1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

FYI - SearchAudit

Discussion in 'BlackHat Lounge' started by trooper, Jul 12, 2010.

  1. trooper

    trooper Regular Member

    Jun 5, 2009
    Likes Received:
    Front lines
    .....But search engines have a dark side too. They form a vital part of hackers' toolkits. For instance, once a potential website vulnerability emerges, a quick web search can gather together a list of all sites which have that security flaw in their web code. That's because as the search engines index the web, they record pages' source code and make that information searchable.
    How better to hunt down hackers than by setting the search engines themselves on them, asks John John at the University of Washington in Seattle and Microsoft Research Silicon Valley. With colleagues, John has developed SearchAudit, a system that uses search engines ? and the hackers themselves ? as guides to malicious sites and forums.
    SearchAudit begins with a pool of known malicious queries and then trawls search engine logs to identify the small number of users who searched for those terms. Then it looks at all the other searches that those users requested, and in this way finds more malicious queries, identifies more would-be hackers and uncovers yet more dodgy queries.
    The team set SearchAudit loose on Microsoft Bing's search logs for a three-month period. Using just 500 initial queries gleaned from one hacker website, the software detected 4 million malicious queries ? identifying some threats even before they had been circulated on hacker websites.
    Network security is an arms race, with advantages gained on one side quickly neutralised by the opposition. But because so much of that race is conducted through search engines, John and colleagues argue that hackers would find it very hard to combat the use of those very search engines to reveal suspicious behaviour ? providing yet another example of how innovative web search studies can benefit us all.