• DocumentCode
    1717305
  • Title

    Security analysis of top visited Arabic Web sites

  • Author

    Alarifi, Abdulrahman ; Alsaleh, Mansour ; Al-Salman, AbdulMalik

  • Author_Institution
    Comput. Res. Inst., King Abdulaziz City for Sci. & Technol., Riyadh, Saudi Arabia
  • fYear
    2013
  • Firstpage
    173
  • Lastpage
    178
  • Abstract
    The richness and effectiveness of client-side vulnerabilities contributed to an accelerated shift toward client-side Web attacks. In order to understand the volume and nature of such malicious Web pages, we perform a detailed analysis of a subset of top visited Web sites using Google Trends. Our study is limited to the Arabic content in the Web and thus only the top Arabic searching terms are considered. To carry out this study, we analyze more than 7,000 distinct domain names by traversing all the visible pages within each domain. To identify different types of suspected phishing and malware pages, we use the API of Sucuri SiteCheck, McAfee SiteAdvisor, Google Safe Browsing, Norton, and AVG website scanners. The study shows the existence of malicious contents across a variety of types of Web pages. The results indicate that a significant number of these sites carry some known malware, are in a blacklisting status, or have some out-of-date software. Throughout our analysis, we characterize the impact of the detected malware families and speculate as to how the reported positive Web servers got infected.
  • Keywords
    Web sites; client-server systems; information retrieval; invasive software; API; AVG Website scanner; Arabic content; Arabic searching terms; Google Safe Browsing; Google Trends; McAfee SiteAdvisor; Norton; Sucuri SiteCheck; blacklisting status; client-side Web attack; client-side vulnerability; distinct domain name; infection; malicious Web page; malicious content; malware family detection; malware page; out-of-date software; positive Web server; security analysis; suspected phishing page; top visited Arabic Web sites; visible page; Databases; Finance; Games; Security; Malicious links; Malware; Search engine spam; Web spam; Web vulnerabilities;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advanced Communication Technology (ICACT), 2013 15th International Conference on
  • Conference_Location
    PyeongChang
  • ISSN
    1738-9445
  • Print_ISBN
    978-1-4673-3148-7
  • Type

    conf

  • Filename
    6488165