SS'08 Proceedings of the 17th conference on Security symposium
On the leakage of personally identifiable information via online social networks
Proceedings of the 2nd ACM workshop on Online social networks
Detection and analysis of drive-by-download attacks and malicious JavaScript code
Proceedings of the 19th international conference on World wide web
The utility of tweeted URLs for web search
Proceedings of the 19th international conference on World wide web
Detecting and characterizing social spam campaigns
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
How unique is your web browser?
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
Detecting spammers on social networks
Proceedings of the 26th Annual Computer Security Applications Conference
Proceedings of the 20th international conference on World wide web
Exposing the lack of privacy in file hosting services
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
Measuring pay-per-install: the commoditization of malware distribution
SEC'11 Proceedings of the 20th USENIX conference on Security
Phi.sh/$oCiaL: the phishing landscape through short URLs
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Understanding fraudulent activities in online ad exchanges
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
On word-of-mouth based discovery of the web
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Short links under attack: geographical analysis of spam in a URL shortener network
Proceedings of the 23rd ACM conference on Hypertext and social media
Perceptual Image Hashing Via Feature Points: Performance Evaluation and Tradeoffs
IEEE Transactions on Image Processing
Knowing your enemy: understanding and detecting malicious web advertising
Proceedings of the 2012 ACM conference on Computer and communications security
TabShots: client-side detection of tabnabbing attacks
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Two years of short URLs internet measurement: security threats and countermeasures
Proceedings of the 22nd international conference on World Wide Web
Cookieless Monster: Exploring the Ecosystem of Web-Based Device Fingerprinting
SP '13 Proceedings of the 2013 IEEE Symposium on Security and Privacy
Shady paths: leveraging surfing crowds to detect malicious web pages
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
URL shortening services facilitate the need of exchanging long URLs using limited space, by creating compact URL aliases that redirect users to the original URLs when followed. Some of these services show advertisements (ads) to link-clicking users and pay a commission of their advertising earnings to link-shortening users. In this paper, we investigate the ecosystem of these increasingly popular ad-based URL shortening services. Even though traditional URL shortening services have been thoroughly investigated in previous research, we argue that, due to the monetary incentives and the presence of third-party advertising networks, ad-based URL shortening services and their users are exposed to more hazards than traditional shortening services. By analyzing the services themselves, the advertisers involved, and their users, we uncover a series of issues that are actively exploited by malicious advertisers and endanger the users. Moreover, next to documenting the ongoing abuse, we suggest a series of defense mechanisms that services and users can adopt to protect themselves.