「Understanding the Fake Removal Information Advertisement Sites」-情報処理学会

Understanding the Fake Removal Information Advertisement Sites

［Journal of Information Processing Vol.29, pp.392-405］

［Abstract］

　Fake antivirus (AV) software is malware that disguises as legitimate antivirus software and causes harm to users and their devices. Fake removal information advertisement (FRAD) sites, which introduce fake removal information for cyber threats, have emerged as platforms for distributing fake AV software.Although FRAD sites seriously threaten users who have been suffering from cyber threats and need information for removing them, little attention has been given to revealing these sites. This paper proposes a system to automatically crawl the web and identify FRAD sites. To shed light on the pervasiveness of this type of attack, we performed a comprehensive analysis of both passively and actively collected data. Our system collected 2,913 FRAD sites in 31 languages, which have 73.5 million visits per month in total. We show that FRAD sites occupy search results when users search for cyber threats, thus preventing the users from obtaining the correct information.

［Reasons for the award］

　Malware cyberattacks are becoming more and more common and serious social issues. While antivirus software is a good defense against it, some sites are spreading fake removal information called FRAD (Fake removal information advertisement), which creates a serious anti-malware vulnerability. The authors proposed a system to automatically crawl the web, identify FRAD sites, and investigate the actual situation of FRAD sites. This paper is attracting a great impact as it sheds light on methods that make cyber defenses vulnerable and deserves an outstanding paper award.

Takashi Koide

Takashi Koide received the B.S., M.S., and Ph.D. degrees in Informatics from Yokohama National University in 2014, 2016, and 2021. He is currently a researcher at NTT Security (Japan) KK, Tokyo, Japan. His research interests include network and Web security. He won the Research Award from the IEICE Technical Committee on Information and Communication System Security in 2018.

Daiki Chiba

Daiki Chiba is currently a senior engineer at NTT Security (Japan) KK, Tokyo, Japan. He received his B.E., M.E., and Ph.D. degrees in computer science from Waseda University in 2011, 2013, and 2017. Since joining Nippon Telegraph and Telephone Corporation (NTT) in 2013, he has been engaged in research on cyber security through data analysis. He is a member of IEEE and IEICE.

Mitsuaki Akiyama

Mitsuaki Akiyama received his M.E. and Ph.D. degrees in information science from Nara Institute of Science and Technology in 2007 and 2013. Since joining Nippon Telegraph and Telephone Corporation (NTT) in 2007, he has been engaged in research and development on cybersecurity. He is currently a Senior Distinguished Researcher at NTT Social Informatics Laboratories. He received Cybersecurity Encouragement Award of the Minister for Internal Affairs and Communications in 2020, ISOC NDSS 2020 Distinguished Paper Award in 2020, and IPSJ/IEEE Computer Society Young Computer Researcher Award in 2022. His research interests include cybersecurity measurement, offensive security, and usable security and privacy.

Katsunari Yoshioka

Katsunari Yoshioka is an Associate Professor at Yokohama National University since 2011. His research interests cover wide area of system security and network security including malware analysis and IoT security. He received the commendation for science and technology by the minister of MEXT, Japan in 2009, the award for contribution to Industry-Academia-Government Collaboration by the minister of MIC, Japan in 2016, and the Culture of Information Security Award in 2017.

Tsutomu Matsumoto

Tsutomu Matsumoto is a professor of the Faculty of Environment and Information Sciences, Yokohama National University. He also serves as the Director of the Cyber Physical Security Research Center at the National Institute of Advanced Industrial Science and Technology. Starting from Cryptography in the early '80s, he has opened up the field of security measuring for logical and physical security mechanisms. He received a Doctor of Engineering degree from the University of Tokyo in 1986, as well as the IEICE Achievement Award, the DoCoMo Mobile Science Award, the Culture of Information Security Award, the MEXT Prize for Science and Technology, etc.