Into the Deep Web

Understanding E-Commerce Fraud from Autonomous Chat with Cybercriminals

Peng Wang, Xiaojing Liao, Yue Qin, XiaoFeng Wang 
{pw7, xliao, qinyue, xw7}
in the Proceedings of Network and Distributed System Security Symposium (NDSS) 2020.


We designed and implemented the first chatbot, called Aubrey (AUtonomous chatBot foR intelligencE discoverY), for active threat intelligence gathering from e-commerce fraudsters.

Our approach leverages the question-driven conversation pattern of small-time workers, who seek jobs and/or attack resources from e-commerce fraudsters, to model the interaction process as a finite state machine (e.g., FSM), thereby enabling an autonomous conversation.

Our study shows that Aubrey is effective in e-commerce threat intelligence gathering, and helps expose a large amount of previously unknown, fraud-related artifacts. Our findings also bring new insights into the e-commerce fraud ecosystem. Such understanding and artifacts will help better defend against e-commerce fraudulent activities.


FSMs for cybercriminals

Intelligence Collection


  title={Into the Deep Web: Understanding E-commerce Fraud from Autonomous Chat with Cybercriminals.},
  author={Wang, Peng and Liao, Xiaojing and Qin, Yue and Wang, XiaoFeng},
  booktitle={Proceedings of The Network and Distributed System Security Symposium},

Data & Code

Data and code can be viewed and downloaded here.