The Rise of Potentially Unwanted Programs: Measuring its Prevalence, Distribution through Pay-Per-Install Services, and Economics

Juan Caballero,
IMDEA Software Institute in Madrid –
Abstract:
Potentially unwanted programs (PUP) such as adware and rogueware, while not outright malicious, exhibit intrusive behavior that generates user complaints and makes security vendors flag them as undesirable. PUP has been little studied in the research literature despite recent indications that its prevalence may have surpassed that of malware. We have performed a systematic study of Windows PUP over a period of 4 years using a variety of datasets including malware repositories, AV telemetry from 3.9 million real Windows hosts, dynamic executions, and financial statements. This presentation summarizes what we have learned from our measurements on PUP prevalence, its distribution through pay-perinstall (PPI) services, which link advertisers that want to promote their programs with affiliate publishers willing to bundle their programs with offers for other software, and the economics of PPI services that distribute PUP.
Bio
Juan Caballero is an Associate Research Professor at the IMDEA Software Institute in Madrid, Spain. His research focuses on security issues in systems, software, and networks. He received his Ph.D. in Electrical and Computer Engineering from Carnegie Mellon University, USA. His research regularly appears at top security venues and has won two best paper awards at the USENIX Security Symposium. He is an Associate Editor for ACM Transactions on Privacy and Security (TOPS). He has been in the technical committee of venues such as IEEE S&P, ACM CCS, USENIX Security, NDSS, WWW, RAID, and DIMVA. He is program co-chair for the 2017 Annual Computer Security Applications Conference (ACSAC). Previously, he has been program chair or co-chair for Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA, 2016), the Digital Forensics Research Symposium (DFRWS, 2014 & 2013), the European Workshop on Systems Security (EuroSec, 2015 & 2014), and the International Symposium on Engineering Secure Software and Systems (ESSoS, 2015 & 2016).
Date: 2017-Jun-12 Time: 11:00:00 Room: 336
For more information:
Upcoming Events
INESC Brussels HUB Winter Meeting 2023

This edition of the HUB Winter Meeting will be co-organised with Science Business and will take place on the 30 and 31 January, in Lisbon, at Instituto Superior Técnico, Department of Computer Science and Engineering.
Please see below a summary of the agenda, this will be updated on the INESC Brussels HUB website regularly (confirmed speakers and other relevant info). Places for onsite participation are limited so registration is mandatory. Online participants will be sent a ZOOM link for each specific session on the 27th January.
INESC Brussels HUB website: https://hub.inesc.pt/
Monday, 30 January
a) Digital Europe Programme & Chips Act: state of play and possibilities for INESC.
9h to 10h30 GMT
(Exclusive for INESC researchers and administrators).
b) Science Business: how can INESC tap into Science Business network, activities and communications tools.
(Exclusive for INESC researchers and administrators).
c) Networking Lunch (for all onsite participants).
d) Roundtable: From rhetoric to reality – Embedding international strategy in the DNA of research organisations.
(Closed-door, roundtable workshop, Chatham House rules, open to INESC researchers and administrators, external participants by invitation only).
e) Networking Dinner
(By invitation only – INESC researchers participating onsite in the event are elegible to join).
Tuesday, 31 January
f) Workshop: How they did it? Strategic positioning for structural success in Horizon Europe: a discussion of best practices.
(Exclusive for INESC researchers, administrators and international invited speakers).
g) The public consultation on European R&I Programmes: Towards FP10.
(Closed-door, roundtable workshop, Chatham House rules, open to INESC researchers and administrators, external participants by invitation only).
h) Networking Lunch (for all onsite participants).
i) Management Committee meeting (Directors and POB members)
The HUB Winter Meeting aims at bringing together researchers and administrators from the 5 INESC institutes, affiliated higher education institutions in Portugal and abroad, with key European and global players, to:
– Discuss key research and innovation issues at EU level.
– Inform institutional policy and strategy.
– Exchange best-practices about R&I management, career development and policy positioning.
– Promote, discuss and deliver vision, visibility, networking and impactful communication.
– Create, identify and deepen partnerships and collaboration opportunities for collaborative R&I.