TypoWriter: A Tool to Prevent Typosquatting

Typosquatting is a form of internet cybersquatting generated from the mistakes (typos) made by internet users while typing a website address. It often leads the user to another unintended website. Sometimes it is exploited by cybersquatters to attract website traffic by redirecting common typos of popular websites to some other sites with malicious contents. A possible solution is defensive registration of similar domains and redirecting requests to the original site. This would be affordable for the owner of the original domain if a short list of such probable typo domain names can be predicted. Existing works on typosquatting mostly try to detect typo sites by analyzing logs. However, to the best of our knowledge, none of them can predict probable typo variations of a given URL at pre-registration phase. In this paper, we present TypoWriter, an RNN based error prediction tool to fill this gap. TypoWriter achieves a good performance in terms of successful predictions that match with the ground-truth. It is compared with five widely used typo generation tools and substantial improvement is observed.

[1]  Wouter Joosen,et al.  Seven Months' Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse , 2015, NDSS.

[2]  Jens Myrup Pedersen,et al.  Detection of Malicious and Abusive Domain Names , 2018, 2018 1st International Conference on Data Intelligence and Security (ICDIS).

[3]  Anindya Iqbal,et al.  An empirical study on typosquatting abuse in Bangladesh , 2017, 2017 International Conference on Networking, Systems and Security (NSysS).

[4]  Chris Kanich,et al.  Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting , 2015, 2015 IEEE Symposium on Security and Privacy.

[5]  Yi-Min Wang,et al.  Strider Typo-Patrol: Discovery and Analysis of Systematic Typo-Squatting , 2006, SRUTI.

[6]  Wouter Joosen,et al.  Soundsquatting: Uncovering the Use of Homophones in Domain Squatting , 2014, ISC.

[7]  Aziz Mohaisen,et al.  A user study of the effectiveness of typosquatting techniques , 2016, CNS.

[8]  Aziz Mohaisen,et al.  The Landscape of Domain Name Typosquatting: Techniques and Countermeasures , 2016, 2016 11th International Conference on Availability, Reliability and Security (ARES).

[9]  Fred J. Damerau,et al.  A technique for computer detection and correction of spelling errors , 1964, CACM.

[10]  Aziz Mohaisen,et al.  Understanding the effectiveness of typosquatting techniques , 2017, HotWeb.

[11]  Piyush Charan A Survey of the Prominent Effects of Cybersquatting in India , 2015 .

[12]  Jürgen Schmidhuber,et al.  Long Short-Term Memory , 1997, Neural Computation.

[13]  张洋,et al.  Towards quantifying visual similarity of domain names for combating typosquatting abuse , 2016 .

[14]  Vladimir I. Levenshtein,et al.  Binary codes capable of correcting deletions, insertions, and reversals , 1965 .

[15]  Chris Kanich,et al.  The Long "Taile" of Typosquatting Domain Names , 2014, USENIX Security Symposium.

[16]  Tyler Moore,et al.  Measuring the Perpetrators and Funders of Typosquatting , 2010, Financial Cryptography.

[17]  Ian Welch,et al.  Anatomy of Drive-by Download Attack , 2013, AISC.

[18]  Michalis Faloutsos,et al.  SUT: Quantifying and mitigating URL typosquatting , 2011, Comput. Networks.

[19]  Azman Samsudin,et al.  Typosquat Cyber Crime Attack Detection via Smartphone , 2017 .

[20]  Fabio Roli,et al.  Deepsquatting: Learning-Based Typosquatting Detection at Deeper Domain Levels , 2017, AI*IA.

[21]  Aziz Mohaisen,et al.  You’ve Been Tricked! A User Study of the Effectiveness of Typosquatting Techniques , 2016, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).