PoisonAmplifier: A Guided Approach of Discovering Compromised Websites through Reversing Search Poisoning Attacks

作者: Jialong Zhang , Chao Yang , Zhaoyan Xu , Guofei Gu

DOI: 10.1007/978-3-642-33338-5_12

关键词:

摘要: Through injecting dynamic script codes into compromised websites, attackers have widely launched search poisoning attacks to achieve their malicious goals, such as spreading spam or scams, distributing malware and launching drive-by download attacks. While most current related work focuses on measuring detecting specific in the crawled dataset, it is also meaningful design an effective approach find more websites Internet that been utilized by launch attacks, because those essentially become important component attack chain. In this paper, we present active efficient approach, named PoisonAmplifier, through tracking down Particularly, starting from a small seed set of known are PoisonAmplifier can recursively analyzing poisoned webpages' special terms links, exploring web sites' vulnerabilities. our 1 month evaluation, quickly collect around 75K unique 252 verified within first 7 days continue 827 new daily basis thereafter.

参考文章(13)
Baoning Wu, Brian D. Davison, Cloaking and Redirection: A Preliminary Study. adversarial information retrieval on the web. pp. 7- 16 ,(2005)
Arvind Krishnamurthy, John P. John, Yinglian Xie, Martín Abadi, Fang Yu, Searching the searchers with searchaudit usenix security symposium. pp. 9- 9 ,(2010)
Arvind Krishnamurthy, John P. John, Yinglian Xie, Martín Abadi, Fang Yu, deSEO: combating search-result poisoning usenix security symposium. pp. 20- 20 ,(2011)
Marco Cova, Christopher Kruegel, Giovanni Vigna, Detection and analysis of drive-by-download attacks and malicious JavaScript code the web conference. pp. 281- 290 ,(2010) , 10.1145/1772690.1772720
Tyler Moore, Nektarios Leontiadis, Nicolas Christin, Fashion crimes Proceedings of the 18th ACM conference on Computer and communications security - CCS '11. pp. 455- 466 ,(2011) , 10.1145/2046707.2046761
Long Lu, Roberto Perdisci, Wenke Lee, SURF Proceedings of the 18th ACM conference on Computer and communications security - CCS '11. pp. 467- 476 ,(2011) , 10.1145/2046707.2046762
Luca Invernizzi, Paolo Milani Comparetti, Stefano Benvenuti, Christopher Kruegel, Marco Cova, Giovanni Vigna, EvilSeed: A Guided Approach to Finding Malicious Web Pages ieee symposium on security and privacy. pp. 428- 442 ,(2012) , 10.1109/SP.2012.33
Yinglian Xie, Fang Yu, Kannan Achan, Rina Panigrahy, Geoff Hulten, Ivan Osipkov, Spamming botnets ACM SIGCOMM Computer Communication Review. ,vol. 38, pp. 171- 182 ,(2008) , 10.1145/1402946.1402979
Yi-Min Wang, Ming Ma, Yuan Niu, Hao Chen, Spam double-funnel: connecting web spammers with advertisers the web conference. pp. 291- 300 ,(2007) , 10.1145/1242572.1242612
Baoning Wu, Brian D. Davison, Detecting semantic cloaking on the web Proceedings of the 15th international conference on World Wide Web - WWW '06. pp. 819- 828 ,(2006) , 10.1145/1135777.1135901