How to Learn Klingon without a Dictionary: Detection and Measurement of Black Keywords Used by the Underground Economy

Yang, Hao; Ma, Xiulin; Du, Kai; Li, Zhou; Duan, Haixin; Su, Xiaodong; Guang, Liu; Geng, Zhifeng; Wu, Jianping

doi:10.1109/sp.2017.11

Cited by 42 publications

(15 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Many SE attacks use web pages that have copyright infringement, such as illegal downloads and free video streaming, to draw the attention of incautious users [8], [18]. To induce a user to access such web pages, attackers use search-engine-optimization techniques [19]- [21] and post messages on social media, which include links to the landing pages [22]- [24]. Examples of such social-media postings are an instruction video for illegally installing software and a message introducing a free game download site.…”

Section: Landing-page-collection Modulementioning

confidence: 99%

To Get Lost is to Learn the Way: An Analysis of Multi-Step Social Engineering Attacks on the Web

Koide

Chiba²,

Akiyama³

et al. 2021

IEICE Trans. Fundamentals

View full text Add to dashboard Cite

Section: Landing-page-collection Modulementioning

confidence: 99%

To Get Lost is to Learn the Way: An Analysis of Multi-Step Social Engineering Attacks on the Web

Koide

Chiba²,

Akiyama³

et al. 2021

IEICE Trans. Fundamentals

View full text Add to dashboard Cite

“…In such a situation, a company can publish the repository on GitHub and place a link to their homepage on GitHub. By exploiting GitHub's web ranking, their links are also promoted, similar to "blackhat SEO" illustrated in [10,46]. Here we give an example of GitHub "blackhat SEO" utilized, in which we inspect the strategy for this company to promote their business via GitHub.…”

Section: Promotion By Small Businessesmentioning

confidence: 99%

Understanding Promotion-as-a-Service on GitHub

Yang

Zhang

et al. 2020

Annual Computer Security Applications Conference

Self Cite

View full text Add to dashboard Cite

“…Many SE attacks use web pages that have copyright infringement, such as illegal downloads and free video streaming, to draw the attention of incautious users [13,27]. To induce a user to access to such web pages, attackers use search-engine-optimization techniques [15,21,37] and post messages on social media, which include links to the landing pages [14,19,26]. Examples of such social-media postings are an instruction video for illegally installing software and a message introducing a free game download site.…”

Section: Landing-page-collection Modulementioning

confidence: 99%

To Get Lost is to Learn the Way: Automatically Collecting Multi-step Social Engineering Attacks on the Web

Koide

Chiba

Akiyama

2020

Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

By exploiting people's psychological vulnerabilities, modern webbased social engineering (SE) attacks manipulate victims to download malware and expose personal information. To effectively lure users, some SE attacks constitute a sequence of web pages starting from a landing page and require browser interactions at each web page, which we call multi-step SE attacks. Also, different browser interactions executed on a web page often branch to multiple sequences to redirect users to different SE attacks. Although common systems analyze only landing pages or conduct browser interactions limited to a specific attack, little effort has been made to follow such sequences of web pages to collect multi-step SE attacks. We propose StraySheep, a system to automatically crawl a sequence of web pages and detect diverse multi-step SE attacks. We evaluate the effectiveness of StraySheep's three modules (landingpage-collection, web-crawling, and SE-detection) in terms of the rate of collected landing pages leading to SE attacks, efficiency of web crawling to reach more SE attacks, and accuracy in detecting the attacks. Our experimental results indicate that StraySheep can lead to 20% more SE attacks than Alexa top sites and search results of trend words, crawl five times more efficiently than a simple crawling module, and detect SE attacks with 95.5% accuracy. We demonstrate that StraySheep can collect various SE attacks; not limited to a specific attack. We also clarify attackers' techniques for tricking users and browser interactions redirecting users to attacks. CCS CONCEPTS • Security and privacy → Social engineering attacks.

show abstract

How to Learn Klingon without a Dictionary: Detection and Measurement of Black Keywords Used by the Underground Economy

Cited by 42 publications

References 23 publications

To Get Lost is to Learn the Way: An Analysis of Multi-Step Social Engineering Attacks on the Web

To Get Lost is to Learn the Way: An Analysis of Multi-Step Social Engineering Attacks on the Web

Understanding Promotion-as-a-Service on GitHub

To Get Lost is to Learn the Way: Automatically Collecting Multi-step Social Engineering Attacks on the Web

Contact Info

Product

Resources

About