Advanced search
Publication Cover
International Journal of Computers and Applications Volume 39, 2017 - Issue 2
Submit an article Journal homepage
161
Views
0
CrossRef citations to date
0
Altmetric
Articles

Real-world IP and network tracking measurement study of malicious websites with HAZOP

Masood MansooriSchool of Engineering and Computer Science, Victoria University of Wellington, Wellington, New Zealand.Correspondence[email protected]
,
Ian WelchSchool of Engineering and Computer Science, Victoria University of Wellington, Wellington, New Zealand.
,
Kim-Kwang Raymond ChooSchool of Information Technology & Mathematical Sciences, University of South Australia, Adelaide, Australia.
,
Roy A. MaxionDependable Systems Lab, Computer Science Department, Carnegie Mellon University, Pittsburgh, PA, USA.
&
Seyed Ebrahim HashemiDepartment of Computer Engineering, University of Larestan, Fars, IRI.
Pages 106-121 | Received 14 Mar 2016, Accepted 09 Jan 2017, Published online: 07 Mar 2017
 
Sample our Computer Science journals, sign in here to start your access, latest two full volumes FREE to you for 14 days

Abstract

IP tracking and cloaking are practices for identifying users which are used legitimately by websites to provide services and content tailored to particular users. However, it is believed that these practices are also used by malicious websites to avoid detection by anti-virus companies crawling the web to find malware. In addition, malicious websites are also believed to use IP tracking in order to deliver targeted malware based upon a history of previous visits by users. In this paper, we empirically investigate these beliefs and collect a large data-set of suspicious URLs in order to identify at what level IP tracking takes place that is at the level of an individual address or at the level of their network provider or organization (network tracking). We perform our experiments using HAZard and OPerability study to control the effects of a large number of other attributes which may affect the result of the analysis. Our results illustrate that IP tracking is used in a small subset of domains within our data-set, while no strong indication of network tracking was observed.

Notes

No potential conflict of interest was reported by the authors.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.