Searching the Searchers with SearchAudit
نویسندگان
چکیده
Search engines not only assist normal users, but also provide information that hackers and other malicious entities can exploit in their nefarious activities. With carefully crafted search queries, attackers can gather information such as email addresses and misconfigured or even vulnerable servers. We present SearchAudit, a framework that identifies malicious queries from massive search engine logs in order to uncover their relationship with potential attacks. SearchAudit takes in a small set of malicious queries as seed, expands the set using search logs, and generates regular expressions for detecting new malicious queries. For instance, we show that, relying on just 500 malicious queries as seed, SearchAudit discovers an additional 4 million distinct malicious queries and thousands of vulnerable Web sites. In addition, SearchAudit reveals a series of phishing attacks from more than 400 phishing domains that compromised a large number of Windows Live Messenger user credentials. Thus, we believe that SearchAudit can serve as a useful tool for identifying and preventing a wide class of attacks in their early phases.
منابع مشابه
Monotonicity of Non-deterministic Graph Searching
In graph searching, a team of searchers is aiming at capturing a fugitive moving in a graph. In the initial variant, called invisible graph searching, the searchers do not know the position of the fugitive until they catch it. In another variant, the searchers permanently know the position of the fugitive, i.e. the fugitive is visible. This latter variant is called visible graph searching. A se...
متن کاملUse of a multi-application computer workstation in a clinical setting.
The goal of this study was to assess the usage frequency, user satisfaction, and quality of literature searchers for a multi-application computer workstation in a university-based general medicine clinic. A computer with medical literature searching, textbook searching, and a decision-support program was deployed in the workroom of the clinic and made available for routine use. Data were collec...
متن کاملDistributed Searching of Partial Grids
We consider the following distributed pursuit-evasion problem. A team of mobile agents called searchers starts at an arbitrary node of an unknown n-node network. Their goal is to execute a search strategy that guarantees capturing a fast and invisible intruder regardless of its movements using as few agents as possible. We restrict our attention to networks that are embedded into partial grids:...
متن کامل"Irrational" searchers and IR-rational researchers
In this article we look at the prescriptions advocated by Web search textbooks in the light of a selection of empirical data of real Web information search processes. We use the strategy of disjointed incrementalism, which is a theoretical foundation from decision making, to focus on how people face complex problems, and claim that such problem solving can be compared to the tasks searchers per...
متن کاملDistributed Chasing of Network Intruders
Graph searching is one of the most popular tool for analyzing the chase for a powerful and hostile software agent (called the ”intruder”), by a set of software agents (called the ”searchers”) in a network. The existing solutions for the graph searching problem suffer however from a serious drawback: they are mostly centralized and assume a global synchronization mechanism for the searchers. In ...
متن کامل