Paper Info
Title
Dirty Clicks: A Study of the Usability and Security Implications of Click-related Behaviors on the Web
Abstract
Web pages have evolved into very complex dynamic applications, which are often very opaque and difficult for non-experts to understand. At the same time, security researchers push for more transparent web applications, which can help users in taking important security-related decisions about which information to disclose, which link to visit, and which online service to trust. In this paper, we look at one of the simplest but also most representative aspect that captures the struggle between these opposite demands: a mouse click. In particular, we present the first comprehensive study of the possible security and privacy implications that clicks can have from a user perspective, analyzing the disconnect that exists between what is shown to users and what actually happens after. We started by identifying and classifying possible problems. We then implemented a crawler that performed nearly 2.5M clicks looking for signs of misbehavior. We analyzed all the interactions created as a result of those clicks, and discovered that the vast majority of domains are putting users at risk by either obscuring the real target of links or by not providing sufficient information for users to make an informed decision. We conclude the paper by proposing a set of countermeasures.
Year
DOI
Venue
2020
10.1145/3366423.3380124
WWW '20: The Web Conference 2020 Taipei Taiwan April, 2020
Keywords
DocType
ISBN
browser click, web security, usability
Conference
978-1-4503-7023-3
Citations 
PageRank 
References 
0
0.34
0
Authors
5
Name
Order
Citations
PageRank
Iskander Sánchez-Rola1254.03
Davide Balzarotti22040113.64
Christopher Kruegel38799516.05
Giovanni Vigna47121507.72
Igor Santos5144.55