Title: A Survey of Social Network Security Issues
1A Survey of Social Network Security Issues
- Hongyu Gao, Tuo Huang, Jun Hu, Jingnan Wang
2History of Social Network Sites
- Boyd et al. Social Network Sites Definition,
History, and Scholarship. Journal of
Computer-Mediated Communication, 13(1), article
11. 2007
3Explosion of Social Network
- Rapid growth of social network sites spawns a new
area of network security and privacy issues
4Purpose of the Study
- To conduct a comprehensive survey of existing and
potential attack behaviors in social network
sites - Identify patterns in such attack behaviors
- Review existing solutions, measurement as well as
defense mechanisms
5Security Issues Identified
- Social Engineering attacks
- Spamming
- Phishing
- Social Network vs. Social Network Sites (SNS)
- Sybil attack
- Social network Account Attack
- Hack the social network account using password
cracking. - Malware attack
- Social Network sites as vectors of malware
propagation
6Spamming
- SNS as vectors for conventional spamming
- Messages, Wallposts, Comments,
- Detection and measurements
7Active detection ---Social Honeypots Steve et al
- Message spam and comment spam are similar with
traditional spam.In my space there is new form of
spam deceptive profile spam. - This kind of spammer uses sexy photo and
seductive story in about me section to attract
visitors.
8Social honeypots
Figure 1 An example of a deceptive spam profile
9Social honeypots
- Social honeypots can be seen as a kind of active
detection of social network spam. - The author constructed 51 honeypot profiles and
associated them with distinct geographic location
in Myspace to collect the deceptive spam
profiles. - For the num of their honeypots is small,so the
dataset they collected is very limited.
10Passive detection-----Detecting spammers and
content promoters in online video social
networks, by F. Benevenuto, et. al.
- This paper is a comprehensive behavior-based
detection and it can be cataloged into passive
dectection compared with Social Honeypots.
11Passive detection
- The author manually select a test collection of
real YouTube users, classifying them as
spammers, promoters, and legitimates. Using this
collection,they provided a characterization of
social and content attributes that help
distinguish each user class.They used a
state-of-the-art supervised classification
algorithm to detect spammers and promoters, and
assess its effectiveness in their test
collection.
12Passive detection
- They considered three attribute sets, namely,
video attributes, user attributes, and social
network (SN) attributes.
13Passive detection
- They characterize each video by its duration,
numbers of views and of commentaries received,
ratings, number of times the video was selected
as favorite, as well as numbers of honors and of
external links
14Passive detection
- They select the following 10 user attributes
number of friends, number of videos Uploaded,
number of videos watched, number of videos added
as favorite, numbers of video responses posted
and received, numbers of subscriptions and
subscribers, average time between video uploads,
and maximum number of videos uploaded in 24 hours.
15Passive detection
- Social network (SN) attributes clustering
coefficient, betweenness,reciprocity,
assortativity, and UserRank.
16Passive detection
- For it is passive detection,it need pre-knowledge
and another drawback is that using supervised
learning algorithm may require large dataset for
learning, otherwise the result will not be
accurate.
17Social Spamming
- Characteristics
- No specific recipient
- Using SNS as free advertisement site
- Can completely undermine the service of the
website especially if launched as Sybil attacks - Detection Metrics
- TagSpam
- TagBlur
- DomFp
- NumAds
- ValidLink
18Sybil Attack
- A general form of attack to reputation systems
- Large amount of fake identities outvote honest
identities - Can be used to thwart the intended purpose of
certain SNSes
19Defense to Sybil Attacks SybilGuard Yu et al.
- Sybil Nodes have small Quotient Cuts
- Inherent social networks do not
- Possible to encircle the Sybil nodes
20Malware attack
- The most notorious worm in social network is the
koobface. According to Trend Micro, the attack
from koobface as follows
Step 1 Registering a Facebook account. Step
2Confirming an e-mail address in Gmail to
activate the registered account. Step 3 Joining
random Facebook groups. Step 4 Adding friends
and posting messages on their walls.
21Malware attack
- There are worms and other threats that have
plagued social networking sites. E.g. Grey Goo
targeting at Second Life, JS/SpaceFlash targeting
at MySpace,Kut Wormer targeting at Orkut, Secret
Crush targeting at Facebook, etc.
22Malware attack
- Until now there are few papers on detecting these
attacks.
23Social network Account Attack
- Hack the social network account using password
cracking.
-----In February,2009, the Twitter account of
Miley Cyrus was hijacked too and someone posted
some offensive messages
24And more to be discovered