Sciweavers

RAID
2015
Springer

WYSISNWIV: What You Scan Is Not What I Visit

8 years 8 months ago
WYSISNWIV: What You Scan Is Not What I Visit
Abstract. A variety of attacks, including remote-code execution exploits, malware, and phishing, are delivered to users over the web. Users are lured to malicious websites in various ways, including through spam delivered over email and instant messages, and by links injected in search engines and popular benign websites. In response to such attacks, many initiatives, such as Google’s Safe Browsing, are trying to make the web a safer place by scanning URLs to automatically detect and blacklist malicious pages. Such blacklists are then used to block dangerous content, take down domains hosting malware, and warn users that have clicked on suspicious links. However, they are only useful, when scanners and browsers address the web the same way. This paper presents a study that exposes differences on how browsers and scanners parse URLs. These differences leave users vulnerable to malicious web content, because the same URL leads the browser to one page, while the scanner follows the URL ...
Qilang Yang, Dimitrios Damopoulos, Georgios Portok
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where RAID
Authors Qilang Yang, Dimitrios Damopoulos, Georgios Portokalidis
Comments (0)