
eCrime Venue: Bunker Hill Holiday Inn
30 Washington Street Somerville Massachusetts 02143
Click Here for APWG eCrime
HOTEL ACCOMMODATIONS
apwg_events@apwg.org
The symposium’s proceedings are in English.
Please contact the APWG eCrime organizers for details via email at apwg_events@apwg.org.
Discount codes are also available for university researchers, government personnel and law enforcement professionals from pubic-sector agencies.
MONDAY, SEPT. 23
** Times in EDT
| 6:00-8:00 PM | eCrime 2024 Boston Welcome Reception Assembly Square Ballroom |
TUESDAY, SEPT. 24
** Times in EDT
8:00-8:45 AM | Continental Breakfast |
8:45 AM | Opening remarks and introductions |
Plenary Keynote
![]() | 9:00 AM Keynote address: Bruce Schneier, Berkman Klein Center for Internet and Society at Harvard University — AI: How It Will Affect Crime, Law Enforcement, and the Judiciary |
SESSION: The Emerging AI Conflict at the Cybercrime Frontier
MODERATOR: Laurin Weissinger, Tufts University
10 AM | Aditya K Sood, VP of Security Engineering and AI Strategy, Aryaka — Anatomizing the Growing Threat and Attacks on the AI Ecosystem |
10:30 | Bhupendra Acharya, CISPA Helmoltz Center for Information Security — Empirical Study of Scams and Attacks on Social Media Platforms through AI-Powered Automated Engagement |
11:00 AM | Coffee Break / Trade Fair & Research Posters Exhibit
|
11:30 AM | April Lorenzen, Dissect Cyber — Squeezing Quality Phish Classification from a Truculent LLM |
12:00 PM |
Multimodal Large Language Models for Phishing Webpage Detection and Identification Presenter: Dinil Mon Divakaran (A*STAR Institute for Infocomm Research) Jehyun Lee (Trustwave) Peiyuan Lim, Bryan Hooi (National University of Singapore) |
12:00 PM | Lunch Break – Trade Fair & Research Posters Exhibit |
12:20 PM | Lunch Break – Trade Fair & Research Posters Exhibit |
SESSION: Architectural Shifts In Cybercrime Attack And Defense With the Rise Of Telephone-Based Phishing
PANEL I: MANAGING THE SHIFT IN PHISHING ATTACK ARCHITECTURES TO TELEPHONE BASED PHISHING
MODERATOR: Ebrima Ceesay, Mastercard
| 1:35 PM | Examines the challenges attendant suppression of lure and hook architectures and telephone-based attack schemes that are native to wireless devices and dear old POTS. Matt Harris, OpSec Cici Ling, Indiana University Erich Kron, KnowBe4 Bobby Preston, WMC Global |
2:35 PM | Coffee Break – Trade Fair & Research Posters Exhibit |
PANEL II: DATA EXCHANGE REQUIREMENTS FOR ARCHIVING SMS/TEXT ATTACK DATA
MODERATOR: Pat Cain, APWG
3:05PM | Examines the challenges and field decisions of operations personnel charged with programmatically employing – and archiving on keystone clearinghouses like eCX – machine event data related to SMS and telephone-based phishing attacks. Muhammad Lutfor Rahman, CSU San Marcos / Smishtank Daniel Timko, CSU San Marcos / Smishtank Ben Coon, WMC Global Carlos Ramirez, APWG Engineering |
SESSION: Cyber Risk & Underwriting in the Cybercrime Age
MODERATOR: Miranda Bruce, UNSW Canberra
| 3:50 PM | PANEL: Incidents, Underwriting and Risk Cameron Brown, Deloitte (UK) Jillian Kwong, MIT Josephine Wolff, Tufts University Vincent Weafer, Corvus Insurance |
SESSION: eCrime eXchange: 2.0 and Beyond in Data Clearance and Data Curation
4:50 PM | Upgrades to eCX 2.0 in Data and Functionality Carlos Ramirez, APWG Engineering Arghya Mukherjee, The University of Tulsa Pat Cain, APWG |
| 5:15 PM | Closing Remarks / Trade Fair & Research Posters Exhibit |
| 6:00 PM | Speakers’ and Directors’ Dinner *** Transportation leaves the hotel beginning at 5:30pm |
WEDNESDAY, SEPT. 25
** Times in EDT
8:00-8:45AM | Continental Breakfast |
| 8:45AM | Opening remarks and introductions |
SESSION: Internet Infrastructure Policy and Defense Posture in 2024
MODERATOR: Laurin Weissinger, APWG eCrime General Chair, Tufts University
![]() | 9:00 AM INFRASTRUCTURE KEYNOTE: David Clark, MIT Computer Science and Artificial Intelligence Laboratory — Crime and Measurement: Measuring the Internet and why data on crime can help |
10 AM | Owned, Pwned or Rented: Who’s Domain Is It? Presenter: Mina Erfan (University of Ottawa) Paula Branco, Guy-Vincent Jourdan (University of Ottawa) |
10:20 AM | Coffee Break / Trade Fair & Research Posters Exhibit |
10:50 AM | EagleEye: Attention to Unveil Malicious Event Sequences from Provenance Graphs Presenter: Dinil Mon Divakaran (A*STAR Institute for Infocomm Research) Philipp Gysel, Candid Wüest, Otakar Jašek,(Acronis Research) Kenneth Nwafor, (Acronis Research and Constructor Technology) Andrey Ustyuzhanin (Constructor University and Acronis Research) |
| 11:20 AM | Risk Assessment & Mitigation for Core Security Capabilities Marc Dupuis (University of Washington) Karen Renaud (Strathclyde University) |
Friday, September 27 – eCrime Measurement, Risk and Policy Roundtables @ Tufts University


Following the APWG eCrime 2024 conference, APWG and Tufts University will be convening the inaugural eCrime Measurement, Risk and Policy Roundtables on Securing Digital Society at Tufts University’s Fletcher School of Law and Diplomacy at 160 Packard Ave., Medford, MA 02155 on Friday, September 27, 2024.
Policy and Research Roundtables: How Can Polities Tackle Cybercrime, Through Rigorous Research and Evidence-Based Policy?
Information and cybersecurity has been the topic in the boardroom and policy circles for multiple years now. Outages regularly make the news, as failures of popular services can impact on hundreds of organizations and millions of people.
Yet, while some discussions are happening around the issues of cybercrime and abuse, little is improving at any scale. Cryptoscams are legion on YouTube, TikTok, and Twitter, attempts to compromise Business Email are regularly successful, phishing sites are everywhere, and fraudulent spam clogs mailboxes — even if technical measures are deployed.
The eCrime Measurement, Risk and Policy Roundtables on Securing Digital Society shall engage the public policy gaps that must be addressed to make those common abuses that plague Internet infrastructure manageable at scale. These are policy deficits that the private sector has, to date, indicated it lacks the power, imagination or motivation to grasp constructively, to our common peril.
Some key issues demand technical expertise and operations-level mitigations, and these aspects of criminal schemes are thus relegated to disciplines of computer science, engineering, economics, and criminology. Yet, many if not most other key issues pertain directly or partially to governance and the international system: for example, it is an open secret that many profit-oriented cybercrime groups are shielded if not supported by governments who benefit from extracting value from “Western” consumers, transferring funds and weakening their economic and political systems.
It has become, therefore, increasingly clear to both sides of the operations and policy divide that the strongest solutions to common infrastructure abuses are operational best practices steeled by directly relevant policy. eCrime Measurement, Risk and Policy Roundtables on Securing Digital Society will work to identify those opportunities in securing shared Internet infrastructure from common abuses that can be most enduringly animated by the contemporaneous application of policy and operational conventions.
This first installment of the policy roundtables shall lay the groundwork for future discussions and work products that may have an impact on governments, companies, and — most importantly — people. What questions need to be resolved to make progress, what issues need to be clarified and discussed, what “work products” would lead to interest and change in corporate and policy circles? In short, what are the levers to pull to stop criminal exploitation of the shared Internet infrastructure, and who and where need they to be pulled?
These policy roundtables shall bring together business and policy leaders, non-governmental and civil society organizations, law enforcement, empirical researchers, security specialists, and engineers in order for all these groups to consider what different stakeholders can do and provide to address the challenges of cybercrime and online abuse.
DRAFT AGENDA: Policy and Research Roundtables: How Can Polities Tackle Cybercrime, Through Rigorous Research and Evidence-Based Policy?
| 8:15-8:45 | Registration / Coffees and Crusts |
| 8:45-8:55 | Prompt: What are the key gaps and issues we encountered and addressed this week in eCrime 2024’s discussions? |
| 8:55-9:35 | Discussion: What are the key gaps and issues we addressed this week? |
| 9:35-9:40 | Opener: How can these gaps be researched and measured with appropriate. domain-relevant rigor? |
| 9:40-10:15 | Discussion: How can these gaps be researched and measured with appropriate. domain-relevant rigor? |
| Break | 25 min |
| 10:40-10:45 | Opener: How can policy makers and industry address these issues and avoid/adroitly negotiate collisions? |
| 10:45-11:20 | Discussion: How can policy makers and companies address these issues? |
| 11:20-12:00 | What operational at risk management practices will devolve to sovereign law to organise and enforce as keystones to stable infrastructure maintenance upon which society depends? |
| 12:00-13:30 | Room stays open for discussions, coffees and crusts. |
APWG eCrime 2024: the 19th Edition
APWG eCrime 2024 combines a peer-reviewed conference with general sessions open to industry, government, law enforcement and multilateral organizations, featuring keynote presentations from global thought-leaders, as well as technical and practical operationally focused sessions, and interactive panels. The objective of eCrime is to foster practical collaboration and the exchange of catalytic ideas by academic researchers, industry security practitioners, and law enforcement professionals in the global struggle against cybercrime.
IMPORTANT DATES:
Full Paper registration / submission due: July 7
Notification of acceptance: July 21
Conference: Sept 24-26
Camera-ready paper due: October 25
PAPERS´ TOPICS MAY INCLUDE BUT ARE NOT LIMITED TO:
Artificial Intelligence as criminal co-conspirator – and as defensive collaborator
Addressing challenges of cybercrime’s increasing complexity (e.g. digital infrastructures, crime-fighting/forensic techniques, and the structure of the crimes themselves)
Detecting and/or mitigating eCrime (e.g. online fraud, malware, phishing, ransomware, etc.)
Behavioral and psychosocial aspects of cybercrime victimization – and prevention
Measuring and modeling of cybercrime
Economics of cybercrime
Cybercrime payload delivery strategies and countermeasures (e.g. spam, mobile apps, social engineering, etc.)
Public Policy and Law for cybercrime
Cryptocurrency and related cybercrimes – and forensic tools and techniques for cryptocurrency related cybercrimes
Case studies of current cybercrime attack methods, (e.g. phishing, malware, rogue antivirus programs, pharming, crimeware, botnets, and emerging techniques)
Detecting/preventing abuse of internet infrastructure to neutralize cybercrimes
Detecting/isolating cybercrime gangs’ and attendant money laundering enterprises
Cybercrime’s evolution in specific verticals: (e.g. financial services, e-commerce, health, energy & supplies)
Cybercriminal cloaking techniques – and counter-cloaking tools and approaches
Design and evaluation of UI/UXs to neutralize fraud and enhance user security
AUTHORS’ GUIDANCE
eCrime has adopted the IEEE publication format. Submissions should be in English, in PDF format with all fonts embedded, and formatted using the IEEE conference template, which can be found at:
http://www.ieee.org/conferences_events/conferences/publishing/templates.html.
Submissions should be anonymised, excluding author names, affiliations and acknowledgments. Authors’ own work should be referred to in the third person.
Paper should not exceed 12 letter-sized pages, excluding the bibliography and appendices.
Committee members are not required to read appendices, so ensure that the main paper is intelligible without them.
Submitted papers that do not adhere to all the above guidelines may be rejected without consideration of their merits.
Authors of accepted papers must present them and register at the event.
For paper submissions use the New Submission option at:
Authors will be asked to indicate whether they would like their submissions to be considered for the Best Student Paper Award. Any paper co-authored by a full-time student is eligible for this award.
Authors of accepted papers must guarantee that their paper will be presented at the conference. We understand that some authors may face difficulties in obtaining funding to attend the conference. Therefore, a limited number of stipends are available for those who are unable to secure funding. Students who will present their accepted papers themselves will be given priority in receiving such assistance.
About the Symposium on Electronic Crime Research
The Symposium on Electronic Crime Research (APWG eCrime) was founded in 2006 as the eCrime Researchers Summit, conceived by APWG Secretary General Peter Cassidy as a comprehensive, multi-disciplinary venue to present basic and applied research into electronic crime and engaging every aspect of its evolution – as well as spotlighting technologies and techniques for cybercrime detection, response, forensics and prevention.
Since then, what had been initially a technology focused conference has incrementally expanded its focus to cover behavioral, social, economic, and legal / policy dimensions as well as technical aspects of cybercrime, following the interests of our correspondent investigators, the symposium’s managers as well as the APWG’s own directors and steering committee members.
Scores upon scores of papers exploring these dimensions of cybercrime at APWG eCrime have been published by the IEEE <APWG | eCrime Research Papers> as well as by Taylor & Francis and the Association of Computing Machinery (in the very earliest years of the symposium).
With its multi-disciplinary approach, APWG eCrime every year brings together the most heterogeneous community of counter-eCrime researchers and industrial stakeholders to confer over the latest research, and to foster collaborations between the leading investigators in this still nascent field of cybercrime studies.
The power of that community, over the years, has been expressed in their contributions to research in academia and industry, cited in the papers above, their innovations for industry – and the globally scaled research projects they’ve organizing today such as the PhishFarm browser block list latency measurement program that APWG ecrime-associated investigators are organizing: http://ecrimeresearch.org/phishfarm
A Short History of APWG eCrime
Academic and industrial researchers appeared at the APWG’s door almost at the very genesis of the APWG, delineating phishing’s contemporary nature, speculating on probable evolutionary trajectories – and proposing research that needed APWG’s data corpora to shape their theses and inform their research. The APWG established APWG eCrime to honor that contribution, foster its spirit – and to organize the creative energy of researchers that would eventually overwhelm the APWG’s other conference venues.
APWG organized the initial eCrime Researchers Summit in Orlando in early Spring 2006 in collaboration with Florida State University; the National Center for Forensic Sciences at University of Central Florida; and the Florida Department of Law Enforcement, recognizing the interest in ecrime research by both researchers and within the law enforcement community. Secretary General Cassidy authored the initial CFP. FSU computer science researcher Judi Mulholland organized and managed the peer-review committee and edited the proceedings for publication by Taylor & Francis.
Since the first eCrime conference in 2006, the APWG eCrime management team and submission review committee – drawing from academic and industrial researchers from across the world – has produced conference with academic conference partners every year. Today, APWG eCrime is supported by the IEEE Standards Association which acts as Technical Sponsor to the conference and publishes the conferences proceedings in the IEEE XPlore Digital Library.
APWG eCrime will continue to be a collaborative project of its sponsoring institutions, its chairs, committee members, reviewers, and, of course, the researchers who share their findings. The APWG gives its thanks to all who are making eCrime the keystone event in the field and to all of those who have helped establish and maintain it. And to all of our new collaborators and contributors: welcome. If you’ve an interest in participating somehow in development this vital program, please contact admin [at] apwg.org.






