-per-click ads, often advertising the correctly spelled domain and its competitors. Another 20% include static redirection to other sites. We present an automated technique that uncovered 75 otherwise legitimate websites which benefited from direct links from thousands of misspellings of competing websites. Using regression analysis, we find that websites in categories with higher pay-per-click ad prices face more typosquatting registrations, indicating that ad platforms such as Google AdWords exacerbate typosquatting. However, our investigations also confirm the feasibility of significantly reducing typosquatting. We find that typosquatting is highly concentrated: Of typo domains showing Google ads, 63% use one of five advertising IDs, and some large name servers host typosquatting domains as much as four times as often as the web as a whole.
Bio: Tyler Moore is a postdoctoral fellow at Harvard University's Center for Research on Computation and Society. Moore’s research interests include the economics of information security, the study of electronic crime, and the development of policy for strengthening security. Moore completed his PhD in Computer Science at the University of Cambridge (UK), supervised by Ross Anderson. His PhD thesis investigated cooperative attack and defense in the design of decentralized wireless networks and through empirical analysis of phishing attacks on the Internet. Moore has co-authored a report for the European Union detailing policy recommendations for overcoming failures in the provision of information security. As an undergraduate, he studied at the University of Tulsa, identifying several vulnerabilities in the public telephone network’s underlying signaling protocols. Moore’s PhD studies were supported by a British Marshall Scholarship and US National Science Foundation Graduate Research Fellowship.