Showing 1–6 of 6 results for author: Vadrevu, P

The Ubiquitous Skiplist: A Survey of What Cannot be Skipped About the Skiplist and its Applications in Big Data Systems

Authors: Venkata Sai Pavan Kumar Vadrevu, Lu Xing, Walid G. Aref

Abstract: Skiplists have become prevalent in systems. The main advantages of skiplists are their simplicity and ease of implementation, and the ability to support operations in the same asymptotic complexities as their tree-based counterparts. In this survey, we explore skiplists and their many variants. We highlight many scenarios of how skiplists are useful and fit well in these usage scenarios. We study… ▽ More Skiplists have become prevalent in systems. The main advantages of skiplists are their simplicity and ease of implementation, and the ability to support operations in the same asymptotic complexities as their tree-based counterparts. In this survey, we explore skiplists and their many variants. We highlight many scenarios of how skiplists are useful and fit well in these usage scenarios. We study several extensions to skiplists to make them fit for more applications, e.g., their use in the multi-dimensional space, network overlaying algorithms, as well as serving as indexes in database systems. Besides, we also discuss systems that adopt the idea of skiplists and apply the probabilistic skip pattern into their designs. △ Less

Submitted 22 May, 2024; v1 submitted 7 March, 2024; originally announced March 2024.

Conning the Crypto Conman: End-to-End Analysis of Cryptocurrency-based Technical Support Scams

Authors: Bhupendra Acharya, Muhammad Saad, Antonio Emanuele Cinà, Lea Schönherr, Hoang Dai Nguyen, Adam Oest, Phani Vadrevu, Thorsten Holz

Abstract: The mainstream adoption of cryptocurrencies has led to a surge in wallet-related issues reported by ordinary users on social media platforms. In parallel, there is an increase in an emerging fraud trend called cryptocurrency-based technical support scam, in which fraudsters offer fake wallet recovery services and target users experiencing wallet-related issues. In this paper, we perform a compre… ▽ More The mainstream adoption of cryptocurrencies has led to a surge in wallet-related issues reported by ordinary users on social media platforms. In parallel, there is an increase in an emerging fraud trend called cryptocurrency-based technical support scam, in which fraudsters offer fake wallet recovery services and target users experiencing wallet-related issues. In this paper, we perform a comprehensive study of cryptocurrency-based technical support scams. We present an analysis apparatus called HoneyTweet to analyze this kind of scam. Through HoneyTweet, we lure over 9K scammers by posting 25K fake wallet support tweets (so-called honey tweets). We then deploy automated systems to interact with scammers to analyze their modus operandi. In our experiments, we observe that scammers use Twitter as a starting point for the scam, after which they pivot to other communication channels (eg email, Instagram, or Telegram) to complete the fraud activity. We track scammers across those communication channels and bait them into revealing their payment methods. Based on the modes of payment, we uncover two categories of scammers that either request secret key phrase submissions from their victims or direct payments to their digital wallets. Furthermore, we obtain scam confirmation by deploying honey wallet addresses and validating private key theft. We also collaborate with the prominent payment service provider by sharing scammer data collections. The payment service provider feedback was consistent with our findings, thereby supporting our methodology and results. By consolidating our analysis across various vantage points, we provide an end-to-end scam lifecycle analysis and propose recommendations for scam mitigation. △ Less

Submitted 18 January, 2024; originally announced January 2024.

SENet: Visual Detection of Online Social Engineering Attack Campaigns

Authors: Irfan Ozen, Karthika Subramani, Phani Vadrevu, Roberto Perdisci

Abstract: Social engineering (SE) aims at deceiving users into performing actions that may compromise their security and privacy. These threats exploit weaknesses in human's decision making processes by using tactics such as pretext, baiting, impersonation, etc. On the web, SE attacks include attack classes such as scareware, tech support scams, survey scams, sweepstakes, etc., which can result in sensitive… ▽ More Social engineering (SE) aims at deceiving users into performing actions that may compromise their security and privacy. These threats exploit weaknesses in human's decision making processes by using tactics such as pretext, baiting, impersonation, etc. On the web, SE attacks include attack classes such as scareware, tech support scams, survey scams, sweepstakes, etc., which can result in sensitive data leaks, malware infections, and monetary loss. For instance, US consumers lose billions of dollars annually due to various SE attacks. Unfortunately, generic social engineering attacks remain understudied, compared to other important threats, such as software vulnerabilities and exploitation, network intrusions, malicious software, and phishing. The few existing technical studies that focus on social engineering are limited in scope and mostly focus on measurements rather than developing a generic defense. To fill this gap, we present SEShield, a framework for in-browser detection of social engineering attacks. SEShield consists of three main components: (i) a custom security crawler, called SECrawler, that is dedicated to scouting the web to collect examples of in-the-wild SE attacks; (ii) SENet, a deep learning-based image classifier trained on data collected by SECrawler that aims to detect the often glaring visual traits of SE attack pages; and (iii) SEGuard, a proof-of-concept extension that embeds SENet into the web browser and enables real-time SE attack detection. We perform an extensive evaluation of our system and show that SENet is able to detect new instances of SE attacks with a detection rate of up to 99.6% at 1% false positive, thus providing an effective first defense against SE attacks on the web. △ Less

Submitted 10 January, 2024; originally announced January 2024.

Tutorial: The Ubiquitous Skiplist, its Variants, and Applications in Modern Big Data Systems

Authors: Venkata Sai Pavan Kumar Vadrevu, Lu Xing, Walid G. Aref

Abstract: The Skiplist, or skip list, originally designed as an in-memory data structure, has attracted a lot of attention in recent years as a main-memory component in many NoSQL, cloud-based, and big data systems. Unlike the B-tree, the skiplist does not need complex rebalancing mechanisms, but it still shows expected logarithmic performance. It supports a variety of operations, including insert, point re… ▽ More The Skiplist, or skip list, originally designed as an in-memory data structure, has attracted a lot of attention in recent years as a main-memory component in many NoSQL, cloud-based, and big data systems. Unlike the B-tree, the skiplist does not need complex rebalancing mechanisms, but it still shows expected logarithmic performance. It supports a variety of operations, including insert, point read, and range queries. To make the skiplist more versatile, many optimizations have been applied to its node structure, construction algorithm, list structure, concurrent access, to name a few. Many variants of the skiplist have been proposed and experimented with, in many big-data system scenarios. In addition to being a main-memory component, the skiplist also serves as a core index in systems to address problems including write amplification, write stalls, sorting, range query processing, etc. In this tutorial, we present a comprehensive overview of the skiplist, its variants, optimizations, and various use cases of how big data and NoSQL systems make use of skiplists. Throughout this tutorial, we demonstrate the advantages of using a skiplist or skiplist-like structures in modern data systems. △ Less

Submitted 19 April, 2023; originally announced April 2023.

A Study of Feasibility and Diversity of Web Audio Fingerprints

Authors: Shekhar Chalise, Phani Vadrevu

Abstract: Prior measurement studies on browser fingerprinting have unfortunately largely excluded Web Audio API-based fingerprinting in their analysis. We address this issue by conducting the first systematic study of effectiveness of web audio fingerprinting mechanisms. We focus on studying the feasibility and diversity properties of web audio fingerprinting. Along with 3 known audio fingerprinting vectors… ▽ More Prior measurement studies on browser fingerprinting have unfortunately largely excluded Web Audio API-based fingerprinting in their analysis. We address this issue by conducting the first systematic study of effectiveness of web audio fingerprinting mechanisms. We focus on studying the feasibility and diversity properties of web audio fingerprinting. Along with 3 known audio fingerprinting vectors, we designed and implemented 4 new audio fingerprint vectors that work by obtaining FFTs of waveforms generated via different methods. Our study analyzed audio fingerprints from 2093 web users and presents new insights into the nature of Web Audio fingerprints. First, we show that audio fingeprinting vectors, unlike other prior vectors, reveal an apparent fickleness with some users' browsers giving away differing fingerprints in repeated attempts. However, we show that it is possible to devise a graph-based analysis mechanism to collectively consider all the different fingerprints of users and thus craft a stable fingerprinting mechanism. Our analysis also shows that it is possible to do this in a timely fashion. Next, we investigate the diversity of audio fingerprints and compare this with prior techniques. Our results show that audio fingerprints are much less diverse than other vectors with only 95 distinct fingerprints among 2093 users. At the same time, further analysis shows that web audio fingerprinting can potentially bring considerable additive value (in terms of entropy) to existing fingerprinting mechanisms. We also show that our results contradict the current security and privacy recommendations provided by W3C regarding audio fingerprinting. Overall, our systematic study allows browser developers to gauge the degree of privacy invasion presented by audio fingerprinting thus helping them take a more informed stance when designing privacy protection features in the future. △ Less

Submitted 29 July, 2021; originally announced July 2021.

Comments: 15 pages, 21 figures

Measuring Abuse in Web Push Advertising

Authors: Karthika Subramani, Xingzi Yuan, Omid Setayeshfar, Phani Vadrevu, Kyu Hyung Lee, Roberto Perdisci

Abstract: The rapid growth of online advertising has fueled the growth of ad-blocking software, such as new ad-blocking and privacy-oriented browsers or browser extensions. In response, both ad publishers and ad networks are constantly trying to pursue new strategies to keep up their revenues. To this end, ad networks have started to leverage the Web Push technology enabled by modern web browsers. As web… ▽ More The rapid growth of online advertising has fueled the growth of ad-blocking software, such as new ad-blocking and privacy-oriented browsers or browser extensions. In response, both ad publishers and ad networks are constantly trying to pursue new strategies to keep up their revenues. To this end, ad networks have started to leverage the Web Push technology enabled by modern web browsers. As web push notifications (WPNs) are relatively new, their role in ad delivery has not been yet studied in depth. Furthermore, it is unclear to what extent WPN ads are being abused for malvertising (i.e., to deliver malicious ads). In this paper, we aim to fill this gap. Specifically, we propose a system called PushAdMiner that is dedicated to (1) automatically registering for and collecting a large number of web-based push notifications from publisher websites, (2) finding WPN-based ads among these notifications, and (3) discovering malicious WPN-based ad campaigns. Using PushAdMiner, we collected and analyzed 21,541 WPN messages by visiting thousands of different websites. Among these, our system identified 572 WPN ad campaigns, for a total of 5,143 WPN-based ads that were pushed by a variety of ad networks. Furthermore, we found that 51% of all WPN ads we collected are malicious, and that traditional ad-blockers and malicious URL filters are remarkably ineffective against WPN-based malicious ads, leaving a significant abuse vector unchecked. △ Less

Submitted 15 February, 2020; originally announced February 2020.

Journal ref: IMC '20: ACM Internet Measurement Conference October, 2020