Why it is Hard to Fight against Cyber Criminals?

We are witnessing numerous cyber attacks every day, however, we do not see many cyber criminals are brought to justice. One reason is that it is technically hard to identify and trace cyber criminals. One reason for this passive situation is our limited or even inappropriate understanding of the cyber space. In this paper, we survey the challenges and opportunities in this research field for interested readers. We also list promising tools and directions based on our understanding.

[1]  Wanlei Zhou,et al.  Traceback of DDoS Attacks Using Entropy Variations , 2011, IEEE Transactions on Parallel and Distributed Systems.

[2]  Wenke Lee,et al.  Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS Traces , 2009, 2009 Annual Computer Security Applications Conference.

[3]  Alan M. Frieze,et al.  Random graphs , 2006, SODA '06.

[4]  Donald F. Towsley,et al.  The monitoring and early detection of Internet worms , 2005, IEEE/ACM Transactions on Networking.

[5]  Minaxi Gupta,et al.  Behind Phishing: An Examination of Phisher Modi Operandi , 2008, LEET.

[6]  Aaron Hackworth,et al.  Botnets as a Vehicle for Online Crimes , 2006 .

[7]  Vinod Yegneswaran,et al.  BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation , 2007, USENIX Security Symposium.

[8]  Anat Bremler-Barr,et al.  Evaluating the Vulnerability of Network Mechanisms to Sophisticated DDoS Attacks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[9]  Walter Willinger,et al.  Mathematics and the Internet: A Source of Enormous Confusion and Great Potential , 2009, The Best Writing on Mathematics 2010.

[10]  Nirwan Ansari,et al.  IP traceback with deterministic packet marking , 2003, IEEE Communications Letters.

[11]  David L Donoho,et al.  Compressed sensing , 2006, IEEE Transactions on Information Theory.

[12]  Feng Xiao,et al.  DSybil: Optimal Sybil-Resistance for Recommendation Systems , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[13]  Piet Van Mieghem,et al.  Graph Spectra for Complex Networks , 2010 .

[14]  Wenke Lee,et al.  Modeling Botnet Propagation Using Time Zones , 2006, NDSS.

[15]  K. J. Ray Liu,et al.  Secure Cooperation in Autonomous Mobile Ad-Hoc Networks Under Noise and Imperfect Monitoring: A Game-Theoretic Approach , 2008, IEEE Transactions on Information Forensics and Security.

[16]  Azer Bestavros,et al.  Self-similarity in World Wide Web traffic: evidence and possible causes , 1996, SIGMETRICS '96.

[17]  Ling Huang,et al.  Communication-Efficient Online Detection of Network-Wide Anomalies , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[18]  Christopher Krügel,et al.  Your botnet is my botnet: analysis of a botnet takeover , 2009, CCS.

[19]  Song Guo,et al.  Discriminating DDoS Attacks from Flash Crowds Using Flow Correlation Coefficient , 2012, IEEE Transactions on Parallel and Distributed Systems.

[20]  Lawrence K. Saul,et al.  Beyond blacklists: learning to detect malicious web sites from suspicious URLs , 2009, KDD.

[21]  Minyi Guo,et al.  Flexible Deterministic Packet Marking: An IP Traceback System to Find the Real Source of Attacks , 2009, IEEE Transactions on Parallel and Distributed Systems.

[22]  Jin Cao,et al.  Identifying suspicious activities through DNS failure graph analysis , 2010, The 18th IEEE International Conference on Network Protocols.

[23]  Geoff Hulten,et al.  Spamming botnets: signatures and characteristics , 2008, SIGCOMM '08.

[24]  Xun Wang,et al.  An Invisible Localization Attack to Internet Threat Monitors , 2009, IEEE Transactions on Parallel and Distributed Systems.

[25]  Vrizlynn L. L. Thing,et al.  A Survey of Bots Used for Distributed Denial of Service Attacks , 2007, SEC.

[26]  Michael Kaminsky,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2008, IEEE/ACM Transactions on Networking.

[27]  Chuanyi Ji,et al.  An Information-Theoretic View of Network-Aware Malware Attacks , 2008, IEEE Transactions on Information Forensics and Security.

[28]  Nicolas Ianelli,et al.  Botnets as a Vehicle for Online Crime , 2007 .

[29]  Guofei Gu,et al.  BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.

[30]  Farnam Jahanian,et al.  A Survey of Botnet Technology and Defenses , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.

[31]  Kotagiri Ramamohanarao,et al.  Survey of network-based defense mechanisms countering the DoS and DDoS problems , 2007, CSUR.

[32]  Christopher C. Yang Information sharing and privacy protection of terrorist or criminal social networks , 2008, 2008 IEEE International Conference on Intelligence and Security Informatics.

[33]  Li Fan,et al.  Web caching and Zipf-like distributions: evidence and implications , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[34]  Duncan J. Watts,et al.  Collective dynamics of ‘small-world’ networks , 1998, Nature.

[35]  Albert,et al.  Emergence of scaling in random networks , 1999, Science.

[36]  Sajal K. Das,et al.  This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. IEEE TRANSACTIONS ON MOBILE COMPUTING An Epidemic Theoretic Framework for Vulnerability Analysi , 2022 .

[37]  Andreas Terzis,et al.  My Botnet Is Bigger Than Yours (Maybe, Better Than Yours): Why Size Estimates Remain Challenging , 2007, HotBots.

[38]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.

[39]  Wanlei Zhou,et al.  Information theory based detection against network behavior mimicking DDoS attacks , 2008, IEEE Communications Letters.

[40]  P. Van Mieghem,et al.  Virus Spread in Networks , 2009, IEEE/ACM Transactions on Networking.

[41]  M.T. Goodrich,et al.  Probabilistic Packet Marking for Large-Scale IP Traceback , 2008, IEEE/ACM Transactions on Networking.

[42]  Jerry R. Hobbs,et al.  An algebraic approach to IP traceback , 2002, TSEC.

[43]  Albert-László Barabási,et al.  Statistical mechanics of complex networks , 2001, ArXiv.

[44]  Derek Greene,et al.  Unsupervised Learning and Clustering , 2008, Machine Learning Techniques for Multimedia.

[45]  Robert Nowak,et al.  Internet tomography , 2002, IEEE Signal Process. Mag..

[46]  G. Manimaran,et al.  Novel hybrid schemes employing packet marking and logging for IP traceback , 2006, IEEE Transactions on Parallel and Distributed Systems.