Visible to the public Understanding Abusive Web Resources: Characteristics and Counter-measures of Malicious Web Resources and Cryptocurrency Mining

Submitted by grigby1 on Wed, 01/16/2019 - 2:32pm
TitleUnderstanding Abusive Web Resources: Characteristics and Counter-measures of Malicious Web Resources and Cryptocurrency Mining
Publication TypeConference Paper
Year of Publication2018
AuthorsDao, Ha, Mazel, Johan, Fukuda, Kensuke
Conference NameProceedings of the Asian Internet Engineering Conference
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-6131-6
Keywordscompositionality, Human Behavior, in-browser mining, Metrics, privacy, pubcrawl, Resiliency, Web Browser Security, web security
AbstractWeb security is a big concern in the current Internet; users may visit websites that automatically download malicious codes for leaking user's privacy information, or even mildly their web browser may help for someone's cryptomining. In this paper, we analyze abusive web resources (i.e. malicious resources and cryptomining) crawled from the Alexa Top 150,000 sites. We highlight the abusive web resources on Alexa ranking, TLD usage, website geolocation, and domain lifetime. Our results show that abusive resources are spread in the Alexa ranking, websites particularly generic Top Level Domain (TLD) and their recently registered domains. In addition, websites with malicious resources are mainly located in China while cryptomining is located in USA. We further evaluate possible counter-measures against abusive web resources. We observe that ad or privacy block lists are ineffective to block against malicious resources while coin-blocking lists are powerful enough to mitigate in-browser cryptomining. Our observations shed light on a little studied, yet important, aspect of abusive resources, and can help increase user awareness about the malicious resources and drive-by mining on web browsers.
URLhttp://doi.acm.org/10.1145/3289166.3289174
DOI10.1145/3289166.3289174
Citation Keydao_understanding_2018
Groups: