Quality, Reliability, Security and Robustness in Heterogeneous Networks. 12th International Conference, QShine 2016, Seoul, Korea, July 7–8, 2016, Proceedings

Research Article

A Cross-Domain Hidden Spam Detection Method Based on Domain Name Resolution

Download
264 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-60717-7_1,
        author={Cuicui Wang and Guanggang Geng and Zhiwei Yan},
        title={A Cross-Domain Hidden Spam Detection Method Based on Domain Name Resolution},
        proceedings={Quality, Reliability, Security and Robustness in Heterogeneous Networks. 12th International Conference, QShine 2016, Seoul, Korea, July 7--8, 2016, Proceedings},
        proceedings_a={QSHINE},
        year={2017},
        month={8},
        keywords={Hidden spam Domain name Redirection spam Nest spam},
        doi={10.1007/978-3-319-60717-7_1}
    }
    
  • Cuicui Wang
    Guanggang Geng
    Zhiwei Yan
    Year: 2017
    A Cross-Domain Hidden Spam Detection Method Based on Domain Name Resolution
    QSHINE
    Springer
    DOI: 10.1007/978-3-319-60717-7_1
Cuicui Wang1,*, Guanggang Geng1,*, Zhiwei Yan1,*
  • 1: Internet Network Information Center
*Contact email: wangcuicui@cnnic.com, gengguanggang@cnnic.com, yanzhiwei@cnnic.com

Abstract

The rampant hidden spams have brought in declining quality of the Internet search results. Hidden spam techniques are usually used for the profitability of underground economies, such as illicit game servers, false medical services and illegal gambling, which poses a great threat to private property, privacy and even personal safety of netizens. As the traditional methods such as statistical learning and image recognition have failed in detecting hidden-spams, we proposed a method to combat the web spams on the basis of domain name resolution. Without the need of parsing the webpage code, this model presents high efficiency and accuracy in detecting the hidden spam. And the experiment shows that amount of hidden spams are cross-domain spams. What’s more, malicious “kernel” website of the spams are repeatedly utilized through disguise using the “shell” website through many kinds of techniques such as JavaScript and CSS. It indicates that the method proposed in this paper helps a lot to detect the “kernel” websites, which will prevent the kernel websites repeatedly exploitation by the Internet dark industry chain and eventually improve quality of the Internet search results and reduce the domain names abuse. Although the proposed method are not effective for all kinds of hidden spams, it has good detection capability in the redirection spams and nest spams and it is the complement for the existing hidden spams detection method.