A Domain-Agnostic approach to Spam-URL detection via redirects

Abstract

Web services like social networks, video streaming sites, etc. draw numerous viewers daily. This popularity makes them attractive targets for spammers to distribute hyperlinks to malicious content. In this work we propose a new approach for detecting spam URLs on the Web. Our key idea is to leverage the properties of URL redirections widely deployed by spammers. We combine the redirect chains into a redirection graph that reveals the underlying infrastructure in which the spammers operate, and design our method to build on key characteristics closely associated with the modus operandi of the spammers. Different from previous work, our approach exhibits three key characteristics; (1) domain-independence, which enables it to generalize across different Web services, (2) adversarial robustness, which incurs difficulty, risk, or cost on spammers to evade as it is tightly coupled with their operational behavior, and (3) semi-supervised detection, which uses only a few labeled examples to produce competitive results thanks to its effective usage of the redundancy in spammers’ operations. Evaluation on large Twitter datasets shows that we achieve above 0.96 recall and 0.70 precision with false positive rate below 0.07 with only 1% of labeled data.