作者: Jialong Zhang , Chao Yang , Zhaoyan Xu , Guofei Gu
DOI: 10.1007/978-3-642-33338-5_12
关键词:
摘要: Through injecting dynamic script codes into compromised websites, attackers have widely launched search poisoning attacks to achieve their malicious goals, such as spreading spam or scams, distributing malware and launching drive-by download attacks. While most current related work focuses on measuring detecting specific in the crawled dataset, it is also meaningful design an effective approach find more websites Internet that been utilized by launch attacks, because those essentially become important component attack chain. In this paper, we present active efficient approach, named PoisonAmplifier, through tracking down Particularly, starting from a small seed set of known are PoisonAmplifier can recursively analyzing poisoned webpages' special terms links, exploring web sites' vulnerabilities. our 1 month evaluation, quickly collect around 75K unique 252 verified within first 7 days continue 827 new daily basis thereafter.