deSEO: combating search-result poisoning
作者: Arvind Krishnamurthy , John P. John , Yinglian Xie , Martín Abadi , Fang Yu
DOI:
关键词:
摘要: We perform an in-depth study of SEO attacks that spread malware by poisoning search results for popular queries. Such attacks, although recent, appear to be both widespread and effective. They compromise legitimate Web sites generate a large number fake pages targeting trendy keywords. first dissect one example attack affects over 5,000 domains attracts 81,000 user visits. Further, we develop de-SEO, system automatically detects these attacks. Using datasets with hundreds billions URLs, deSEO successfully identifies multiple malicious campaigns. In particular, applying the URL signatures derived from deSEO, find 36% sampled searches Google Bing contain at least link in top time our experiment.
ucsc.edu参考文章(16)
Baoning Wu, Brian D. Davison, Cloaking and Redirection: A Preliminary Study. adversarial information retrieval on the web. pp. 7- 16 ,(2005)
Arvind Krishnamurthy, John P. John, Yinglian Xie, Martín Abadi, Fang Yu, Searching the searchers with searchaudit usenix security symposium. pp. 9- 9 ,(2010)
Rajeev Motwani, Terry Winograd, Lawrence Page, Sergey Brin, The PageRank Citation Ranking : Bringing Order to the Web the web conference. ,vol. 98, pp. 161- 172 ,(1999)
Dennis Fetterly, Mark Manasse, Marc Najork, Spam, damn spam, and statistics: using statistical analysis to locate spam web pages international workshop on the web and databases. pp. 1- 6 ,(2004) , 10.1145/1017074.1017077
Tanguy Urvoy, Emmanuel Chauveau, Pascal Filoche, Thomas Lavergne, Tracking Web spam with HTML style similarities ACM Transactions on the Web. ,vol. 2, pp. 1- 28 ,(2008) , 10.1145/1326561.1326564
Alexandros Ntoulas, Marc Najork, Mark Manasse, Dennis Fetterly, Detecting spam web pages through content analysis Proceedings of the 15th international conference on World Wide Web - WWW '06. pp. 83- 92 ,(2006) , 10.1145/1135777.1135794
David Arthur, Sergei Vassilvitskii, k-means++: the advantages of careful seeding symposium on discrete algorithms. pp. 1027- 1035 ,(2007) , 10.5555/1283383.1283494
Chad Verbowski, Roussi Roussev, Xuxian Jiang, Yi-Min Wang, Shuo Chen, Doug Beck, Samuel T. King, Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities. network and distributed system security symposium. pp. 12- ,(2006)
Yinglian Xie, Fang Yu, Kannan Achan, Rina Panigrahy, Geoff Hulten, Ivan Osipkov, Spamming botnets ACM SIGCOMM Computer Communication Review. ,vol. 38, pp. 171- 182 ,(2008) , 10.1145/1402946.1402979
Henry M. Levy, Alexander Moshchuk, Steven D. Gribble, Tanya Bragin, A Crawler-based Study of Spyware on the Web network and distributed system security symposium. ,(2005)