A nearly four-year longitudinal study of search-engine poisoning

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2014, Pages 930-941

  Leontiadis, Nektarios ^a   Moore, Tyler ^b   Christin, Nicolas ^a  

^a CARNEGIE MELLON UNIVERSITY   (United States)

^b SOUTHERN METHODIST UNIVERSITY   (United States)

Author keywords

Online crime; Search engines; Web security

Indexed keywords

WEBSITES;

AUTONOMOUS SYSTEMS; DIRECT SEARCH; INTERVENTION STRATEGY; LONGITUDINAL STUDY; SEARCH-BASED; TIME-PERIODS; WEB SECURITY;

SEARCH ENGINES;

EID: 84910154693     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2660267.2660332     Document Type: Conference Paper

References (29)

1. R. Anderson, C. Barton, R. Böhme, R. Clayton, M. van Eeten, M. Levi, T. Moore, and S. Savage. Measuring the cost of cybercrime. In Proc. (online) WEIS 2012. Berlin, Germany, June 2012.
2. K. Borgolte, C. Kruegel, and G. Vigna. Delta: automatic identification of unknown web-based infection campaigns. In Proc. ACM CCS 2013, pages 109-120, Berlin, Germany, November 2013.
3. T. Catan. Google forks over settlement on Rx ads. The Wall Street Journal, August 2011. Available online at http://online.wsj.com/news/articles/SB10001424053111904787404576528332418595052.
4. comScore. February 2014 US search engine rankings. https://www.comscore.com/Insights/Press-Releases/2014/3/comScore-Releases-February-2014-U.S.-Search-Engine-Rankings, 2014. Last accessed August 26, 2014.
5. D. Cornish. The procedural analysis of offending and its relevance for situational prevention. Crime prevention studies, 3:151-196, 1994.
6. R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. In Proc. USENIX Security 2004. San Diego, CA, August 2004.
7. Z. Gyöngyi and H. Garcia-Molina. Link spam alliances. In Proc. ACM VLDB 2005, pages 517-528, Trondheim, Norway, August 2005.
8. AOL Inc. Open Directory project. http://www.dmoz.org/.
9. T. Joachims, L. Granka, B. Pan, H. Hembrooke, and G. Gay. Accurately interpreting clickthrough data as implicit feedback. In Proc. ACM SIGIR '05, pages 154-161, Salvador, Brazil, 2005.
10. J. John, F. Yu, Y. Xie, M. Abadi, and A. Krishnamurthy. deSEO: Combating search-result poisoning. In Proc. USENIX Security 2011, San Francisco, CA, August 2011.
11. C. Kanich, C. Kreibich, K. Levchenko, B. Enright, G. Voelker, V. Paxson, and S. Savage. Spamalytics: An empirical analysis of spam marketing conversion. In Proc. ACM CCS 2008, Alexandria, VA, October 2008.
12. E. Kao. Making search more secure, October 2011. http://googleblog.blogspot.com/2011/10/making-search-more-secure.html.
13. E. Kaplan and P. Meier. Nonparametric estimation from incomplete observations. Journal of the American Statistical Association, 53:457-481, 1958.
14. N. Leontiadis. Structuring disincentives for online criminals. PhD thesis, Carnegie Mellon University, 2014.
15. N. Leontiadis, T. Moore, and N. Christin. Measuring and analyzing search-redirection attacks in the illicit online prescription drug trade. In Proc. USENIX Security 2011, San Francisco, CA, August 2011.
16. N. Leontiadis, T. Moore, and N. Christin. Pick your poison: Pricing and inventories at unlicensed online pharmacies. In Proc. ACM EC, pages 621-638, Philadelphia, PA, June 2013.
17. K. Levchenko, N. Chachra, B. Enright, M. Felegyhazi, C. Grier, T. Halvorson, C. Kanich, C. Kreibich, H. Liu, D. McCoy, A. Pitsillidis, N. Weaver, V. Paxson, G. Voelker, and S. Savage. Click trajectories: End-to-end analysis of the spam value chain. In Proc. 2011 IEEE Symposium on Security and Privacy, Oakland, CA, May 2011.
18. Z. Li, S. Alrwais, X. Wang, and E. Alowaisheq. Hunting the red fox online: Understanding and detection of mass redirect-script injections. In Proc. 2014 IEEE Symposium on Security and Privacy, San Jose, CA, May 2014.
19. Legitscript LLC. Legitscript pharmacy validation. http://www.legitscript.com/pharmacies/.
20. L. Lu, R. Perdisci, and W. Lee. SURF: Detecting and measuring search poisoning. In Proc. ACM CCS 2011, Chicago, IL, October 2011.
21. D. McCoy, A. Pitsillidis, G. Jordan, N. Weaver, C. Kreibich, B. Krebs, G. Voelker, S. Savage, and K. Levchenko. Pharmaleaks: Understanding the business of online pharmaceutical affiliate programs. In Proc. USENIX Security 2012, Bellevue, WA, August 2012.
22. T. Moore, N. Leontiadis, and N. Christin. Fashion crimes: Trending-term exploitation on the web. In Proc. ACM CCS 2011, Chicago, IL, October 2011.
23. J. Mueller. Upcoming changes in Google's HTTP referrer, March 2012. http://googlewebmastercentral.blogspot.com/2012/03/upcoming-changes-in-googles-http.html.
24. A. Singhal and M. Cutts. Finding more high-quality sites in search, February 2011. http://googleblog.blogspot.com/2011/02/finding-more-high-quality-sites-in.html.
25. K. Soska and N. Christin. Automatically detecting vulnerable websites before they turn malicious. In Proc. USENIX Security 2014, San Diego, CA, August 2014.
26. The Internet Archive. Wayback machine. https://archive.org/web/.
27. VirusTotal. Free Online Virus, Malware and URL Scanner. https://www.virustotal.com/.
28. D. Wang, M. Der, M. Karami, L. Saul, D. McCoy, S. Savage, and G. Voelker. Search + seizure: The effectiveness of interventions on seo campaigns. In Proc. ACM IMC'14, Vancouver, BC, Canada, November 2014.
29. D. Wang, G. Voelker, and S. Savage. Juice: A longitudinal study of an SEO botnet. In Proc. NDSS'13, San Diego, CA, February 2013.