Efforts to prevent the manipulation of search results are having little impact on fraud, according to a study by researchers at Carnegie Mellon (CMU) and Southern Methodist universities.
The researchers say Google's countermeasures during their four-year study were not overly successful, and they believe search-redirection attackers have improved their techniques. The study focused on fraud-prone search subjects, such as pharmaceuticals, antivirus, pirated software, and online gambling. Nearly 60 percent of searches for such subjects redirected users to fraudulent sites in 2012.
Although the average time to clean the infected systems behind the attacks eventually shrank (to about 15 days), fraudsters compensated by penetrating more systems, says CMU professor Nicolas Christin. Starting in mid-2012, Google released browsers that defaulted to encrypted search requests using secure HTTP, which likely had more impact. "The move to encrypted search meant that certain parameters were not available to the attackers," Christin notes.
However, he says cybercriminals may have improved their methods. The researchers believe industry and government should focus their efforts on specific hosting providers and networks that are home to traffic brokers. They say by integrating the elimination of black-hat search results from the search database and a coordinated action against the traffic brokers, defenders could have a more long-term effect.
View Full Article
Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA
No entries found