Search Engine Poisoning Victims
Using the PageRank Algorithm in class, we saw that hubs have higher scores if they have multiple recommendations with high scores, and that authorities have higher scores if hubs with higher scores point to them. The analogy is that we get recommendations from multiple people, and the people who recommended suggestions that were recommended by many other people as well can be trusted in the future to make good recommendations.
Although the algorithm seems to work pretty well in the examples we’ve seen in class, personally I’ve had many cases where on the first page of search engines like Google, the highly ranked results are not what I was looking for. Not because they had the wrong material, but they didn’t have much material at all, except for my query itself. They have my exact query in their content, which is why I clicked. I’ve wondered as to why exactly they would do this. My first instinct was that they wanted extra hits to help their page as a whole get boosted.
Search Engine Poisoning exploits the already established results. Attackers first need a server that can send their malware. Then they take a list of URLs which can be used for Cross Site Scripting (users are exposed to malicious scripting and unknowingly click them). It is important that these URLs are trusted recommendations that are highly ranked. Using this list, a large amount of URLs that contain the keywords and malicious content delivered by the server is created. Then these links are posted where user created content is supported. Then search engines pick up these URLs based on already high ranking URLs to index with the key word. These poisoned links get high ranks as well. Finally, a user clicks on this link, unaware of the malware.
Unlike my initial thought, they have nothing to do with the content, but to bait users into clicking on malicious links. I’ve only discovered the reason behind these bogus results now, and when we think about who the average users are, it’s disturbing how so many people don’t know about what they’re exposed to.
sources:
https://www.imperva.com/resources/glossary?term=search_engine_poisoning_sep
https://www.bluecoat.com/security-blog/2015-01-07/search-engine-poisoning-sep-update-dangerous-searches