Understanding the Fake Removal Information Advertisement Sites
-
- Koide Takashi
- NTT Secure Platform Laboratories Yokohama National University
-
- Chiba Daiki
- NTT Secure Platform Laboratories
-
- Akiyama Mitsuaki
- NTT Secure Platform Laboratories
-
- Yoshioka Katsunari
- Yokohama National University
-
- Matsumoto Tsutomu
- Yokohama National University
Abstract
<p>Fake antivirus (AV) software is a type of malware that disguises as legitimate antivirus software and causes harm to users and their devices. Fake removal information advertisement (FRAD) sites, which introduce fake removal information for cyber threats, have emerged as platforms for distributing fake AV software. Although FRAD sites seriously threaten users who have been suffering from cyber threats and need information for removing them, little attention has been given to revealing these sites. In this paper, we propose a system to automatically crawl the web and identify FRAD sites. To shed light on the pervasiveness of this type of attack, we performed a comprehensive analysis of both passively and actively collected data. Our system collected 2, 913 FRAD sites in 31 languages, which have 73.5 million visits per month in total. We show that FRAD sites occupy search results when users search for cyber threats, thus preventing the users from obtaining the correct information.</p>
Journal
-
- Journal of Information Processing
-
Journal of Information Processing 29 (0), 392-405, 2021
Information Processing Society of Japan
- Tweet
Details
-
- CRID
- 1390569535480510848
-
- NII Article ID
- 130008038622
-
- ISSN
- 18826652
-
- Text Lang
- en
-
- Data Source
-
- JaLC
- Crossref
- CiNii Articles
-
- Abstract License Flag
- Disallowed