The Long Story of Short URLs


I gave a talk based on these slides for the first time at Royal Holloway University of London, in April 2012. This talk discusses the results of a research that we have conducted about the impact on users of short URLs. I describe a system that we designed, implemented, and deployed that observes and collects the short URLs that more than 7,000 real web users have encountered while browsing the Web between March 2010 and April 2011 (and counting). On this dataset, which comprises 16,075,693 distinct short URLs, we first precisely characterized the usage habits observed during our collection process, and the content typically referred by short URLs: Users exhibit different usage habits depending on the type of content they are using short URLs for. We then analyzed the abuse of short URLs to hide the true URL of malicious pages: This practice is not widespread, although we noticed that the miscreants tend to post the same malicious short URL on multiple pages. Finally, we analyzed the countermeasures of shortening services against abuses of short URLs, and found that they are trivially bypassed by shortening a benign URL that turns malicious only a few moments after submitting it to the shortening service.

May 1, 2012 12:00 AM
ISG Research Seminars
Royal Holloway University of London