security researchers rely on top websites rankings
play

Security researchers rely on top websites rankings We perform a - PowerPoint PPT Presentation

Sep 22, 2022 •228 likes •590 views

T RANCO : A Research-Oriented Top Sites Ranking Hardened Against Manipulation Victor Le Pochat , Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyski, Wouter Joosen NDSS 2019 , 25 February 2019 Security researchers rely on top websites

  1. T RANCO : A Research-Oriented Top Sites Ranking Hardened Against Manipulation Victor Le Pochat , Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyński, Wouter Joosen NDSS 2019 , 25 February 2019

  2. Security researchers rely on top websites rankings “We perform a comprehensive analysis on Alexa’s Top 1 Million websites” “We collected the benign pages from the Alexa top 20K websites” “The list of websites we chose for our evaluation comes from the Alexa Top Sites service, the source widely used in prior research on Tor” [1, 2, 3] 2

  3. 3

  4. Scheitle et al.: [4] 4

  5. Browser vendors make security decisions based on top websites rankings “While the situation has been improving steadily, our latest data shows well over 1% of the top 1-million websites are still using a Symantec certificate that will be distrusted.” https://blog.mozilla.org/security/2018/10/10/delaying-further-symantec-tls-certificate-distrust/ 5

  6. We studied four free, large and daily updated top websites rankings 6

  7. How do these rankings affect research? Can malicious actors abuse the rankings? Can we improve ? 7

  8. Inherent properties → affect Large-scale manipulation → abuse A new ranking: Tranco → improve 8

  9. Inherent properties → affect Large-scale manipulation → abuse A new ranking: Tranco → improve 9

  10. Inherent properties can skew conclusions of studies 10

  11. Inherent properties can skew conclusions of studies 11 › Low agreement

  12. Inherent properties can skew conclusions of studies 12 › Low agreement › Varying stability

  13. Inherent properties can skew conclusions of studies 13 › Low agreement › Varying stability › Unresponsive sites

  14. Inherent properties can skew conclusions of studies 14 › Low agreement › Varying stability › Unresponsive sites › Malicious sites

  15. Inherent properties can skew conclusions of studies Inherent properties of rankings impact the validity and reproducibility of research 15 › Low agreement › Varying stability › Unresponsive sites › Malicious sites

  16. Inherent properties → affect Large-scale manipulation → abuse A new ranking: Tranco → improve 16

  17. Malicious actors have incentives to manipulate rankings incentive to manipulate achieved by promoting whitelisting malicious domains own domains hiding malicious practices other domains changing prevalence of issue 'good'/'bad' domains 17

  18. With large-scale manipulation of rankings, fingerprinting providers can remain undetected 18 [5, 6]

  19. Simple, low-cost techniques make this manipulation possible on a large scale 19

  20. Simple, low-cost techniques make this manipulation possible on a large scale 20 A single request is sufficient to get into the top million › Alexa: browser extension

  21. Simple, low-cost techniques make this manipulation possible on a large scale 21 A malicious actor can easily reach a very good rank › Alexa: analytics script 28798

  22. Simple, low-cost techniques make this manipulation medium medium low Analytics script Quantcast medium high none Reflected URLs high high high Backlinks Majestic low low possible on a large scale none 22 Monetary Effort Time Alexa Extension medium Cloud providers low Analytics script medium medium high Umbrella high

  23. Simple, low-cost techniques make this manipulation high Backlinks high high high Reflected URLs none medium low Quantcast Analytics script low medium high Malicious actors may want to manipulate rankings, Majestic medium possible on a large scale none 23 Monetary Effort Time Alexa Extension medium low low Analytics script medium medium high Umbrella Cloud providers and such manipulation is feasible at a large scale

  24. Inherent properties → affect Large-scale manipulation → abuse A new ranking: Tranco → improve 24

  25. Tranco: an improved approach to top sites rankings Other combinations of providers/days Filters on specific services Remove unresponsive/malicious sites [7] › Aggregate existing rankings intelligently › Default settings: all providers, 30 days › Customizable: tailor to purpose of study 25

  26. Tranco improves on properties important for research 26

  27. Tranco improves on properties important for research 27 › Stability

  28. Tranco improves on properties important for research 28 › Stability › Reproducibility

  29. Tranco improves on properties important for research 29 › Stability › Reproducibility › Manipulation

  30. Tranco improves on properties important for research 30 We provide Tranco, an improved ranking that is more suitable for research and is hardened against manipulation › Stability › Reproducibility › Manipulation

  31. We demonstrate how these rankings can affect research results We uncover how attackers can abuse rankings to influence research results We provide Tranco, an improved ranking to strengthen security research 31

  32. https://tranco-list.eu/ https://github.com/DistriNet/tranco-list Get the source code: Download the Tranco ranking: 32

  33. Thank you! victor.lepochat@cs.kuleuven.be

  34. References Long Way to the Top: Significance, Structure, and Stability of Internet Top Lists,” in Proc. IMC, 2018, pp. 478- Nauru and Slovenia,” Australian Journal of Political Science, vol. 49, no. 2, pp. 186–205, 2014. J. Fraenkel and B. Grofman, “The Borda count and its real-world alternatives: Comparing scoring rules in 7. 2016, pp. 1388–1401. DOI: 10.1145/2976749.2978313 S. Englehardt and A. Narayanan, “Online tracking: A 1-million-site measurement and analysis,” in Proc. CCS, 6. tracking mechanisms in the wild,” in Proc. CCS, 2014, pp. 674–689. DOI: 10.1145/2660267.2660347 G. Acar, C. Eubank, S. Englehardt, M. Juarez, A. Narayanan, and C. Diaz, “The web never forgets: Persistent 5. 493. DOI: 10.1145/3278532.3278574 Scheitle, Q., Hohlfeld, O., Gamba, J., Jelten, J., Zimmermann, T., Strowes, S.D., & Vallina-Rodriguez, N., “A 1. 4. 10.14722/ndss.2018.23105 Automated website fingerprinting through deep learning,” in Proc. NDSS, 2018. DOI: Rimmer, V., Preuveneers, D., Juarez, M., Van Goethem, T., and Joosen, W., 3. Proc. SP, 2018, pp. 70-86. DOI: 10.1109/SP.2018.00044 Kharraz, A., Robertson, W., and Kirda, E., “Surveylance: Automatically Detecting Online Survey Scams,” in 2. 10.1145/3243734.3243858 In-depth Look into Drive-by Cryptocurrency Mining and Its Defense,” in Proc. CCS, 2018, pp. 1714-1730. DOI: Konoth, R.K., Vineti, E., Moonsamy, V., Lindorfer, M., Kruegel, C., Bos, H., and Vigna, G., “MineSweeper: An 34

  35. Estimated number of forged requests 35

  36. Limitations Still works with 3 other lists Change is permanently recorded and mentioned on list page No, we rely on manipulable sources, but the required effort is higher We are looking into more permanent archival (OSF) 36 › What if one list goes down? › Completely resilient to manipulation? › How permanent is the link?

Recommend

Evaluating the Long-term Effects of Parameters on the Characteristics of the Tranco Top Sites

Evaluating the Long-term Effects of Parameters on the Characteristics of the Tranco Top Sites

Evaluating the Long-term Effects of Parameters on the Characteristics of the Tranco Top Sites Ranking Victor Le Pochat , Tom Van Goethem, Wouter Joosen CSET 2019, 12 August 2019 Security researchers rely on top websites rankings We perform a

704 views • 27 slides
A5: Security misconfiguration A5: Security Misconfiguration Web applications must rely on a

A5: Security misconfiguration A5: Security Misconfiguration Web applications must rely on a

A5: Security misconfiguration A5: Security Misconfiguration Web applications must rely on a secure foundation Everywhere from the OS up through the application server Throughout its entire lifetime (from development to production)

1.33k views • 33 slides
Wheatley and National Rankings May 2013 1 Recent National Rankings Several national High

Wheatley and National Rankings May 2013 1 Recent National Rankings Several national High

Wheatley and National Rankings May 2013 1 Recent National Rankings Several national High School Rankings have been published within the past several weeks Wheatley Ranking National NYS LI US News & World Report #108 #19 #3

315 views • 15 slides
What is the SDF? Many of the top security researchers volunteer their time Research users

What is the SDF? Many of the top security researchers volunteer their time Research users

What is the SDF? Many of the top security researchers volunteer their time Research users include Facebook, Google, MS, Trend, Kaspersky, etc.. Update from ICANN .CR: Changed Paths Backend Data, DB, and API stable and actively

363 views • 9 slides
A few security issues to takeover 34% of all websites Johannes Dahse, PHP.RUHR 2019 Dortmund,

A few security issues to takeover 34% of all websites Johannes Dahse, PHP.RUHR 2019 Dortmund,

A few security issues to takeover 34% of all websites Johannes Dahse, PHP.RUHR 2019 Dortmund, Germany, 08.11.2019 1 Intro Johannes Dahse Former CTF addict Security Consultant RIPS open source, static analysis for PHP security Ph.D. Static

643 views • 37 slides
Web Scraping Ben Williams October 9 th 2020 Non-Static Websites Dynamic Websites APIs

Web Scraping Ben Williams October 9 th 2020 Non-Static Websites Dynamic Websites APIs

Web Scraping Ben Williams October 9 th 2020 Non-Static Websites Dynamic Websites APIs Dynamic Websites Drop-downs Scrolling Pop-ups Inputting password Examples Web-Crawling Automate movement through websites

963 views • 24 slides
Chapter 0 Readers Guide Cryptography and Network Security The art of war teaches us to rely

Chapter 0 Readers Guide Cryptography and Network Security The art of war teaches us to rely

Chapter 0 Readers Guide Cryptography and Network Security The art of war teaches us to rely not on the Overview & Chapter 1 likelihood of the enemy's not coming, but on our own readiness to receive him; not on the ; chance of his not

450 views • 4 slides
Internet Identity and Access Control Dr Ken Klingenstein, Director, Middleware and Security,

Internet Identity and Access Control Dr Ken Klingenstein, Director, Middleware and Security,

Internet Identity and Access Control Dr Ken Klingenstein, Director, Middleware and Security, Internet2 Topics Whats happening/ impacts See lunch talk The Research Angle Researchers as users Security Researchers New

499 views • 10 slides
Should Security Researchers Experiment More and Draw More Inferences? * * With thanks to Walter

Should Security Researchers Experiment More and Draw More Inferences? * * With thanks to Walter

Should Security Researchers Experiment More and Draw More Inferences? * * With thanks to Walter Tichys Should Computer Scientists Experiment More? (1998) Kevin Killourhy with Roy Maxion Carnegie Mellon University CSET 2011 (August

402 views • 22 slides
HOW HEALTHY IS OUR COUNTY? 2013 COUNTY HEALTH RANKINGS & ROADMAPS OUTLINE Rankings Background

HOW HEALTHY IS OUR COUNTY? 2013 COUNTY HEALTH RANKINGS & ROADMAPS OUTLINE Rankings Background

HOW HEALTHY IS OUR COUNTY? 2013 COUNTY HEALTH RANKINGS & ROADMAPS OUTLINE Rankings Background Rankings: What are the Rankings ? Roadmaps : Moving to Action Moving Forward: Local Action 2 COUNTY HEALTH RANKINGS : BACKGROUND What :

510 views • 34 slides
(Bayesian) Statistics with Rankings Marina Meil a University of Washington

(Bayesian) Statistics with Rankings Marina Meil a University of Washington

(Bayesian) Statistics with Rankings Marina Meil a University of Washington www.stat.washington.edu/mmp with Alnur Ali, Harr Chen, Bhushan Mandhani, Le Bao, Kapil Phadnis, Artur Patterson, Brendan Murphy, Jeff Bilmes Permutations (rankings)

1.28k views • 99 slides
Y o u Researchers/Students Researchers = Medical Doctors, Sociologists, Nurses,

Y o u Researchers/Students Researchers = Medical Doctors, Sociologists, Nurses,

Y o u Researchers/Students Researchers = Medical Doctors, Sociologists, Nurses, Psychiatrists, Biologists, Epidemiologists, Everyone else Market researchers, Educators, etc #In R .First.lib <- function(libname, pkgname) {

213 views • 20 slides
http://www.magic4walls.com/wallpaper/tag/giant-apple-pie Observations It's not just about

http://www.magic4walls.com/wallpaper/tag/giant-apple-pie Observations It's not just about

Who cares about Drupal? How to win hearts and minds of businesses DrupalCon Dublin 27.9.2016 sustainable websites Imre Gmelig Meijling sustainable websites LimoenGroen Sustainable websites Online strategy // Digital marketing Dutch Drupal

388 views • 35 slides
Clustering Rankings in the Fourier Domain Stphan Clmenon and Romaric Gaudel and Jrmie

Clustering Rankings in the Fourier Domain Stphan Clmenon and Romaric Gaudel and Jrmie

Clustering Rankings in the Fourier Domain Stphan Clmenon and Romaric Gaudel and Jrmie Jakubowicz LTCI, Telecom Paristech (TSI) UMR Institut Telecom/CNRS No. 5141 ECML PKDD, September 2011 Distributions on rankings Many applications

568 views • 23 slides
...Let them hate so long as they fear... oderint dum metuant /WARNING!/:

...Let them hate so long as they fear... oderint dum metuant /WARNING!/:

#UFONet = ( To0L.AlienWare ) / ninja [ DDoS + DoS ] \ (multi- ProXY / DarkNet ( HTTP(s) / WebAbuse [ Layer7 ] ) +(extra[Layer3]+d0rKng+eVas(h)iVe(CA- che/ge0) +FngPrinting+ sTAT[RanKiNgs+F0RuMS + WarGameS (P2P/ClAns-RanKings)] Denial of

690 views • 51 slides
Online Social Media Companies By Morgan and Trevor What is Web - Newspaper Websites -- New York

Online Social Media Companies By Morgan and Trevor What is Web - Newspaper Websites -- New York

Online Social Media Companies By Morgan and Trevor What is Web - Newspaper Websites -- New York Times/Washington Post Journalism? - Websites that are an extension of the actual newspapers - Independent News Websites - Typically

138 views • 12 slides
Mathy Vanhoef Public PhD Defense A Security Analysis of the WPA- TKIP and TLS Security Protocols

Mathy Vanhoef Public PhD Defense A Security Analysis of the WPA- TKIP and TLS Security Protocols

Mathy Vanhoef Public PhD Defense A Security Analysis of the WPA- TKIP and TLS Security Protocols Data handled by computers: Banking details Emails Messaging Adult websites Private files Mobile devices 2 Goal of dissertation Is the

758 views • 51 slides
Creating A Resilient Community A County Health Rankings & Roadmaps Webinar

Creating A Resilient Community A County Health Rankings & Roadmaps Webinar

June 18, 2019 Creating A Resilient Community A County Health Rankings & Roadmaps Webinar countyhealthrankings.org 1 County Health Rankings & Roadmaps is a partnership of the Robert Wood Johnson Foundation and the University of

395 views • 21 slides
On Rely-Guarantee Reasoning Stephan van Staden June 29, 2015 1 / 15 Overview Introduction

On Rely-Guarantee Reasoning Stephan van Staden June 29, 2015 1 / 15 Overview Introduction

On Rely-Guarantee Reasoning Stephan van Staden June 29, 2015 1 / 15 Overview Introduction Basics of Rely-Guarantee Overview of the paper Two techniques for constructing Rely-Guarantee models Soundness results The traditional

272 views • 23 slides
Quality of Similarity Rankings in Time Series T. Bernecker, in Time Series M. E. Houle, H.-P.

Quality of Similarity Rankings in Time Series T. Bernecker, in Time Series M. E. Houle, H.-P.

Quality of Similarity Rankings Quality of Similarity Rankings in Time Series T. Bernecker, in Time Series M. E. Houle, H.-P. Kriegel, P. Krger, 12th International Symposium on Spatial and Temporal M. Renz, E. Schubert, Databases (SSTD

1.14k views • 18 slides
Why Should You Care About Social Security Benefits? Approximately 63M people receive social

Why Should You Care About Social Security Benefits? Approximately 63M people receive social

Why Should You Care About Social Security Benefits? Approximately 63M people receive social security benefits every month Social Security accounts for 33% of average retirees income and 43% of unmarried persons rely on Social Security for

688 views • 29 slides
Build websites that suit the needs and abilities of users The main goal of many websites is to

Build websites that suit the needs and abilities of users The main goal of many websites is to

Goal 1 Build websites that suit the needs and abilities of users The main goal of many websites is to display information users need. 2 Tools for indicating importance in the visual information hierarchy Conceptual grouping Location

794 views • 76 slides
MAKING THE MOST OF THE 2020 COUNTY HEALTH RANKINGS Exploring new interactive features, tips to

MAKING THE MOST OF THE 2020 COUNTY HEALTH RANKINGS Exploring new interactive features, tips to

MAKING THE MOST OF THE 2020 COUNTY HEALTH RANKINGS Exploring new interactive features, tips to make the most of your snapshot, and guidance to inspire action countyhealthrankings.org 1 County Health Rankings & Roadmaps is a collaboration

416 views • 26 slides
ROUNDERS (1998) CASINO ROYALE (2006) HAND RANKINGS HIGH CARD HAND RANKINGS PAIR HIGH CARD

ROUNDERS (1998) CASINO ROYALE (2006) HAND RANKINGS HIGH CARD HAND RANKINGS PAIR HIGH CARD

ROUNDERS (1998) CASINO ROYALE (2006) HAND RANKINGS HIGH CARD HAND RANKINGS PAIR HIGH CARD HAND RANKINGS TWO PAIR PAIR HIGH CARD HAND RANKINGS THREE OF A KIND TWO PAIR PAIR HIGH CARD HAND RANKINGS STRAIGHT THREE OF A KIND TWO PAIR

1.1k views • 106 slides

More recommend