David Y. Wang
Stefan Savage
ABSTRACT
Cloaking is a common 'bait-and-switch' technique used to hide the true nature of a Web site by delivering blatantly different semantic content to different user segments. It is often used in search engine optimization (SEO) to obtain user traffic illegitimately for scams. In this paper, we measure and characterize the prevalence of cloaking on different search engines, how this behavior changes for targeted versus untargeted advertising and ultimately the response to site cloaking by search engine providers. Using a custom crawler, called Dagger, we track both popular search terms (e.g., as identified by Google, Alexa and Twitter) and targeted keywords (focused on pharmaceutical products) for over five months, identifying when distinct results were provided to crawlers and browsers. We further track the lifetime of cloaked search results as well as the sites they point to, demonstrating that cloakers can expect to maintain their pages in search results for several days on popular search engines and maintain the pages themselves for longer still.
- John Bethencourt, Jason Franklin, and Mary Vernon. Mapping Internet Sensors with Probe Response Attacks. In Proceedings of the 14th USENIX Security Symposium, Baltimore, MD, July 2005. Google Scholar
Digital Library
- Andrei Z. Broder. On the Resemblance and Containment of Documents. In Proceedings of the Compression and Complexity of Sequences (SEQUENCES'97), pages 21--29, June 1997. Google ScholarDigital Library
- Lee G. Caldwell. The Fast Track to Profit. Pearson Education, 2002.Google Scholar
- Kumar Chellapilla and David Maxwell Chickering. Improving Cloaking Detection Using Search Query Popularity and Monetizability. In Proceedings of the SIGIR Workshop on Adversarial Information Retrieval on the Web (AIRWeb), August 2006.Google Scholar
- Marco Cova, Corrado Leita, Olivier Thonnard, Angelos Keromytis, and Marc Dacier. An Analysis of Rogue AV Campaigns. In Proceedings of the 13th International Symposium on Recent Advances in Intrusion Detection (RAID), September 2010. Google ScholarDigital Library
- Amir Efrati. Google Penalizes Overstock for Search Tactics. http://online.wsj.com/article/SB10001424052748704520504576162753779521700.html, February 24, 2011.Google Scholar
- Google Safe Browsing API. http://code.google.com/apis/safebrowsing/.Google Scholar
- John P. John, Fang Yu, Yinglian Xie, Arvind Krishnamurthy, and Martin Abadi. deSEO: Combating Search-Result Poisoning. In Proceedings of the 20th USENIX Security Symposium, August 2011. Google ScholarDigital Library
- Brian Krebs. Huge Decline in Fake AV Following Credit Card Processing Shakeup. http://krebsonsecurity.com/2011/08/huge-decline- in-fake-av-following-credit-card-processing- shakeup/, August 2011.Google Scholar
- Nektarios Leontiadis, Tyler Moore, and Nicolas Christin. Measuring and Analyzing Search-Redirection Attacks in the Illicit Online Prescription Drug Trade. In Proceedings of the 20th USENIX Security Symposium, August 2011. Google ScholarDigital Library
- Kirill Levchenko, Neha Chachra, Brandon Enright, Márk Félegyházi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Andreas Pitsillidis, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage. Click Trajectories: End-to-End Analysis of the Spam Value Chain. In Proceedings of the IEEE Symposium and Security and Privacy, Oakland, CA, May 2011. Google ScholarDigital Library
- Jun-Lin Lin. Detection of cloaked web spam by using tag-based methods. Expert Systems with Applications, 36(4):7493--7499, 2009. Google ScholarDigital Library
- Marc A. Najork. System and method for identifying cloaked web servers, United States Patent number 6,910,077. Issued June 21, 2005.Google Scholar
- Yuan Niu, Yi-Min Wang, Hao Chen, Ming Ma, and Francis Hsu. A Quantitative Study of Forum Spamming Using Contextbased Analysis. In Proceedings of 15th Network and Distributed System Security (NDSS) Symposium, February 2007.Google Scholar
- Moheeb Abu Rajab, Lucas Ballard, Panayiotis Mavrommatis, Niels Provos, and Xin Zhao. The Nocebo Effect on the Web: An Analysis of Fake Anti-Virus Distribution. In Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET'10), April 2010. Google ScholarDigital Library
- Search Engine Marketing Professional Organization (SEMPO). State of Search Engine Marketing Report Says Industry to Grow from $14.6 Billion in 2009 to $16.6 Billion in 2010. http://www.sempo.org/news/03--25--10, March 2010.Google Scholar
- Craig Silverstein, Monika Henzinger, Hannes Marais, and Michael Moricz. Analysis of a Very Large Web Search Engine Query Log. ACM SIGIR Forum, 33(1):6--12, 1999. Google ScholarDigital Library
- Julien Sobrier. Tricks to easily detect malware and scams in search results. http://research.zscaler.com/2010/06/tricks-to-easily-detect-malware-and.html, June 3, 2010.Google Scholar
- Danny Sullivan. Search Engine Optimization Firm Sold For $95 Million. http://searchenginewatch.com/ 2163001, September 2000. Search Engine Watch.Google Scholar
- Jason Tabeling. Keyword Phrase Value: Click-Throughs vs. Conversions. http://searchenginewatch.com/ 3641985, March 8, 2011.Google Scholar
- Yi-Min Wang and Ming Ma. Detecting Stealth Web Pages That Use Click-Through Cloaking. Technical Report MSR-TR-2006--178, Microsoft Research, December 2006.Google Scholar
- Yi-Min Wang, Ming Ma, Yuan Niu, and Hao Chen. Spam Double-Funnel: Connecting Web Spammers with Advertisers. In Proceedings of the 16th International World Wide Web Conference (WWW'07), pages 291--300, May 2007. Google ScholarDigital Library
- Wordtracker. Five Reasons Why Wordtracker Blows Other Keywords Tools Away. http://www.wordtracker.com/find-the-best-keywords.html.Google Scholar
- Baoning Wu and Brian D. Davison. Cloaking and Redirection: A Preliminary Study. In Proceedings of the SIGIR Workshop on Adversarial Information Retrieval on the Web (AIRWeb), May 2005.Google Scholar
- Baoning Wu and Brian D. Davison. Detecting Semantic Cloaking on the Web. In Proceedings of the 15th International World Wide Web Conference, pages 819--828, May 2006. Google ScholarDigital Library
Index Terms
- Cloak and dagger: dynamics of web search cloaking
Recommendations
Is Google Getting Worse? A Longitudinal Investigation of SEO Spam in Search Engines
Advances in Information RetrievalAbstractMany users of web search engines have been complaining in recent years about the supposedly decreasing quality of search results. This is often attributed to an increasing amount of search-engine-optimized but low-quality content. Evidence for ...
Search + Seizure: The Effectiveness of Interventions on SEO Campaigns
IMC '14: Proceedings of the 2014 Conference on Internet Measurement ConferenceBlack hat search engine optimization (SEO), the practice of abusively manipulating search results, is an enticing method to acquire targeted user traffic. In turn, a range of interventions--from modifying search results to seizing domains--are used to ...
Running and Chasing -- The Competition between Paid Search Marketing and Search Engine Optimization
HICSS '14: Proceedings of the 2014 47th Hawaii International Conference on System SciencesAs search engine is leading the revenue growth in online marketing field, the competition of search engine marketing between paid search marketing (PSM) by search engine providers (SEPs), and search engine optimization (SEO) provided by search engine ...
Comments