Cloak of Visibility - Detecting When Machines Browse a Different Web

Explore a comprehensive analysis of web cloaking techniques used by malicious actors to evade detection in this 14-minute IEEE conference talk. Delve into the sophisticated methods employed to hide harmful content from security crawlers while exposing regular users to potential threats. Examine the capabilities of ten prominent underground cloaking services, including extensive IP blacklists targeting search engines and security crawlers. Learn about the development of an anti-cloaking system with high accuracy in detecting split-view content. Gain insights into the prevalence of cloaking threats in search and advertisement URLs, and understand the variations in techniques across different traffic sources. Discover the minimum capabilities required for security crawlers to bypass state-of-the-art mobile, rDNS, and IP cloaking methods. Covering topics such as responsive design, IP blacklisting, DNS cloaking, and browsing pattern cloaking, this talk provides a broad perspective on the impact of cloaking on Google Search and Google Ads.