Given the dynamic nature of the Web, security measurements on it suffer from reproducibility issues. In this paper we take a systematic look into the potential of using web archives for web security measurements. We first evaluate an extensive set of web archives as potential sources of archival data, showing the superiority of the Internet Archive with respect to its competitors. We then assess the appropriateness of the Internet Archive for historical web security measurements, detecting subtleties and possible pitfalls in its adoption. Finally, we investigate the feasibility of using the Internet Archive to simulate live security measurements, using recent archival data in place of live data. Our analysis shows that archive-based security measurements are a promising alternative to traditional live security measurements, yet reproducible by design. As an important contribution, we identify insights and best practices for future archive-based security measurements.
History
Preferred Citation
Florian Hantke, Stefano Calzavara, Moritz Wilhelm, Alvise Rabitti and Ben Stock. You Call This Archaeology? Evaluating Web Archives for Reproducible Web Security Measurements. In: ACM Conference on Computer and Communications Security (CCS). 2023.
Primary Research Area
Empirical and Behavioral Security
Name of Conference
ACM Conference on Computer and Communications Security (CCS)
Legacy Posted Date
2023-05-23
Open Access Type
Green
BibTeX
@inproceedings{cispa_all_3953,
title = "You Call This Archaeology? Evaluating Web Archives for Reproducible Web Security Measurements",
author = "Hantke, Florian and Calzavara, Stefano and Wilhelm, Moritz and Rabitti, Alvise and Stock, Ben",
booktitle="{ACM Conference on Computer and Communications Security (CCS)}",
year="2023",
}