Check the last 20 TSN Tweets for inclusion of malware URLs.
To determine whether the TSN is promoting and encouraging users to visit sites containing malicious software via its Tweets.
| GRADE | 1 | 2 | 3 | 4 | 5 |
|---|---|---|---|---|---|
| DESC | 0 Malware links | 1 Malware link | 2 Malware links | 3 Malware links | 4 or more Malware links |
The follow response is from a TSN that has made two Tweets with links - one to a legitimate domain (ebay.com), the second to a known site (used for testing purposes) that contains malware:
<malware_link> <date>1266781463</date> <exec_time>1196</exec_time> <raw_data> <domains_processed>2</domains_processed> <ok_domains>ebay.com</ok_domains> <malware_domains>malware.tld</malware_domains> </raw_data> <result>2</result> </malware_link>
The following output pertains to a TSN that has not posted a link in the past 20 Tweets:
<malware_link> <date>1266781859</date> <exec_time>40</exec_time> <raw_data> <domains_processed>0</domains_processed> <ok_domains></ok_domains> <malware_domains></malware_domains> </raw_data> <result>1</result> </malware_link>
TWASE keeps a database of known malicious sites that is frequently updated from a number of reference sources and currently contains information on approximately 25,000 malware sites.
Due to the possibility that a Tweet containing a link that might be a short URL (generated from a service such as bit.ly), our API server will need to 'follow' this address to it's final destination before determining whether the end location reached is a malware site or not.
Because the API server needs to reach out to external (to TWASE) sites, the additional network latency associated with this will increase the overall API call execution time.