Contemporary blogs receive comments and TrackBacks, which result in cross-references between blogs. We conducted a longitudinal study of TrackBack spam, collecting and analyzing almost 10 million samples from a massive spam campaign over a one-year period. Unlike common delivery of email spam, the spammers did not use bots, but took advantage of an official Chinese site as a relay. Based on our analysis of TrackBack misuse found in the wild, we propose an authenticated TrackBack mechanism that defends against TrackBack spam even if attackers use a very large number of different source addresses and generate unique URLs for each TrackBack blog.
Trackback spam abuse and prevention
| Available Media | Publication (Pdf) Slides (pdf) |
| Conference | Cloud Computing Security Workshop (CCSW) - 2009 |
| Authors | Elie Bursztein , Peifung E. Lam , John C. Mitchell |
| Citation |
