Measurement of IP and Network Tracking Behaviour of Malicious Websites
| Title | Measurement of IP and Network Tracking Behaviour of Malicious Websites |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Mansoori, Masood, Welch, Ian, Hashemi, Seyed Ebrahim |
| Conference Name | Proceedings of the Australasian Computer Science Week Multiconference |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4042-7 |
| Keywords | belief networks, client honeypot, Collaboration, composability, Human Behavior, IP tracking, malicious websites, Metrics, network tracking, policy, pubcrawl, Resiliency, Scalability |
| Abstract | IP tracking and cloaking are practices for identifying users which are used legitimately by websites to provide services and content tailored to particular users. However, it is believed that these practices are also used by malicious websites to avoid detection by anti-virus companies crawling the web to find malware. In addition, malicious websites are also believed to use IP tracking in order to deliver targeted malware based upon a history of previous visits by users. In this paper we empirically investigate these beliefs and collect a large dataset of suspicious URLs in order to identify at what level IP tracking takes place that is at the level of an individual address or at the level of their network provider or organisation (Network tracking). Our results illustrate that IP tracking is used in a small subset of domains within our dataset while no strong indication of network tracking was observed. |
| URL | http://doi.acm.org/10.1145/2843043.2843358 |
| DOI | 10.1145/2843043.2843358 |
| Citation Key | mansoori_measurement_2016 |