Accurately interpreting clickthrough data as implicit feedback
Proceedings of the 28th annual international ACM SIGIR conference on Research and development in information retrieval
Detecting spam web pages through content analysis
Proceedings of the 15th international conference on World Wide Web
Understanding the network-level behavior of spammers
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Spam double-funnel: connecting web spammers with advertisers
Proceedings of the 16th international conference on World Wide Web
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Examining the impact of website take-down on phishing
Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit
An inquiry into the nature and causes of the wealth of internet miscreants
Proceedings of the 14th ACM conference on Computer and communications security
Spamscatter: characterizing internet scam hosting infrastructure
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Spamming botnets: signatures and characteristics
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Spamalytics: an empirical analysis of spam marketing conversion
Proceedings of the 15th ACM conference on Computer and communications security
SS'08 Proceedings of the 17th conference on Security symposium
Evil Searching: Compromise and Recompromise of Internet Hosts for Phishing
Financial Cryptography and Data Security
Temporal correlations between spam and phishing websites
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Proceedings of the 17th ACM conference on Computer and communications security
@spam: the underground on 140 characters or less
Proceedings of the 17th ACM conference on Computer and communications security
Click Trajectories: End-to-End Analysis of the Spam Value Chain
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Fashion crimes: trending-term exploitation on the web
Proceedings of the 18th ACM conference on Computer and communications security
Cloak and dagger: dynamics of web search cloaking
Proceedings of the 18th ACM conference on Computer and communications security
Network security games: combining game theory, behavioral economics, and network measurements
GameSec'11 Proceedings of the Second international conference on Decision and Game Theory for Security
PharmaLeaks: understanding the business of online pharmaceutical affiliate programs
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Priceless: the role of payments in abuse-advertised goods
Proceedings of the 2012 ACM conference on Computer and communications security
Taster's choice: a comparative analysis of spam feeds
Proceedings of the 2012 ACM conference on Internet measurement conference
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Pirates of the search results page
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Pick your poison: pricing and inventories at unlicensed online pharmacies
Proceedings of the fourteenth ACM conference on Electronic commerce
| Hi-index | 0.00 |
We investigate the manipulation of web search results to promote the unauthorized sale of prescription drugs. We focus on search-redirection attacks, where miscreants compromise high-ranking websites and dynamically redirect traffic to different pharmacies based upon the particular search terms issued by the consumer. We constructed a representative list of 218 drug-related queries and automatically gathered the search results on a daily basis over nine months in 2010-2011. We find that about one third of all search results are one of over 7 000 infected hosts triggered to redirect to a few hundred pharmacy websites. Legitimate pharmacies and health resources have been largely crowded out by search-redirection attacks and blog spam. Infections persist longest on websites with high PageRank and from .edu domains. 96% of infected domains are connected through traffic redirection chains, and network analysis reveals that a few concentrated communities link many otherwise disparate pharmacies together. We calculate that the conversion rate of web searches into sales lies between 0.3% and 3%, and that more illegal drugs sales are facilitated by search-redirection attacks than by email spam. Finally, we observe that concentration in both the source infections and redirectors presents an opportunity for defenders to disrupt online pharmacy sales.