| Presentation | 2010-03-26 A Study on Worms Using Search Engine to Spread Jingyu HUA, Kouichi SAKURAI, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Since many web applications leak sensitive pages that can expose their vulnerabilities, worms like Santy locate their targets by searching these pages in search engine with well crafted keywords. We call them search worms. In this paper, we focus on the modeling and containment of these search worms targeting web applications. We first introduce several propagation models to study two unique effect factors on their propagation : eigenpage distribution and page ranking. And then, we propose a containment system for search worms based on honey-page insertion: a small number of fake pages which will induce visitors to pre-established honeypots are randomly inserted into search results, and then infected hosts can be detected and reported to search engines when their malicious scans hit honeypots. We use our propagation models to study the relation between the containment effectiveness and the honey-page insert rate and find this mechanism is extremely effective. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | search worm / propagation modeling / containment / honeypage |
| Paper # | ICSS2009-67 |
| Date of Issue |
| Conference Information | |
| Committee | ICSS |
|---|---|
| Conference Date | 2010/3/19(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information and Communication System Security (ICSS) |
|---|---|
| Language | ENG |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Study on Worms Using Search Engine to Spread |
| Sub Title (in English) | |
| Keyword(1) | search worm |
| Keyword(2) | propagation modeling |
| Keyword(3) | containment |
| Keyword(4) | honeypage |
| 1st Author's Name | Jingyu HUA |
| 1st Author's Affiliation | Graduate School of Information Science and Electrical Engineering, Kyushu University() |
| 2nd Author's Name | Kouichi SAKURAI |
| 2nd Author's Affiliation | Graduate School of Information Science and Electrical Engineering, Kyushu University |
| Date | 2010-03-26 |
| Paper # | ICSS2009-67 |
| Volume (vol) | vol.109 |
| Number (no) | 476 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |