Search-result poisoning–the technique of fraudulently manipulating web search results–has become over the past few years a primary means of advertisement for operators of questionable websites. I will first describe the evolution of search-result poisoning using data on over five million search results that we collected over nearly four years. I will then discuss the design, implementation and evaluation of a novel classification system which predicts, whether a given, not yet compromised website will become malicious in the future. Such a system could be proactively used at scale to prevent compromises of vulnerable web servers, in turn making search-poisoning attacks far more difficult.
Nicolas Christin is an Assistant Research Professor with the department of Electrical and Computer Engineering and CyLab. He was previously the Associate Director of the INI. He started at Carnegie Mellon as a resident faculty in our research and education center in Japan, CyLab Japan, located in Kōbe, Hyōgo Prefecture. He also serves as Faculty Advisor for INI's Master's of Information Security Technology and Management