The Dark Alleys of Madison Avenue

Zarras, Apostolis; Kapravelos, Alexandros; Stringhini, Gianluca; Holz, Thorsten; Kruegel, Christopher; Vigna, Giovanni

doi:10.1145/2663716.2663719

Cited by 91 publications

(10 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To interact with such attacks, StraySheep attempted clicking the back button for each web page and determined that the action led to other SE pages. Malvertisement Redirection We found 13 Malvertisement website redirect domains [36], [37] that also led users to other SE pages. Cryptojacking We found three Cryptojacking domain names that secretly used user's CPU resources to mine cryptocurrencies by injecting JavaScript codes.…”

Section: Se Attack Categoriesmentioning

confidence: 80%

“…Our study followed research ethics principles and best practices [5], [36], [37], [39]. While we conducted parallel crawling for various websites, each of our crawling sessions sequentially traversed web content on the same website, so only a restricted amount of traffic to the website was generated, which did not increase website workload.…”

Section: Ethical Considerationmentioning

confidence: 99%

See 1 more Smart Citation

To Get Lost is to Learn the Way: An Analysis of Multi-Step Social Engineering Attacks on the Web

Koide

Chiba²,

Akiyama³

et al. 2021

IEICE Trans. Fundamentals

View full text Add to dashboard Cite

Section: Se Attack Categoriesmentioning

confidence: 80%

Section: Ethical Considerationmentioning

confidence: 99%

To Get Lost is to Learn the Way: An Analysis of Multi-Step Social Engineering Attacks on the Web

Koide

Chiba²,

Akiyama³

et al. 2021

IEICE Trans. Fundamentals

View full text Add to dashboard Cite

“…These websites are primarily torrent websites that serve illegal copies of movies and software. Moreover, 19% of websites were categorized as "Education", which can be attributed to the exploitation of trust by adversaries behind cryptojacking since educational sites are highly trusted [32]. Figure 1 shows the content-based categorization of 5703 websites in our complete dataset.…”

Section: Content-based Categorizationmentioning

confidence: 99%

Dine and Dash: Static, Dynamic, and Economic Analysis of In-Browser Cryptojacking

Saad

Khormali

Mohaisen

2019

2019 APWG Symposium on Electronic Crime Research (eCrime)

View full text Add to dashboard Cite

Cryptojacking is the permissionless use of a target device to covertly mine cryptocurrencies. With cryptojacking, attackers use malicious JavaScript codes to force web browsers into solving proof-of-work puzzles, thus making money by exploiting the resources of the website visitors. To understand and counter such attacks, we systematically analyze the static, dynamic, and economic aspects of in-browser cryptojacking. For static analysis, we perform content, currency, and code-based categorization of cryptojacking samples to 1) measure their distribution across websites, 2) highlight their platform affinities, and 3) study their code complexities. We apply machine learning techniques to distinguish cryptojacking scripts from benign and malicious JavaScript samples with 100% accuracy. For dynamic analysis, we analyze the effect of cryptojacking on critical system resources, such as CPU and battery usage. We also perform web browser fingerprinting to analyze the information exchange between the victim node and the dropzone cryptojacking server. We also build an analytical model to empirically evaluate the feasibility of cryptojacking as an alternative to online advertisement. Our results show a sizeable negative profit and loss gap, indicating that the model is economically infeasible. Finally, leveraging insights from our analyses, we build countermeasures for in-browser cryptojacking that improve the existing remedies.

show abstract

“…Several papers have highlighted the importance of the field of advertising and click fraud [44,50]. Keeping ad networks free of fraud is highlighted by the work of Mungamuru et al [37], who show that ad networks free of click fraud results in a competitive advantage over rival ad networks and thus attracts more advertisers.…”

Section: Related Workmentioning

confidence: 99%

Clicktok

Nagaraja

Shah

2019

Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks

View full text Add to dashboard Cite

Advertising is a primary means for revenue generation for millions of websites and smartphone apps. Naturally, a fraction abuse ad networks to systematically defraud advertisers of their money. Modern defences have matured to overcome some forms of click fraud but measurement studies have reported that a third of clicks supplied by ad networks could be clickspam. Our work develops novel inference techniques which can isolate click fraud attacks using their fundamental properties. We propose two defences, mimicry and bait-click, which provide clickspam detection with substantially improved results over current approaches. Mimicry leverages the observation that organic clickfraud involves the reuse of legitimate click traffic, and thus isolates clickspam by detecting patterns of click reuse within ad network clickstreams. The bait-click defence leverages the vantage point of an ad network to inject a pattern of bait clicks into a user's device. Any organic clickspam generated involving the bait clicks will be subsequently recognisable by the ad network. Our experiments show that the mimicry defence detects around 81% of fake clicks in stealthy (low rate) attacks, with a false-positive rate of 110 per hundred thousand clicks. Similarly, the bait-click defence enables further improvements in detection, with rates of 95% and a reduction in false-positive rates of between 0 and 30 clicks per million-a substantial improvement over current approaches.

show abstract

The Dark Alleys of Madison Avenue

Cited by 91 publications

References 24 publications

To Get Lost is to Learn the Way: An Analysis of Multi-Step Social Engineering Attacks on the Web

To Get Lost is to Learn the Way: An Analysis of Multi-Step Social Engineering Attacks on the Web

Dine and Dash: Static, Dynamic, and Economic Analysis of In-Browser Cryptojacking

Clicktok

Contact Info

Product

Resources

About