Print Email Facebook Twitter Platforms in Everything: Analyzing Ground-Truth Data on the Anatomy and Economics of Bullet-Proof Hosting Title Platforms in Everything: Analyzing Ground-Truth Data on the Anatomy and Economics of Bullet-Proof Hosting Author Noroozian, A. (TU Delft Organisation & Governance) Koenders, Jan (Dutch National High-Tech Crime Unit) van Veldhuizen, Eelco (Dutch National High-Tech Crime Unit) Hernandez Ganan, C. (TU Delft Organisation & Governance) Alrwais, Sumayah (King Saud University) McCoy, Damon (New York University) van Eeten, M.J.G. (TU Delft Organisation & Governance) Date 2019 Abstract This paper presents the first empirical study based on ground-truth data of a major Bullet-Proof Hosting (BPH) provider, a company called Maxided. BPH allows miscreants to host criminal activities in support of various cybercrime business models such as phishing, botnets, DDoS, spam, and counterfeit pharmaceutical websites. Maxided was legally taken down by law enforcement and its backend servers were seized. We analyze data extracted from its backend databases and connect it to various external data sources to characterize Maxided's business model, supply chain, customers and finances. We reason about what the ``inside'' view reveals about potential chokepoints for disrupting BPH providers. We demonstrate the BPH landscape to have further shifted from agile resellers towards marketplace platforms with an oversupply of resources originating from hundreds of legitimate upstream hosting providers. We find the BPH provider to have few choke points in the supply chain amendable to intervention, though profit margins are very slim, so even a marginal increase in operating costs might already have repercussions that render the business unsustainable. The other intervention option would be to take down the platform itself. Subject bullet-proof hostingSecurityNetwork SecurityWeb Security To reference this document use: http://resolver.tudelft.nl/uuid:b3520ba1-70a6-4475-8138-0ee258781198 Publisher USENIX Association ISBN 978-1-939133-06-9 Source Proceedings of the 28th USENIX Security Symposium Series Proceedings of the 28th USENIX Security Symposium Part of collection Institutional Repository Document type conference paper Rights © 2019 A. Noroozian, Jan Koenders, Eelco van Veldhuizen, C. Hernandez Ganan, Sumayah Alrwais, Damon McCoy, M.J.G. van Eeten Files PDF sec19_noroozian_1.pdf 2.53 MB Close viewer /islandora/object/uuid:b3520ba1-70a6-4475-8138-0ee258781198/datastream/OBJ/view