On the Feasibility of Automating Stock Market Manipulation

This work presents the first findings on the feasibility of using botnets to automate stock market manipulation. Our analysis incorporates data gathered from SEC case files, security surveys of online brokerages, and dark web marketplace data. We address several technical challenges, including how to adapt existing techniques for automation, the cost of hijacking brokerage accounts, avoiding detection, and more. We consolidate our findings into a working proof-of-concept, man-in-the-browser malware, Bot2Stock, capable of controlling victim email and brokerage accounts to commit fraud. We evaluate our bots and protocol using agent-based market simulations, where we find that a 1.5% ratio of bots to benign traders yields a 2.8% return on investment (ROI) per attack. Given the short duration of each attack (< 1 minute), achieving this ratio is trivial, requiring only 4 bots to target stocks like IBM. 1,000 bots, cumulatively gathered over 1 year, can turn $100,000 into $1,022,000, placing Bot2Stock on par with existing botnet scams.

[1]  M. Nelemans Redefining Trade-Based Market Manipulation , 2007 .

[2]  Chris Kanich,et al.  Spamalytics: an empirical analysis of spam marketing conversion , 2009, CACM.

[3]  Xindong Wu,et al.  Coupled behavior analysis for capturing coupling relationships in group-based market manipulations , 2012, KDD.

[4]  Samuel A. Assefa Generating synthetic data in finance: opportunities, challenges and pitfalls , 2020, ICAIF.

[5]  J. Zittrain,et al.  Spam Works: Evidence from Stock Touts and Corresponding Market Activity , 2007 .

[6]  Alex Pentland,et al.  Coupled hidden Markov models for complex action recognition , 1997, Proceedings of IEEE Computer Society Conference on Computer Vision and Pattern Recognition.

[7]  Manuel R. Vargas,et al.  Deep learning for stock market prediction from financial news articles , 2017, 2017 IEEE International Conference on Computational Intelligence and Virtual Environments for Measurement Systems and Applications (CIVEMSA).

[8]  Wei Wei,et al.  Correlating S&P 500 stocks with Twitter data , 2012, HotSocial '12.

[9]  Maria Hybinette,et al.  ABIDES: Towards High-Fidelity Market Simulation for AI Research , 2019, ArXiv.

[10]  Stefan Savage,et al.  PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs , 2012, USENIX Security Symposium.

[11]  Ammar Belatreche,et al.  Detecting Wash Trade in Financial Market Using Digraphs and Dynamic Programming , 2016, IEEE Transactions on Neural Networks and Learning Systems.

[12]  A. Khwaja,et al.  Unchecked Intermediaries: Price Manipulation in an Emerging Stock Market , 2005 .

[13]  Michael P. Wellman,et al.  An Agent-Based Model of Financial Benchmark Manipulation , 2019, ICML 2019.

[14]  M. Hanke,et al.  On the effects of stock spam e-mails , 2008 .

[15]  Rainer Böhme,et al.  The Effect of Stock Spam on Financial Markets , 2006, WEIS.

[16]  Franklin Allen,et al.  Stock-Price Manipulation , 1992 .

[17]  Algorithmic Trading Risk , 2014 .

[18]  Yi Zhou,et al.  Understanding the Mirai Botnet , 2017, USENIX Security Symposium.

[19]  Christopher Krügel,et al.  Your botnet is my botnet: analysis of a botnet takeover , 2009, CCS.

[20]  Sotiris Ioannidis,et al.  Two-factor authentication: is the world ready?: quantifying 2FA adoption , 2015, EUROSEC.

[21]  Ryan Brunt Booted : An Analysis of a Payment Intervention on a DDoS-for-Hire Service , 2017 .

[22]  S. Viswanathan,et al.  How to Define Illegal Price Manipulation , 2008 .

[23]  Michael P. Wellman,et al.  Generating Realistic Stock Market Order Streams , 2020, AAAI.

[24]  Michael P. Wellman,et al.  Evaluating the Stability of Non-Adaptive Trading in Continuous Double Auctions: A Reinforcement Learning Approach , 2018, AAAI Workshops.

[25]  Guojun Wu,et al.  Behavior Based Manipulation: Theory and Prosecution Evidence , 2004 .

[26]  Aihua Li,et al.  Market Manipulation Detection Based on Classification Methods , 2017, ITQM.

[27]  Philip S. Yu,et al.  Detecting abnormal coupled sequences and sequence changes in group-based manipulative trading behaviors , 2010, KDD.

[28]  Michael P. Wellman,et al.  Spoofing the Limit Order Book: An Agent-Based Model , 2017, AAMAS.

[29]  Tyler Moore,et al.  Measuring the Cost of Cybercrime , 2012, WEIS.

[30]  Lambert J. M. Nieuwenhuis,et al.  Business Model of a Botnet , 2018, 2018 26th Euromicro International Conference on Parallel, Distributed and Network-based Processing (PDP).

[31]  Osmar R. Zaïane,et al.  Time series contextual anomaly detection for detecting market manipulation in stock market , 2015, 2015 IEEE International Conference on Data Science and Advanced Analytics (DSAA).