Measuring and analyzing search engine poisoning of linguistic collisions

Matthew Joslin, Neng Li, Shuang Hao, Minhui Xue, Haojin Zhu

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

1 Citation (Scopus)

Abstract

Misspelled keywords have become an appealing target in search poisoning, since they are less competitive to promote than the correct queries and account for a considerable amount of search traffic. Search engines have adopted several countermeasure strategies, e.g., Google applies automated corrections on queried keywords and returns search results of the corrected versions directly. However, a sophisticated class of attack, which we term as linguistic-collision misspelling, can evade auto-correction and poison search results. Cybercriminals target special queries where the misspelled terms are existent words, even in other languages (e.g., 'idobe', a misspelling of the English word 'adobe', is a legitimate word in the Nigerian language). In this paper, we perform the first large-scale analysis on linguistic-collision search poisoning attacks. In particular, we check 1.77 million misspelled search terms on Google and Baidu and analyze both English and Chinese languages, which are the top two languages used by Internet users. We leverage edit distance operations and linguistic properties to generate misspelling candidates. To more efficiently identify linguistic-collision search terms, we design a deep learning model that can improve collection rate by 2.84x compared to random sampling. Our results show that the abuse is prevalent: around 1.19% of linguistic-collision search terms on Google and Baidu have results on the first page directing to malicious websites. We also find that cybercriminals mainly target categories of gambling, drugs, and adult content. Mobile-device users disproportionately search for misspelled keywords, presumably due to small screen for input. Our work highlights this new class of search engine poisoning and provides insights to help mitigate the threat.

Original languageEnglish
Title of host publicationProceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019
Place of PublicationPiscataway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages1311-1325
Number of pages15
ISBN (Electronic)9781538666609
DOIs
Publication statusPublished - 2019
Event40th IEEE Symposium on Security and Privacy, SP 2019 - San Francisco, United States
Duration: 19 May 201923 May 2019

Publication series

NameProceedings - IEEE Symposium on Security and Privacy
Volume2019-May
ISSN (Print)1081-6011
ISSN (Electronic)2375-1207

Conference

Conference40th IEEE Symposium on Security and Privacy, SP 2019
CountryUnited States
CitySan Francisco
Period19/05/1923/05/19

Keywords

  • Linguistic-collision-misspelling
  • Pinyin
  • Recurrent-neural-network
  • Search-engine-poisoning

Fingerprint Dive into the research topics of 'Measuring and analyzing search engine poisoning of linguistic collisions'. Together they form a unique fingerprint.

  • Cite this

    Joslin, M., Li, N., Hao, S., Xue, M., & Zhu, H. (2019). Measuring and analyzing search engine poisoning of linguistic collisions. In Proceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019 (pp. 1311-1325). (Proceedings - IEEE Symposium on Security and Privacy; Vol. 2019-May). Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/SP.2019.00025