TWISC 96 PHISHING DETECTION AND WEB 2'0 SECURITY

1
TWISC ????96????????PHISHING DETECTION AND WEB
2.0 SECURITY

• ?????? (Ieng-Fat Lam)
• ?????????

2
OUTLINE

• Research Subjects
• Progress Report
• Future Progress

3
RESEARCH SUBJECT

• Anti-Phishing
• Social Network System Security

4
ANTI-PHISHING

• There are over 65 billions Internet users around
  the world
• And the number still growing.
• More service provided based on Internet access
• But also introduced the crisis of information
  exposure.
• Phishing is a special problem among Internet
  security issues
• The loss it causes is huge
• Heavily related to how Internet users trust a web
  site

5
ANTI-PHISHING (CONT.)

• Phishing is
• A type of semantic (???) attack
• Victims are sent emails that deceive them into
  providing
• Account numbers
• Passwords
• Other personal information (ex. Credit Card No)
• Falsely claim to be from a reputable business
  where victims might have an account
• Victims are directed to a spoofed web site

6
GENERAL PHISHING ATTACK
7
GENERAL PHISHING ATTACK (CONT.)

• Phishing Email- eBay

8
GENERAL PHISHING ATTACK (CONT.)

• Phishing VS Original Website - eBay

9
ANTI-PHISHING (CONT.)

• We argue that
• Phishing and Web spoofing is threatening
• Corresponding attacks target non-cryptographic
  components
• The implementations of existing cryptographic
  security protocols
• Do not provide a complete solution.
• These protocols must be complemented by
  additional protection mechanisms.

10
SOCIAL NETWORK SYSTEM SECURITY

• Social network systems
• Like Flickr, Myspace and Yahoo! 360
• Becomes popular these days
• People share personal information such as
• Video
• Audio
• Photographs
• On the web though social network systems
• Information on the web can be used by stranger
  for any purpose
• Without notification

11
SOCIAL NETWORK SYSTEM SECURITY (CONT.)

• We focus on
• Privacy and security of social network systems
• Self information disclosure
• Especially on name leakage (non-self disclose)
• Measurement on existing social network system
• Wretch, the most popular SNS on Taiwan
• To identify the privacy and security risk in
  online social network
• In a quantify method.

12
EXAMPLE OF NAME LEAKAGE
13
EXAMPLE OF NAME LEAKAGE (CONT.)
14
PROGRESS REPORT

• Overall Progress
• Research Result

15
OVERALL PROGRESS

• Anti-Phishing
• Have a knowledge of how phishing works
• Existing mechanisms and their good / weak point
• Have written a program to collect Phishing
  web-page everyday
• Confirmed research direction
• Phishing detection based on Visual Similarity
• Phishing page classify program
• Implemented Phishing detection method by paper
  (EMD)

16
ANTI-PHISHING - SOME RESULTS

• Phishing page match to target

17
ANTI-PHISHING - SOME RESULTS

• Phishing EMD result report

18
OVERALL PROGRESS

• Social network system security
• Gathered data from Wretch
• Analyzed the data and prepared graph and table
• Found the cause and risk of name leakage
• Completed writing paper
• Measuring Name Leakage in Web 2.0 Social Network
  Systems
• Research is almost completed

19
SNS SECURITY - SOME RESULTS

• Name leakage example

20
RESEARCH RESULTS

• Anti-Phishing
• Using Visual Similarity need to care about
  efficiency
• The Method mentioned by Paper is not detailed in
  implementation
• Some bugs needed to be cleared
• Social Network System
• In the data set
• 28 of user full name can be inferred
• 70 of user first name can be inferred
• Risk of name leakage
• Cause of name leakage

21
SOCIAL NETWORK SYSTEM THE PAPER

• Wretch data
• Gathered from September to November, 2007
• Total user 766972 (about 20)
• Average in-degree 6.49
• Average out-degree 6.52

22
GENDER, AGE DISTRIBUTION
23
RATIO OF SELF-DISCLOSURE
24
RATIO OF NAME LEAKAGE
Ratio of user can infer a name
25
RATIO OF NAME LEAKAGE

• Degree of Using Real name (DUR)
• The degree of friend description written by
  specific user which contains a real name.
• Cause of name leakage
• Degree of Call by Real name (DCR)
• The degree of description to specific user which
  contains real name
• Result of name leakage

26
DUR, DCU WITH IN AND OUT DEGREE
27
CAUSE OF NAME LEAKAGE

• The consistently lower of DUR
• Increased by increase of in and out degree
• User may not use friends' real name in
  description as a usual practice.
• Consistently high DCR
• Do not effect much by in and out degree
• Some user may regularly described by friends
  using real name.
• Real-world friends starts using real name.

28
DUR, DCU WITH DEGREE OF SELF-DISCLOSURE (DSD)
29
DCR AND DUR OVER DSD

• DSD do not have significant relation
• With both DUR and DCR
• Suggests that self-disclosure may not the cause
  of result of name leakage.

30
RISK OF NAME LEAKAGE

• Spam email
• Spam email by friends
• Evolved email list
• Using friends real name or email address
• Personalized Phishing Attack
• Using real name in Phishing email

31
FUTURE PROGRESS
32
FUTURE PROGRESS

• Anti-Phishing
• The code is taken over by other research
  assistant
• May continue assist on Phishing detection or
  create a new topic
• Social network system security
• The paper is needed to be finalized
• Grammar mistake
• Reviewed again by advise-professor
• Submit to conference or journal.