Seven Months' Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse
作者: Pieter Agten , Wouter Joosen , Frank Piessens , Nick Nikiforakis
关键词:
摘要: Typosquatting is the act of purposefully registering a domain name that mistype popular name. It concept has been known and studied for over 15 years, yet still thoroughly practiced up until this day. While previous typosquatting studies have always taken snapshot landscape or base their longitudinal results only on registration data, we present first contentbased, study typosquatting. We collected data about domains 500 most sites Internet every day, period seven months, use to establish whether previously discovered trends hold today, provide new insights in landscape. In particular reveal that, even though 95% investigated are actively targeted by typosquatters, few trademark owners protect themselves against practice proactively own domains. take advantage aspect our show, among other results, change hands from typosquatters legitimate vice versa, vary monetization strategy hosting different types pages time. Our also reveals large fraction can be traced back small group page hosters certain top-level much more prone than others.
ndss-symposium.org
kuleuven.be
core.ac.uk
securitee.org 参考文章(17)
Nick Nikiforakis, Marco Balduzzi, Lieven Desmet, Frank Piessens, Wouter Joosen, Soundsquatting: Uncovering the Use of Homophones in Domain Squatting international conference on information security. pp. 291- 308 ,(2014) , 10.1007/978-3-319-13257-0_17
Chad Verbowski, Jeffrey Wang, Yi-Min Wang, Doug Beck, Brad Daniels, Strider typo-patrol: discovery and analysis of systematic typo-squatting conference on steps to reducing unwanted traffic on internet. pp. 5- 5 ,(2006)
Scott E. Coull, Andrew M. White, Ting-Fang Yen, Fabian Monrose, Michael K. Reiter, Understanding Domain Registration Abuses information security. pp. 68- 79 ,(2010) , 10.1007/978-3-642-15257-3_7
Steven D. Gribble, Tobias Holgers, David E. Watson, Cutting through the confusion: a measurement study of homograph attacks usenix annual technical conference. pp. 24- 24 ,(2006)
Nick Nikiforakis, Steven Van Acker, Wannes Meert, Lieven Desmet, Frank Piessens, Wouter Joosen, Bitsquatting Proceedings of the 22nd international conference on World Wide Web - WWW '13. pp. 989- 998 ,(2013) , 10.1145/2488388.2488474
A. Costello, Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA) RFC. ,vol. 3492, pp. 1- 35 ,(2003)
Mark Felegyhazi, Chris Kanich, Jonathan Spring, Balazs Kocso, Janos Szurdi, Gabor Cseh, The long Taile of typosquatting domain names usenix security symposium. pp. 191- 206 ,(2014)
Tristan Halvorson, Kirill Levchenko, Stefan Savage, Geoffrey M. Voelker, XXXtortion?: inferring registration intent in the .XXX TLD the web conference. pp. 901- 912 ,(2014) , 10.1145/2566486.2567995
Thomas Vissers, Wouter Joosen, Nick Nikiforakis, Parking sensors: Analyzing and detecting parked domains network and distributed system security symposium. pp. 53- 53 ,(2015) , 10.14722/NDSS.2015.23053
Anirban Banerjee, Md Sazzadur Rahman, Michalis Faloutsos, SUT: Quantifying and mitigating URL typosquatting Computer Networks. ,vol. 55, pp. 3001- 3014 ,(2011) , 10.1016/J.COMNET.2011.06.005