Authors: Florian Nettersheim, Stephan Arlt, Michael Rademacher

Published on: April 22, 2024

Impact Score: 8.0

Arxiv code: Arxiv:2404.14190

Summary

• What is new: This pre-study uniquely evaluates the extent to which ad-malware is recognized and categorized by common Internet services, revealing significant discrepancies in their definitions of suspicious content.
• Why this is important: The pervasive issue of potentially malicious content hidden in online advertisements, posing a threat to internet users.
• What the research proposes: Crawling a vast set of websites to fetch HTTP requests linked to online advertisements and querying these against popular filtered DNS providers and VirusTotal, to assess the detection rate of ad-malware.
• Results: Up to 0.47% of domains are labeled as suspicious by DNS providers, and up to 8.8% by VirusTotal, with only 0.7% to 3.2% categorized specifically as ad-malware, indicating varied definitions of suspicious content among services.

Technical Details

Technological frameworks used: Web crawling for data collection, DNS filtering, and VirusTotal querying

Models used: Not specified

Data used: HTTP requests from a large dataset of websites

Potential Impact

Online advertising platforms, cybersecurity firms, and publishers could all be impacted by these findings, necessitating adaptive strategies for detecting and managing ad-malware.

Want to implement this idea in a business?

We have generated a startup concept here: AdIntegrity.