Searching the searchers with searchaudit
作者: Arvind Krishnamurthy , John P. John , Yinglian Xie , Martín Abadi , Fang Yu
DOI:
关键词: Exploit 、 Search engine 、 Computer science 、 Phishing 、 World Wide Web 、 Set (abstract data type) 、 Regular expression 、 Computer security 、 Class (computer programming) 、 Server 、 Hacker
摘要: Search engines not only assist normal users, but also provide information that hackers and other malicious entities can exploit in their nefarious activities. With carefully crafted search queries, attackers gather such as email addresses misconfigured or even vulnerable servers. We present SearchAudit, a framework identifies queries from massive engine logs order to uncover relationship with potential attacks. SearchAudit takes small set of seed, expands the using logs, generates regular expressions for detecting new queries. For instance, we show that, relying on just 500 discovers an additional 4 million distinct thousands Web sites. In addition, reveals series phishing attacks more than 400 domains compromised large number Windows Live Messenger user credentials. Thus, believe serve useful tool identifying preventing wide class early phases.
ucsc.edu参考文章(22)
Brad Karp, Hyang-Ah Kim, Autograph: toward automated, distributed worm signature detection usenix security symposium. pp. 19- 19 ,(2004)
Neil Daswani, Michael Stoppelman, The anatomy of Clickbot.A conference on workshop on hot topics in understanding botnets. pp. 11- 11 ,(2007)
Tyler Moore, Richard Clayton, Evil Searching: Compromise and Recompromise of Internet Hosts for Phishing Financial Cryptography and Data Security. ,vol. 5628, pp. 256- 272 ,(2009) , 10.1007/978-3-642-03549-4_16
Úlfar Erlingsson, Dennis Fetterly, Michael Isard, Jon Currey, Pradeep Kumar Gunda, Yuan Yu, Mihai Budiu, DryadLINQ: a system for general-purpose distributed data-parallel computing using a high-level language operating systems design and implementation. pp. 1- 14 ,(2008) , 10.5555/1855741.1855742
Cristian Estan, George Varghese, Stefan Savage, Sumeet Singh, Automated worm fingerprinting operating systems design and implementation. pp. 4- 4 ,(2004)
Aho AV, JE Hopcroft, JD Ullman, The Design and Analysis of Computer Algorithms ,(1974)
Greg Buehrer, Jack W. Stokes, Kumar Chellapilla, A large-scale study of automated web search traffic Proceedings of the 4th international workshop on Adversarial information retrieval on the web - AIRWeb '08. pp. 1- 8 ,(2008) , 10.1145/1451983.1451985
D. Eichmann, The RBSE spider — Balancing effective search against Web load Computer Networks and ISDN Systems. ,vol. 27, pp. 308- ,(1994) , 10.1016/S0169-7552(94)90151-1
Christian Kreibich, Jon Crowcroft, Honeycomb: creating intrusion detection signatures using honeypots acm special interest group on data communication. ,vol. 34, pp. 51- 56 ,(2004) , 10.1145/972374.972384
Michael Isard, Mihai Budiu, Yuan Yu, Andrew Birrell, Dennis Fetterly, Dryad: distributed data-parallel programs from sequential building blocks european conference on computer systems. ,vol. 41, pp. 59- 72 ,(2007) , 10.1145/1272996.1273005