2021
DOI: 10.1109/tnsm.2021.3075552
|View full text |Cite
|
Sign up to set email alerts
|

Blocklist Babel: On the Transparency and Dynamics of Open Source Blocklisting

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

1
4
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
4
3

Relationship

0
7

Authors

Journals

citations
Cited by 11 publications
(5 citation statements)
references
References 17 publications
1
4
0
Order By: Relevance
“…We find that 376 browsers (89%) permit at least one request that should be blocked based on these lists. One possible explanation for this behavior is that browsers use different blocklists, unblock lists, or neither-again, consistent with prior work observing variations in blocking behavior [48,132]. Of the remaining 48 browsers, we look at browsers that load a majority of our test pages and make no requests on these lists and see that 17 browsers (4%) fit this criteria, including popular browsers like Firefox and Adblock Browser.…”
Section: Content Modificationsupporting
confidence: 66%
See 1 more Smart Citation
“…We find that 376 browsers (89%) permit at least one request that should be blocked based on these lists. One possible explanation for this behavior is that browsers use different blocklists, unblock lists, or neither-again, consistent with prior work observing variations in blocking behavior [48,132]. Of the remaining 48 browsers, we look at browsers that load a majority of our test pages and make no requests on these lists and see that 17 browsers (4%) fit this criteria, including popular browsers like Firefox and Adblock Browser.…”
Section: Content Modificationsupporting
confidence: 66%
“…While we do not know exactly why these browsers block this content, we speculate that this could be an attempt to mitigate pervasive tracking from webpages. This also highlights the diversity in browsers' blocking behavior, indicating that different browsers use different anti-tracking and blocklist implementations [48,132]. Allowed requests.…”
Section: Content Modificationmentioning
confidence: 91%
“…Limitation on Ground truth It is often challenging to collect a large-scale URL ground truth [18]. Despite our best efforts to cover various types of attacks in ground truth, our dataset may still have some limitation.…”
Section: Discussionmentioning
confidence: 99%
“…Furthermore, the positive counts for malware URLs and phishing URLs should be treated differently, given the higher correlation in phishing URLs. Given a malicious URL, identifying if it is involved in a phishing or a malware attack is quite important in practice as, for example, these two attacks require different mitigation actions and malicious URLs are aggregated to threat specific feeds in practice [18]. As examined in Section 4, VT detailed labels are noisy since the scanners often do not agree on a single attack type label.…”
Section: Lead Lag Analysismentioning
confidence: 99%
See 1 more Smart Citation