These obfuscation techniques limit the effectiveness of static analysis and static feature based systems.
There are legitimate reasons to use redirects on Web sites, and there are less than legitimate reasons. The paper details both legitimate reasons for redirects as well as questionable reasons. Here’s an example of one:
Doorway pages are used by both legitimate and spam sites to improve rankings for certain search terms. The doorway page is specifically designed and optimized to rank high for certain search terms. Doorway pages can improve user experience by introducing the site to the user and clearly stating what the site is about.
However, the problem occurs when the site targets terms that are completely inappropriate to the site’s topic. Visitors who search on those terms may click on the doorway page, but then are quickly redirected to a spam site.
The authors took a list of the top 5000 most popular English queries, and found the top 200 search result URLs from each using Live Search (search.live.com). That gave them a set of 782,937 unique URLs which they then labeled as being popular.
To explore the use of redirection on blogs, they decided to focus upon sites at blogspot.com. They used what they believed were the top 100 most monetizable keywords from Live Search to extract 934,876 blog sites which contained one or more of those keywords in the subdomain area of the blog’s URL –