Recently, we studied an aspect of the World Wide Web that did not receive a lot of attention yet - the
online adult industry. Compared to traditional media, the Internet provides fast, easy, and anonymous access to the desired content. That, in turn, results in a huge number of users accessing pornographic content. To improve the understanding of this part of the Web, we performed a study of the online adult industry. As a result, we provide a detailed overview of the individual actors and roles within the online adult industry, which enables us to better understand the mechanisms with which visitors are redirected between the individual parties and how money flows between them. Furthermore, we examined the security aspects of more than 250,000 adult pages and studied, among other aspects, the prevalence of drive-by download attacks. In addition, we analyzed domain-specific security threats such as disguised traffic redirection techniques, and surveyed the hosting infrastructure of adult sites.
Lastly, we operated two adult web sites on our own. By becoming adult web site operators ourselves, we gained additional insights on unique security aspects in this domain. This enabled us to obtain a deeper understanding of the related abuse potential. We participated in adult traffic trading, and provide a detailed discussion of this unique aspect of adult web sites, including insights into the economical implications, and possible attack vectors that a malicious site operator could leverage. For example, we discovered that a malicious operator could infect more than 20,000 with a minimal investment of about $160. Furthermore, we experimentally show that a malicious site operator could benefit from domain-specific business practices that facilitate click-fraud and mass exploitation. We conclude that many participants of this industry have business models that are based on very questionable practices that could very well be abused for malicious activities and conducting cyber-crime. In fact, we found evidence that this kind of abuse is already happening in the wild.
All details of our study are available in the
paper. The paper will be presented at the Ninth Workshop on the Economics of Information Security (
WEIS 2010). WEIS will take place on June 7/8 at Harvard University.
Abstract:
The online adult industry is among the most profitable business branches on the Internet, and its web sites attract large amounts of visitors and traffic. Nevertheless, no study has yet characterized the industry’s economical and security-related structure. As cyber-criminals are motivated by financial incentives, a deeper understanding and identification of the economic actors and interdependencies in the online adult business is important for analyzing security-related aspects of this industry.
In this paper, we provide a survey of the different economic roles that adult web sites assume, and highlight their economic and technical features. We provide insights into security flaws and potential points of interest for cyber-criminals. We achieve this by applying a combination of automatic and manual analysis techniques to investigate the economic structure of the online adult industry and its business cases. Furthermore, we also performed several experiments to gain a better understanding of the flow of visitors to these sites and the related cash flow, and report on the lessons learned while operating adult web sites on our own.
This paper was joint work with Gilbert Wondracek, Christian Platzer, Engin Kirda, and Christopher Kruegel, all members of the
International Secure Systems Lab. You can get the paper at
http://honeyblog.org/junkyard/paper/adultSites-weis2010.pdf.
