3,534 research outputs found
Abusing Phone Numbers and Cross-Application Features for Crafting Targeted Attacks
With the convergence of Internet and telephony, new applications (e.g.,
WhatsApp) have emerged as an important means of communication for billions of
users. These applications are becoming an attractive medium for attackers to
deliver spam and carry out more targeted attacks. Since such applications rely
on phone numbers, we explore the feasibility, automation, and scalability of
phishing attacks that can be carried out by abusing a phone number. We
demonstrate a novel system that takes a potential victim's phone number as an
input, leverages information from applications like Truecaller and Facebook
about the victim and his / her social network, checks the presence of phone
number's owner (victim) on the attack channels (over-the-top or OTT messaging
applications, voice, e-mail, or SMS), and finally targets the victim on the
chosen channel. As a proof of concept, we enumerate through a random pool of
1.16 million phone numbers. By using information provided by popular
applications, we show that social and spear phishing attacks can be launched
against 51,409 and 180,000 users respectively. Furthermore, voice phishing or
vishing attacks can be launched against 722,696 users. We also found 91,487
highly attractive targets who can be attacked by crafting whaling attacks. We
show the effectiveness of one of these attacks, phishing, by conducting an
online roleplay user study. We found that social (69.2%) and spear (54.3%)
phishing attacks are more successful than non-targeted phishing attacks (35.5%)
on OTT messaging applications. Although similar results were found for other
mediums like e-mail, we demonstrate that due to the significantly increased
user engagement via new communication applications and the ease with which
phone numbers allow collection of information necessary for these attacks,
there is a clear need for better protection of OTT messaging applications.Comment: Submitted to AsiaCCS 201
Systems Applications of Social Networks
The aim of this article is to provide an understanding of social networks as
a useful addition to the standard tool-box of techniques used by system
designers. To this end, we give examples of how data about social links have
been collected and used in di erent application contexts. We develop a broad
taxonomy-based overview of common properties of social networks, review how
they might be used in di erent applications, and point out potential pitfalls
where appropriate. We propose a framework, distinguishing between two main
types of social network-based user selection-personalised user selection which
identi es target users who may be relevant for a given source node, using the
social network around the source as a context, and generic user selection or
group delimitation, which lters for a set of users who satisfy a set of
application requirements based on their social properties. Using this
framework, we survey applications of social networks in three typical kinds of
application scenarios: recommender systems, content-sharing systems (e.g., P2P
or video streaming), and systems which defend against users who abuse the
system (e.g., spam or sybil attacks). In each case, we discuss potential
directions for future research that involve using social network properties.Comment: Will appear in ACM computing Survey
Mutual Clustering Coefficient-based Suspicious-link Detection approach for Online Social Networks
Online social networks (OSNs) are trendy and rapid information propagation
medium on the web where millions of new connections either positive such as
acquaintance or negative such as animosity, are being established every day
around the world. The negative links (or sometimes we can say harmful
connections) are mostly established by fake profiles as they are being created
by minds with ill aims. Detecting negative (or suspicious) links within online
users can better aid in mitigation of fake profiles from OSNs. A modified
clustering coefficient formula, named as Mutual Clustering Coefficient
represented by M_cc, is introduced to quantitatively measure the connectivity
between the mutual friends of two connected users in a group. In this paper, we
present a classification system based on mutual clustering coefficient and
profile information of users to detect the suspicious links within the user
communities. Profile information helps us to find the similarity between users.
Different similarity measures have been employed to calculate the profile
similarity between a connected user pair. Experimental results demonstrate that
four basic and easily available features such as
work(w),education(e),home_town(ht)and current_city(cc) along with M_CC play a
vital role in designing a successful classification system for the detection of
suspicious links
Some Recommended Protection Technologies for Cyber Crime Based on Social Engineering Techniques -- Phishing
Phishing (password + fishing) is a form of cyber crime based on social
engineering and site spoofing techniques. The name of 'phishing' is a conscious
misspelling of the word 'fishing' and involves stealing confidential data from
a user's computer and subsequently using the data to steal the user's money. In
this paper, we study, discuss and propose the phishing attack stages and types,
technologies for detection of phishing web pages, and conclude our paper with
some important recommendations for preventing phishing for both consumer and
company.Comment: 5 pages; Journal of Communication and Computer, USA, Vol. 8, No. 7,
(2011
SODEXO: A System Framework for Deployment and Exploitation of Deceptive Honeybots in Social Networks
As social networking sites such as Facebook and Twitter are becoming
increasingly popular, a growing number of malicious attacks, such as phishing
and malware, are exploiting them. Among these attacks, social botnets have
sophisticated infrastructure that leverages compromised users accounts, known
as bots, to automate the creation of new social networking accounts for
spamming and malware propagation. Traditional defense mechanisms are often
passive and reactive to non-zero-day attacks. In this paper, we adopt a
proactive approach for enhancing security in social networks by infiltrating
botnets with honeybots. We propose an integrated system named SODEXO which can
be interfaced with social networking sites for creating deceptive honeybots and
leveraging them for gaining information from botnets. We establish a
Stackelberg game framework to capture strategic interactions between honeybots
and botnets, and use quantitative methods to understand the tradeoffs of
honeybots for their deployment and exploitation in social networks. We design a
protection and alert system that integrates both microscopic and macroscopic
models of honeybots and optimally determines the security strategies for
honeybots. We corroborate the proposed mechanism with extensive simulations and
comparisons with passive defenses
Personal Information Privacy Settings of Online Social Networks and their Suitability for Mobile Internet Devices
Protecting personal information privacy has become a controversial issue
among online social network providers and users. Most social network providers
have developed several techniques to decrease threats and risks to the users
privacy. These risks include the misuse of personal information which may lead
to illegal acts such as identity theft. This study aims to measure the
awareness of users on protecting their personal information privacy, as well as
the suitability of the privacy systems which they use to modify privacy
settings. Survey results show high percentage of the use of smart phones for
web services but the current privacy settings for online social networks need
to be improved to support different type of mobile phones screens. Because most
users use their mobile phones for Internet services, privacy settings that are
compatible with mobile phones need to be developed. The method of selecting
privacy settings should also be simplified to provide users with a clear
picture of the data that will be shared with others. Results of this study can
be used to develop a new privacy system which will help users control their
personal information easily from different devices, including mobile Internet
devices and computers
A cooperate-defect model for the spread of deviant behavior in social networks
We present a game-theoretic model for the spread of deviant behavior in
online social networks. We utilize a two-strategy framework wherein each
player's behavior is classified as normal or deviant and evolves according to
the cooperate-defect payoff scheme of the classic prisoner's dilemma game. We
demonstrate convergence of individual behavior over time to a final strategy
vector and indicate counterexamples to this convergence outside the context of
prisoner's dilemma. Theoretical results are validated on a real-world dataset
collected from a popular online forum.Comment: 9 pages, 6 figures, corrects an oversight in Version 1 in which
equilibrium point analysis is insufficiently qualifie
Machine Learning for E-mail Spam Filtering: Review,Techniques and Trends
We present a comprehensive review of the most effective content-based e-mail
spam filtering techniques. We focus primarily on Machine Learning-based spam
filters and their variants, and report on a broad review ranging from surveying
the relevant ideas, efforts, effectiveness, and the current progress. The
initial exposition of the background examines the basics of e-mail spam
filtering, the evolving nature of spam, spammers playing cat-and-mouse with
e-mail service providers (ESPs), and the Machine Learning front in fighting
spam. We conclude by measuring the impact of Machine Learning-based filters and
explore the promising offshoots of latest developments.Comment: Journal. 27 Page
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM) Using Honeypots
The Internet Threat Monitoring (ITM) is an efficient monitoring system used
globally to measure, detect, characterize and track threats such as denial of
service (DoS) and distributed Denial of Service (DDoS) attacks and worms. . To
block the monitoring system in the internet the attackers are targeted the ITM
system. In this paper we address the flooding attack of DDoS against ITM
monitors to exhaust the network resources, such as bandwidth, computing power,
or operating system data structures by sending the malicious traffic. We
propose an information-theoretic frame work that models the flooding attacks
using Botnet on ITM. One possible way to counter DDoS attacks is to trace the
attack sources and punish the perpetrators. we propose a novel traceback method
for DDoS using Honeypots. IP tracing through honeypot is a single packet
tracing method and is more efficient than commonly used packet marking
techniques.Comment: International Journal of Network Security & Its Applications (IJNSA),
Vol.4, No.1, January 2012. arXiv admin note: substantial text overlap with
arXiv:1201.248
Fast Spammer Detection Using Structural Rank
Comments for a product or a news article are rapidly growing and became a
medium of measuring quality products or services. Consequently, spammers have
been emerged in this area to bias them toward their favor. In this paper, we
propose an efficient spammer detection method using structural rank of author
specific term-document matrices. The use of structural rank was found effective
and far faster than similar methods.Comment: 8 pages, 1 figur
- …