EAGER: Measuring the Stability of Web Links

EAGER：测量网络链接的稳定性

• 批准号: 1735396
• 负责人: Nick Nikiforakis
• 金额: $ 8.92万
• 依托单位: SUNY at Stony Brook
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-04-15 至 2017-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1735396&HistoricalAwards=false
• 关键词: EAGER; Measuring; Stability; Web; Links

With every passing day, the Internet becomes more and more integrated in society. Our reliance on online web services in our professional and personal lives continuously increases. Recognizing this, attackers take advantage of the web's popularity to mount a wide range of web application attacks, compromising systems, and stealing private and financial information. Although many classes of these attacks are seemingly unrelated, in reality, many of them stem from the stateless nature of the web, where no safeguards exist to ensure that a resource that was linked to yesterday is the same resource being accessed today. As a result, enforcing link integrity holds the promise of mitigating a multitude of security attacks.However, the dynamicity of the web poses challenges to link integrity schemes, which must cope with constant benign changes while flagging the malicious ones. Pursuing this line of research requires a fundamental understanding of the security aspects of the web?s dynamic nature. This nature cannot be assessed today with the available tools, because existing web crawlers are limited to retrieving content, and generally do not gather the metadata critical to the development of link integrity schemes. This project aims to quantify the stability of web links by developing a custom web crawler infrastructure and tools that will collect security-related metadata about remote resources. The gathering and subsequent assessing of this metadata is a critical first step to demonstrate the feasibility of developing robust link integrity schemes that can be used to detect abnormal content and infrastructure changes (indicative of an ongoing attack) while keeping false positives to a minimum.

随着时间的推移，互联网越来越融入社会。 我们在职业和个人生活中对在线网络服务的依赖不断增加。认识到这一点，攻击者利用Web的普及来发动广泛的Web应用程序攻击，破坏系统，窃取私人和财务信息。虽然这些攻击中的许多类别似乎是不相关的，但实际上，其中许多攻击源于网络的无状态性质，其中不存在任何保护措施来确保昨天链接到的资源与今天访问的资源相同。因此，加强链接完整性的承诺，减轻了大量的安全攻击。然而，Web的动态性提出了挑战，链接完整性计划，必须科普不断的良性变化，同时标记恶意的。 从事这一研究需要对网络安全方面有基本的了解。的动态性质。 这种性质无法评估今天可用的工具，因为现有的网络爬虫仅限于检索内容，一般不收集关键的元数据的链接完整性方案的发展。该项目旨在通过开发自定义网络爬虫基础设施和工具来量化网络链接的稳定性，这些基础设施和工具将收集有关远程资源的安全相关元数据。 收集和随后评估此元数据是关键的第一步，以证明开发强大的链接完整性方案的可行性，该方案可用于检测异常内容和基础设施变化（表示正在进行的攻击），同时将误报降至最低。

项目成果

The Wolf of Name Street: Hijacking Domains Through Their Nameservers

• DOI: 10.1145/3133956.3133988
• 发表时间: 2017-10
• 期刊: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
• 作者: T. Vissers;Timothy Barron;Tom van Goethem;W. Joosen;Nick Nikiforakis

Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse

• DOI: 10.1145/3133956.3134002
• 发表时间: 2017-08
• 期刊: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
• 作者: Panagiotis Kintis;N. Miramirkhani;Chaz Lever;Yizheng Chen;Rosa Romero Gómez;N. Pitropakis;Nick Nikiforakis;M. Antonakakis