Reclaiming the Blogosphere, TalkBack: A Secure LinkBack Protocol for Weblogs

  • Elie Bursztein
  • Baptiste Gourdin
  • John C. Mitchell
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6879)

Abstract

A LinkBack is a mechanism for bloggers to obtain automatic notifications when other bloggers link to their posts. LinkBacks are an important pillar of the blogosphere because they allows blog posts to cross-reference each other. Over the last few years, spammers have consistently tried to abuse LinkBack mechanisms as they provide an automated way to inject spam into blogs. A recent study shows that a single blog may receive tens of thousands of spam LinkBack notifications per day. Therefore, there is a great need to develop defenses to protect the blogosphere from spammer abuses. To address this issue, we introduce TalkBack, a secure LinkBack mechanism. While previous methods attempt to detecting LinkBack spam using content analysis, TalkBack uses distributed authentication and rate limiting to prevents spammers from posting LinkBack notifications.

Keywords

Resource Description Framework Receiver Authenticity Malicious Site Multiple Authority Spam Campaign 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Adams, C., Lloyd, S.: Understanding PKI: Concepts, Standards, and Deployment Considerations, 2nd edn. Addison-Wesley, Reading (2002)Google Scholar
  2. 2.
    Akass, C.: Storm worm ’making millions a day (February 2008), http://www.pcw.co.uk/personal-computer-world/news/2209293/strom-worm-making-millions-day
  3. 3.
    Apart, S.: Trackback technical specification (2004), http://www.sixapart.com/pronet/docs/trackback_spec
  4. 4.
    Apart, S.: Six apart guide to comment spam (2006), http://www.sixapart.com/pronet/comment_spam
  5. 5.
    Bursztein, E., Lam, P., Mitchell, J.C.: Trackback spam: Abuse and prevention. In: Cloud Computing Security Workshop (CCSW 2009). ACM, New York (2009)Google Scholar
  6. 6.
    Graham, B.L.: Bradland must see http comments. blog (September 1999), http://www.bradlands.com/weblog/comments/september_10_1999/
  7. 7.
    Haller, N.M.: The s/key one-time password system. In: Symposium on Network & Distributed Systems Security, Internet Society (1994)Google Scholar
  8. 8.
    Ironport. Internet security trends (2008), http://www.ironport.com/securitytrends
  9. 9.
    Kanich, C., Kreibich, C., Levchenko, K., Enright, B., Voelker, G.M., Paxson, V., Savage, S.: Spamalytics: an empirical analysis of spam marketing conversion. In: CCS 2008: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 3–14. ACM, New York (2008)CrossRefGoogle Scholar
  10. 10.
    Kolari, P., Java, A., Finin, T., Oates, T., Joshi, A.: Detecting spam blogs: A machine learning approach. In: 2006 Proceedings of the 21st National Conference on Artificial Intelligence, AAAI (2006)Google Scholar
  11. 11.
    Kreibich, C., Kanich, C., Levchenko, K., Enright, B., Voelker, G., Paxson, V., Savage, S.: Spamcraft: An inside look at spam campaign orchestration. In: LEET. USENIX (2009)Google Scholar
  12. 12.
    Langridge, S., Hickson, I.: Pingback 1.0. Technical report, Hixie (2002)Google Scholar
  13. 13.
    Matrawy, A., Somayaji, A., Oorschot, P.C.: Mitigating network denial-of-service through diversity-based traffic management. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 104–121. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    McCann, U.: Power to the people - social media tracker wave.3 (2008), http://www.universalmccann.com/Assets/wave_3_20080403093750.pdf
  15. 15.
    McCullagh, D., Broache, A.: Blogs turn 10 who is the father? (2010), http://news.cnet.com/2100-1025_3-6168681.html
  16. 16.
    Mishne, G., Carmel, D., Lempel, R.: Blocking blog spam with language model disagreement. In: Proceedings of the First International Workshop on Adversarial Information Retrieval on the Web, AIRWeb (2005)Google Scholar
  17. 17.
    Ntoulas, A., Manasse, M.: Detecting spam web pages through content analysis. In: Proceedings of the World Wide Web Conference, pp. 83–92. ACM Press, New York (2006)Google Scholar
  18. 18.
    Automattic Production. Askimet trackback statistics (2010), http://akismet.com/stats/
  19. 19.
    Sandler, D., Thomas, A.: Trackback validator (2009), http://seclab.cs.rice.edu/proj/trackback/
  20. 20.
    Sia, K.C., Cho, J., Cho, H.K.: Efficient monitoring algorithm for fast news alerts. IEEE Transactions on Knowledge and Data Engineering, 950–961 (2007)Google Scholar
  21. 21.
    Technorati. Technorati top 100 blogs (2011), http://technorati.com/pop/blogs/
  22. 22.
    von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: Captcha: Using hard ai problems for security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)Google Scholar
  23. 23.
    Wikipedia. Linkback (2011), http://en.wikipedia.org/wiki/Linkback

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Elie Bursztein
    • 1
  • Baptiste Gourdin
    • 1
    • 2
  • John C. Mitchell
    • 1
  1. 1.Stanford UniversityUSA
  2. 2.LSV,ENS-CachanFrance

Personalised recommendations