Recent academic papers related to cybercrime. All papers are sorted based on the conference name and published year. Welcome to add more published papers to this list.
- USENIX Security
- The Web Conference (WWW)
- IEEE Security and Privacy (S&P)
- ACM Internet Measurement Conference (IMC)
- Network and Distributed System Security (NDSS)
- Symposium on Electronic Crime Research (eCrime)
- IEEE European Symposium on Security and Privacy (EuroS&P)
- ACM Conference on Computer and Communications Security (CCS)
- [Phishing] Phish in Sheep's Clothing: Exploring the Authentication Pitfalls of Browser Fingerprinting
- [Phishing] Inferring Phishing Intention via Webpage Appearance and Dynamics: A Deep Vision Based Approach
- [Phishing] Assessing Browser-level Defense against IDN-based Phishing
- [Phishing] Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages
- [Blackhat SEO] Scalable Detection of Promotional Website Defacements in Black Hat SEO Campaigns
- [Threat Intelligence] A different cup of TI? The added value of commercial threat intelligence
- [Phishing] PhishTime: Continuous Longitudinal Measurement of the Effectiveness of Anti-phishing Blacklists
- [Phishing] Sunrise to Sunset: Analyzing the End-to-end Life Cycle and Effectiveness of Phishing Attacks at Scale
- [Scam] Users Really Do Answer Telephone Scams
- [Phishing] Cognitive Triaging of Phishing Attacks
- [Cryptojacking] Inadvertently making Cyber Criminals Rich: A Comprehensive Study of Cryptojacking Campaigns at Internet Scale
- [Infrastructure] Platforms in Everything: Analyzing Ground-Truth Data on the Anatomy and Economics of Bullet-Proof Hosting
- [Card Skimmers] Fear the Reaper: Characterization and Fast Detection of Card Skimmers
- [Dark Jargons] Reading Thieves' Cant: Automatically Identifying and Understanding Dark Jargons from Cybercrime Marketplaces
- [Anonymous Markets] Plug and prey? measuring the commoditization of cybercrime via online anonymous markets
- [Botnet] Understanding the Mirai Botnet
- [Blackhat SEO] The Ever-Changing Labyrinth: A Large-Scale Analysis of Wildcard DNS Powered Blackhat SEO
- [Social Engineering] WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths
- [Cryptojacking] MineThrottle: Defending against Wasm In-Browser Cryptojacking
- [Cryptojacking] Outguard: Detecting In-Browser Covert Cryptocurrency Mining in the Wild
- [Phishing] Doppelgängers on the Dark Web: A Large-scale Assessment on Phishing Hidden Web Services
- [Spam] Collective Classification of Spam Campaigners on Twitter: A Hierarchical Meta-Path Based Approach
- [Phishing] Tracking Phishing Attacks Over Time
- [Scam] Analyzing Ground-Truth Data of Mobile Gambling Scams
- [Phishing] Phishing in Organizations: Findings from a Large-Scale and Long-Term Study
- [APT] HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows
- [Phishing] PhishFarm: A Scalable Framework for Measuring the Effectiveness of Evasion Techniques Against Browser Phishing Blacklists
- [Infrastructure] Resident Evil: Understanding Residential IP Proxy as a Dark Service
- [Search Engine] Measuring and Analyzing Search Engine Poisoning of Linguistic Collisions
- [Scam] Surveylance: Automatically Detecting Online Survey Scams
- [Value Chain] Tracking Ransomware End-to-end
- [Dark Jargons] How to learn klingon without a dictionary: Detection and measurement of black keywords used by the underground economy
- [Infrastructure] Under the Shadow of Sunshine: Understanding and Detecting Bulletproof Hosting on Legitimate Service Provider Networks
- [Spam] SoK: Everyone Hates Robocalls: A Survey of Techniques against Telephone Spam
- [Blackhat SEO] Seeking nonsense, looking for trouble: Efficient promotional-infection detection through semantic inconsistency search
- [SMS] Sending out an sms: Characterizing the security of the sms ecosystem with public gateways
- [Typosquatting] Every second counts: Quantifying the negative externalities of cybercrime via typosquatting
- [Phishing] Are You Human?: Resilience of Phishing Detection to Evasion Techniques Based on Human Verification
- [Blackhat SEO] Demystifying Local Business Search Poisoning for Illicit Drug Promotion
- [Cryptojacking] A Lightweight IoT Cryptojacking Detection Mechanism in Heterogeneous Smart Home Networks
- [Fraud] Understanding and Detecting International Revenue Share Fraud
- [Cryptojacking] MINOS*: A Lightweight Real-Time Cryptojacking Detection System
- [Forensic] C^2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis
- [Fraud] The Abuser Inside Apps: Finding the Culprit Committing Mobile Ad Fraud
- [CyberBulling] Towards Understanding and Detecting Cyberbullying in Real-world Images
- [Fraud] Into the Deep Web: Understanding E-commerce Fraud from Autonomous Chat with Cybercriminals
- [Botnet] A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints
- [Dark Web] Cybercriminal Minds: An investigative study of cryptocurrency abuses in the Dark Web
- [Botnet] Cleaning Up the Internet of Evil Things: Real-World Evidence on ISP and Consumer Efforts to Remove Mirai
- [Botnet] Measurement and Analysis of Hajime, a Peer-to-peer IoT Botnet
- [Measurement] Cracking the Wall of Confinement: Understanding and Analyzing Malicious Domain Take-downs
- [Scam] Dial One for Scam: A Large-Scale Analysis of Technical Support Scams
- [Fake Base Station] FBS-Radar: Uncovering Fake Base Stations at Scale in the Wild
- [Typosquatting] Seven Months’ Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse
- [Measurement] Parking Sensors: Analyzing and Detecting Parked Domains
- [Telephone] Phoneypot: Data-driven Understanding of Telephony Threats
- [Phishing] Inside a Phisher’s Mind: Understanding the Anti-phishing Ecosystem Through Phishing Kit Analysis
- [Abusing] Understanding and Detecting Abused Image Hosting Modules as Malicious Services
- [Cryptojacking] Under the Dark: A Systematical Study of Stealthy Mining Pools (Ab)use in the Wild
- [Phishing] TxPhishScope: Towards Detecting and Understanding Transaction-based Phishing on Ethereum
- [Phishing] A Good Fishman Knows All the Angles: A Critical Evaluation of Google's Phishing Page Classifier
- [Spam] Clues in Tweets: Twitter-Guided Discovery and Analysis of SMS Spam
- [Phishing] Phishing URL Detection: A Network-based Approach Robust to Evasion
- [Phishing] I’m SPARTACUS, No, I’m SPARTACUS: Proactively Protecting Users From Phishing by Intentionally Triggering Cloaking Behavior
- [Financial Relations] Watch Your Back: Identifying Cybercrime Financial Relationships in Bitcoin through Back-and-Forth Exploration
- [Fraud] Dissecting Click Fraud Autonomy in the Wild
- [Fraud] Understanding and Detecting Mobile Ad Fraud Through the Lens of Invalid Traffic
- [Phishing] Catching Transparent Phish: Analyzing and Detecting MITM Phishing Toolkits
- [Botnet] Examining Mirai’s Battle over the Internet of Things
- [Phishing] VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity
- [Spam] Lies in the Air: Characterizing Fake-base-station Spam Ecosystem in China
- [APT] Mnemosyne: An Effective and Efficient Postmortem Watering Hole Attack Investigation System
- [Infrastructure] Impersonation-as-a-Service: Characterizing the Emerging Criminal Infrastructure for User Impersonation at Scale
- [Cryptojacking] Poster: Detecting WebAssembly-based Cryptocurrency Mining
- [Cryptojacking] Just the Tip of the Iceberg: Internet-Scale Exploitation of Routers for Cryptojacking
- [Cryptojacking] How You Get Shot in the Back: A Systematical Study about Cryptojacking in the Real World
- [Cryptojacking] MineSweeper: An In-depth Look into Drive-by Cryptocurrency Mining and Its Defense
- [Underground Ecosystem] Data Breaches, Phishing, or Malware?: Understanding the Risks of Stolen Credentials