MAWSEO: Adversarial Wiki Search Poisoning for Illicit Online Promotion
This addresses the problem of automated cybercrime for illicit online promotion on Wikipedia, posing a threat to platform integrity and user trust, and is novel in automating such attacks.
The study introduced MAWSEO, an automated technique for adversarial Wiki search poisoning to promote illicit businesses, which effectively bypasses state-of-the-art vandalism detectors and achieves promotional objectives without alarming users.
As a prominent instance of vandalism edits, Wiki search poisoning for illicit promotion is a cybercrime in which the adversary aims at editing Wiki articles to promote illicit businesses through Wiki search results of relevant queries. In this paper, we report a study that, for the first time, shows that such stealthy blackhat SEO on Wiki can be automated. Our technique, called MAWSEO, employs adversarial revisions to achieve real-world cybercriminal objectives, including rank boosting, vandalism detection evasion, topic relevancy, semantic consistency, user awareness (but not alarming) of promotional content, etc. Our evaluation and user study demonstrate that MAWSEO is capable of effectively and efficiently generating adversarial vandalism edits, which can bypass state-of-the-art built-in Wiki vandalism detectors, and also get promotional content through to Wiki users without triggering their alarms. In addition, we investigated potential defense, including coherence based detection and adversarial training of vandalism detection, against our attack in the Wiki ecosystem.