The cornerstone of modern security is understanding when and how systems are abused and exploited. Gathering such knowledge is essential as decades of experience demonstrate the infeasibility of building perfectly secure systems. Yet, the systems with the greatest need of securing---such as those underpinning critical Internet services---are often the most difficult to study. Challenges in large-scale security research include collecting data from systems outside the control of the researcher, analyzing large volumes of such data, and inferring behavior using limited observations and incomplete information. In this talk, I will focus on my research efforts to study the abuse of complex and inter-connected systems. My work has focused on multiple aspects of this endeavour, including the development of novel data collection methodologies, the analysis of partially structured data, and the transition of research results into practical tools and techniques.