DocumentCode
1717305
Title
Security analysis of top visited Arabic Web sites
Author
Alarifi, Abdulrahman ; Alsaleh, Mansour ; Al-Salman, AbdulMalik
Author_Institution
Comput. Res. Inst., King Abdulaziz City for Sci. & Technol., Riyadh, Saudi Arabia
fYear
2013
Firstpage
173
Lastpage
178
Abstract
The richness and effectiveness of client-side vulnerabilities contributed to an accelerated shift toward client-side Web attacks. In order to understand the volume and nature of such malicious Web pages, we perform a detailed analysis of a subset of top visited Web sites using Google Trends. Our study is limited to the Arabic content in the Web and thus only the top Arabic searching terms are considered. To carry out this study, we analyze more than 7,000 distinct domain names by traversing all the visible pages within each domain. To identify different types of suspected phishing and malware pages, we use the API of Sucuri SiteCheck, McAfee SiteAdvisor, Google Safe Browsing, Norton, and AVG website scanners. The study shows the existence of malicious contents across a variety of types of Web pages. The results indicate that a significant number of these sites carry some known malware, are in a blacklisting status, or have some out-of-date software. Throughout our analysis, we characterize the impact of the detected malware families and speculate as to how the reported positive Web servers got infected.
Keywords
Web sites; client-server systems; information retrieval; invasive software; API; AVG Website scanner; Arabic content; Arabic searching terms; Google Safe Browsing; Google Trends; McAfee SiteAdvisor; Norton; Sucuri SiteCheck; blacklisting status; client-side Web attack; client-side vulnerability; distinct domain name; infection; malicious Web page; malicious content; malware family detection; malware page; out-of-date software; positive Web server; security analysis; suspected phishing page; top visited Arabic Web sites; visible page; Databases; Finance; Games; Security; Malicious links; Malware; Search engine spam; Web spam; Web vulnerabilities;
fLanguage
English
Publisher
ieee
Conference_Titel
Advanced Communication Technology (ICACT), 2013 15th International Conference on
Conference_Location
PyeongChang
ISSN
1738-9445
Print_ISBN
978-1-4673-3148-7
Type
conf
Filename
6488165
Link To Document