Matching Items (2)
Filtering by

Clear all filters

153304-Thumbnail Image.png
Description
This dissertation explores the various online radicalization and recruitment practices of groups like al-Qaeda and Hezbollah, as well as Salafi Jihadists in general. I will also outline the inadequacies of the federal government's engagement with terrorist / Islamist ideologies and explore the ways in which early 20th century foundational Islamist

This dissertation explores the various online radicalization and recruitment practices of groups like al-Qaeda and Hezbollah, as well as Salafi Jihadists in general. I will also outline the inadequacies of the federal government's engagement with terrorist / Islamist ideologies and explore the ways in which early 20th century foundational Islamist theorists like Hasan al-Banna, Sayyid Qutb, and Abul ala Mawdudi have affected contemporary extremist Islamist groups, while exploring this myth of the ideal caliphate which persists in the ideology of contemporary extremist Islamist groups. In a larger sense, I am arguing that exploitation of the internet (particularly social networking platforms) in the radicalization of new communities of followers is much more dangerous than cyberterrorism (as in attacks on cyber networks within the government and the private sector), which is what is most often considered to be the primary threat that terrorists pose with their presence on the internet. Online radicalization should, I argue, be given more consideration when forming public policy because of the immediate danger that it poses, especially given the rise of microterrorism. Similarly, through the case studies that I am examining, I am bringing the humanities into the discussion of extremist (religious) rhetorics, an area of discourse that those scholars have largely ignored.
ContributorsSalihu, Flurije (Author) / Ali, Souad T. (Thesis advisor) / Miller, Keith (Thesis advisor) / Corman, Steven (Committee member) / Gee, James P (Committee member) / Arizona State University (Publisher)
Created2014
158081-Thumbnail Image.png
Description
Despite an abundance of defenses that work to protect Internet users from online threats, malicious actors continue deploying relentless large-scale phishing attacks that target these users. Effectively mitigating phishing attacks remains a challenge for the security community due to attackers' ability to evolve and adapt to defenses, the cross-organizational

Despite an abundance of defenses that work to protect Internet users from online threats, malicious actors continue deploying relentless large-scale phishing attacks that target these users. Effectively mitigating phishing attacks remains a challenge for the security community due to attackers' ability to evolve and adapt to defenses, the cross-organizational nature of the infrastructure abused for phishing, and discrepancies between theoretical and realistic anti-phishing systems. Although technical countermeasures cannot always compensate for the human weakness exploited by social engineers, maintaining a clear and up-to-date understanding of the motivation behind---and execution of---modern phishing attacks is essential to optimizing such countermeasures.

In this dissertation, I analyze the state of the anti-phishing ecosystem and show that phishers use evasion techniques, including cloaking, to bypass anti-phishing mitigations in hopes of maximizing the return-on-investment of their attacks. I develop three novel, scalable data-collection and analysis frameworks to pinpoint the ecosystem vulnerabilities that sophisticated phishing websites exploit. The frameworks, which operate on real-world data and are designed for continuous deployment by anti-phishing organizations, empirically measure the robustness of industry-standard anti-phishing blacklists (PhishFarm and PhishTime) and proactively detect and map phishing attacks prior to launch (Golden Hour). Using these frameworks, I conduct a longitudinal study of blacklist performance and the first large-scale end-to-end analysis of phishing attacks (from spamming through monetization). As a result, I thoroughly characterize modern phishing websites and identify desirable characteristics for enhanced anti-phishing systems, such as more reliable methods for the ecosystem to collectively detect phishing websites and meaningfully share the corresponding intelligence. In addition, findings from these studies led to actionable security recommendations that were implemented by key organizations within the ecosystem to help improve the security of Internet users worldwide.
ContributorsOest, Adam (Author) / Ahn, Gail-Joon (Thesis advisor) / Doupe, Adam (Thesis advisor) / Shoshitaishvili, Yan (Committee member) / Johnson, RC (Committee member) / Arizona State University (Publisher)
Created2020