Accurately interpreting clickthrough data as implicit feedback
Proceedings of the 28th annual international ACM SIGIR conference on Research and development in information retrieval
VLDB '05 Proceedings of the 31st international conference on Very large data bases
Examining the impact of website take-down on phishing
Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit
An inquiry into the nature and causes of the wealth of internet miscreants
Proceedings of the 14th ACM conference on Computer and communications security
The ghost in the browser analysis of web-based malware
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Spamalytics: an empirical analysis of spam marketing conversion
Proceedings of the 15th ACM conference on Computer and communications security
SS'08 Proceedings of the 17th conference on Security symposium
Meme-tracking and the dynamics of the news cycle
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining
Evil Searching: Compromise and Recompromise of Internet Hosts for Phishing
Financial Cryptography and Data Security
A study of cross-validation and bootstrap for accuracy estimation and model selection
IJCAI'95 Proceedings of the 14th international joint conference on Artificial intelligence - Volume 2
Temporal correlations between spam and phishing websites
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
The nocebo effect on the web: an analysis of fake anti-virus distribution
LEET'10 Proceedings of the 3rd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Proceedings of the 17th ACM conference on Computer and communications security
@spam: the underground on 140 characters or less
Proceedings of the 17th ACM conference on Computer and communications security
An analysis of rogue AV campaigns
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Click Trajectories: End-to-End Analysis of the Spam Value Chain
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Measuring and analyzing search-redirection attacks in the illicit online prescription drug trade
SEC'11 Proceedings of the 20th USENIX conference on Security
deSEO: combating search-result poisoning
SEC'11 Proceedings of the 20th USENIX conference on Security
Measuring the perpetrators and funders of typosquatting
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
It's all about the benjamins: an empirical study on incentivizing users to ignore security advice
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
Network security games: combining game theory, behavioral economics, and network measurements
GameSec'11 Proceedings of the Second international conference on Decision and Game Theory for Security
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Beyond the blacklist: modeling malware spread and the effect of interventions
Proceedings of the 2012 workshop on New security paradigms
Sweetening android lemon markets: measuring and combating malware in application marketplaces
Proceedings of the third ACM conference on Data and application security and privacy
Pick your poison: pricing and inventories at unlicensed online pharmacies
Proceedings of the fourteenth ACM conference on Electronic commerce
ViceROI: catching click-spam in search ad networks
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
DECAF: detecting and characterizing ad fraud in mobile apps
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
Online service providers are engaged in constant conflict with miscreants who try to siphon a portion of legitimate traffic to make illicit profits. We study the abuse of "trending" search terms, in which miscreants place links to malware-distributing or ad-filled web sites in web search and Twitter results, by collecting and analyzing measurements over nine months from multiple sources. We devise heuristics to identify ad-filled sites, report on the prevalence of malware and ad-filled sites in trending-term search results, and measure the success in blocking such content. We uncover collusion across offending domains using network analysis, and use regression analysis to conclude that both malware and ad-filled sites thrive on less popular, and less profitable trending terms. We build an economic model informed by our measurements and conclude that ad-filled sites and malware distribution may be economic substitutes. Finally, because our measurement interval spans February 2011, when Google announced changes to its ranking algorithm to root out low-quality sites, we can assess the impact of search-engine intervention on the profits miscreants can achieve.