Reliability of Dazzle-attack (Understanding the success rate of Dazzle-attack): 3 experiments

We conduct 3 experiments to show the reliability of Dazzle-attack instance. Specifically, we profile the following 5 websites for 20 days (from 2019-05-07 ~ 2019-05-27). Selected DOM elements and attack triggering keywords are noted as well.

Experiment 1

• Fox News (https://www.foxnews.com/)

  • DOM Element: #wrapper > div > div.post-content > div:nth-child(3) > section.collection.collection-section.crime > div > div.article-list > article:nth-child(3) > div > header > h2

  • Attack triggering keywords: charged

• Earthquake Track in Japan (https://earthquaketrack.com/p/japan/recent)

  • DOM Element: #content > div.tab-content.row.col-lg-12 > div > div > div.col-lg-5.col-sm-4 > ul > li:nth-child(1) > div

  • Attack triggering keywords: in namie, japan

• Kimbell Museum (https://www.kimbellart.org/)

  • DOM Element: body > div > div.layout-container > main > div > div > div:nth-child(3) > div.region.region-content > div.block.block-system.block-system-main-block > div > div > div > div:nth-child(3) > div > div.event-teaser-text > h3

  • Attack triggering keywords: happy hour

• Weather in New York (https://weather.com/weather/hourbyhour/l/New+York+City+NY?canonicalCityId=a701ee19c4ab71bbbe2f6ba2fe8c250913883e5ae9b8eee8b54f8efbdb3eec03)

  • DOM Element: #twc-scrollabe > table > tbody > tr:nth-child(15) > td.description

  • Attack triggering keywords: thunderstorm

• Chrome Release Blog (https://chromereleases.googleblog.com/)

  • DOM Element: #Blog1 > div:nth-child(7) > div.post-footer > div.label-footer > span.labels > a:nth-child(1)

  • Attack triggering keywords: beta updates

The below 2 figures show how the attack triggering keywords are appearing during the profiling and simulation periods. In short, during the profiling period, it triggers once in 20 days (5/18/2019 ~ 6/17/2019). During the simulation period (20 days as well), it also shows up only once. This would be a typical configuration of Dazzle-attack that triggers an attack occasionally while maintaining its reliability. Moreover, we do not observe changes of DOM structures for all the websites and DOM elements chosen in this experiment.

Experiment 2

We profile the following 5 websites for 20 days (from 2019-05-07 ~ 2019-05-27). Selected DOM elements and attack triggering keywords are noted as well.

• USA Today (https://www.usatoday.com/)

  • DOM Element: #module-position-7 > div:nth-child(1) > section.shpm-section.shpm-section-odd.shpm-section-money.js-section-money.js-llc > a:nth-child(4)

  • Attack triggering keywords: dow

• TEDx Events (https://www.ted.com/tedx/events?autocomplete_filter=TEDxAthens)

  • DOM Element: #results > div.tedx-events-table > table > tbody > tr:nth-child(4) > td:nth-child(3)

  • Attack triggering keywords: united states

• Tide in New York (https://www.tide-forecast.com/locations/New-York-New-York/tides/latest)

  • DOM Element: #post-22852 > section > div.next-tide > table > thead > tr > th

  • Attack triggering keywords: the tide right now is coming in

• Moon Phases in New York (https://www.timeanddate.com/moon/phases/usa/new-york)

  • DOM Element: #bk-focus > div > div.three.columns.tc > p

  • Attack triggering keywords: waning

• The Official Star Wars Website (https://www.starwars.com/)

  • DOM Element: #body-wrapper > main > main > section > ul > li:nth-child(8) > article > section.cb-content > h2 > a

  • Attack triggering keywords: phantom menace

The below 2 figures show how the attack triggering keywords are appearing during the profiling and simulation periods. In short, during the profiling period, it triggers once in 20 days (5/18/2019 ~ 6/17/2019). During the simulation period (20 days as well), it also shows up only once. This would be a typical configuration of Dazzle-attack that triggers an attack occasionally while maintaining its reliability. Moreover, we do not observe changes of DOM structures for all the websites and DOM elements chosen in this experiment.

Experiment 3

We profile the following 5 websites for 20 days (from 2019-05-07 ~ 2019-05-27). Selected DOM elements and attack triggering keywords are noted as well.

• Trinity Church Boston (https://www.trinitychurchboston.org/)

  • DOM Element: #main-content > div > div > div > div.view-content > div > div > table > tbody > tr:nth-child(8) > td.single-day.today

  • Attack triggering keywords: eucharist

• Oracle Arena (https://www.warriorscentral.com/arena/)

  • DOM Element: #list > div:nth-child(10) > div.info.clearfix > div.text_wrapper > h3

  • Attack triggering keywords: athletics

• NASA – Image of the Day (https://www.nasa.gov/multimedia/imagegallery/iotd.html)

  • DOM Element: #landing-cards > div > div.col-sm-30p.col-xs-12.masonry-item.card8 > div > div.caption > p.btn-tag-group

  • Attack triggering keywords: atmosphere

• Twitter – Houston Rockets (https://twitter.com/HoustonRockets?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor)

  • DOM Element: #main_content > div.timeline > table:nth-child(3) > tbody > tr.tweet-container > td > div

  • Attack triggering keywords: #rockets

• eBay (https://www.ebay.com/)

  • DOM Element: #w0-reviewsWidget > div:nth-child(4) > div.ebay-review-section-r

  • Attack triggering keywords: great

The below 2 figures show how the attack triggering keywords are appearing during the profiling and simulation periods. In short, during the profiling period, it triggers once in 20 days (5/18/2019 ~ 6/17/2019). During the simulation period (20 days as well), it also shows up only once. This would be a typical configuration of Dazzle-attack that triggers an attack occasionally while maintaining its reliability. Moreover, we do not observe changes of DOM structures for all the websites and DOM elements chosen in this experiment.