2012
DOI: 10.1007/978-3-642-33338-5_12
|View full text |Cite
|
Sign up to set email alerts
|

PoisonAmplifier: A Guided Approach of Discovering Compromised Websites through Reversing Search Poisoning Attacks

Abstract: Abstract. Through injecting dynamic script codes into compromised websites, attackers have widely launched search poisoning attacks to achieve their malicious goals, such as spreading spam or scams, distributing malware and launching drive-by download attacks. While most current related work focuses on measuring or detecting specific search poisoning attacks in the crawled dataset, it is also meaningful to design an effective approach to find more compromised websites on the Internet that have been utilized by… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1

Citation Types

0
3
0

Year Published

2013
2013
2021
2021

Publication Types

Select...
4
2
1

Relationship

0
7

Authors

Journals

citations
Cited by 11 publications
(3 citation statements)
references
References 9 publications
0
3
0
Order By: Relevance
“…Although these studies analyzed the infrastructure and traditional distribution techniques for fake AV software-such as drive-by downloads and fake infection alerts-new distribution tactics using FRAD sites have not been revealed. There is also related work that describes case studies of fake AV software distribution from social engineering aspects [4], [11], [12], [15], [16], [20], [21], [22], [23], [24], [25], [26], [27], [28], [29], [30], [31], [32]. In most studies, they analyzed fake infection alerts via advertisements that threaten or attract users to install fake AV software.…”
Section: Related Workmentioning
confidence: 99%
“…Although these studies analyzed the infrastructure and traditional distribution techniques for fake AV software-such as drive-by downloads and fake infection alerts-new distribution tactics using FRAD sites have not been revealed. There is also related work that describes case studies of fake AV software distribution from social engineering aspects [4], [11], [12], [15], [16], [20], [21], [22], [23], [24], [25], [26], [27], [28], [29], [30], [31], [32]. In most studies, they analyzed fake infection alerts via advertisements that threaten or attract users to install fake AV software.…”
Section: Related Workmentioning
confidence: 99%
“…If the supply-side factors include things like the availability of static analysis tools [19] and the ease of searching and fingerprinting WordPress deployments [42], popularity would be a notable demand-side factor. Accordingly, there should be only a small incentive to find new vulnerabilities from unpopular plugins.…”
Section: Introductionmentioning
confidence: 99%
“…This approach, however, requires numerous system and network resources for inspection, so it is a time-consuming process. Effective methods for discovering suitable seed URLs to apply crawling have been proposed recently [7][8][9]. Although these guided crawling methods can dramatically reduce the cost of crawling, another problem still remains, i.e., the need to rapidly discover unknown malicious websites.…”
Section: Introductionmentioning
confidence: 99%