Online Social Network: Threats &

Slides:

Advertisements

Similar presentations

HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.

Advertisements

Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.

Social media threats. Warning! May contain mild peril.

Facebook Security and Privacy Issues Brian Allen Network Security Analyst Washington University December 2, 2010 Alumni House.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

1 On Protecting Private Information in Social Networks: A Proposal Bo Luo 1 and Dongwon Lee 2 1 The University of Kansas, 2 The Pennsylvania.

Privacy in Social Networks CSCE 201. Reading Dwyer, Hiltz, Passerini, Trust and privacy concern within social networking sites: A comparison of Facebook.

Hongyu Gao, Tuo Huang, Jun Hu, Jingnan Wang.  Boyd et al. Social Network Sites: Definition, History, and Scholarship. Journal of Computer-Mediated Communication,

Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.

Internet safety By Lydia Snowden.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Social Media Attacks By Laura Jung. How the Attacks Start Popularity of these sites with millions of users makes them perfect places for cyber attacks.

An Insight into the Relationship Between Social Media and the Susceptibility to Malicious Intent Presented by Rebecca Morgan 15/05/2015 >>>>2.

Distributed Phishing Attacks Markus Jakobsson Joint work with Adam Young, LECG.

Network and Systems Security By, Vigya Sharma (2011MCS2564) FaisalAlam(2011MCS2608) DETECTING SPAMMERS ON SOCIAL NETWORKS.

Using Social Networks to Harvest Addresses Reporter: Chia-Yi Lin Advisor: Chun-Ying Huang Mail: 9/14/

BUSINESS B1 Information Security.

INTERNET SAFETY Tips for becoming a “surfer” dude!

IT security By Tilly Gerlack.

Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level June 10 th, 2009Event details (title,

Understanding Cross-site Linking in Online Social Networks Yang Chen 1, Chenfan Zhuang 2, Qiang Cao 1, Pan Hui 3 1 Duke University 2 Tsinghua University.

 Two types of malware propagating through social networks, Cross Site Scripting (XSS) and Koobface worm.  How these two types of malware are propagated.

Web Attacks— Offense… The Whole Story Yuri & The Cheeseheads Mark Glubisz, Jason Kemble, Yuri Serdyuk, Kandyce Giordano.

1 Commonwealth Security Information Resource Center Michael Watson Security Incident Management Director 10/17/2008

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

The way to avoid being trap into cyber crime. What is cyber crime? The Department of Justice categorizes computer crime in three ways: 1. The computer.

How Videos and Social Media Work Together. Social media and videos are two of the most powerful outlets that companies have online for gaining new business.

HOW TO PREVENT IDENTITY THEFT ONLINE TIPS 1.WATCH OUT FOR PHISHING WEBSITES.

Technology Social Media Unit 1. What is Social Media? Social media is the interaction among people in which they create, share or exchange information.

Multiparty Access Control for Online Social Networks : Model and Mechanisms.

An Empirical Study of Visual Security Cues to Prevent the SSLstripping Attack Source: ACSAC 2011 Authors: Dongwan Shin, Rodrigo Lopes Report: Minhao Wu.

Don’t Follow me : Spam Detection in Twitter January 12, 2011 In-seok An SNU Internet Database Lab. Alex Hai Wang The Pensylvania State University International.

TECHDOTCOMP SUPPORT TECHDOTCOMP nd Ave, Seattle, WA 98122, USA Phone:

Technology Tips and Safety for Teens. Social Networks Social Networks are internet applications which are used to facilitate communication between users.

Computer Security Keeping you and your computer safe in the digital world.

KASPERSKY INTERNET SECURITY FOR ANDROID. YOUR MOBILE DEVICES NEED PROTECTION More online communications and transaction are happening on tablets and phones.

Securing Information Systems

BUILD SECURE PRODUCTS AND SERVICES

Threat Modeling for Cloud Computing

Trend Micro Consumer 2010 Easy. Fast. Smart.

Social Media Attacks.

CYBER SECURITY...

Internet Identity, Safety, & Security

Unit 4 IT Security.

ISYM 540 Current Topics in Information System Management

Network security threats

Protecting your mobile devices away from virus by a cloud-based approach Wei Wu.

Shavonne Henry, Nikia Clarke, David Heymann, Brandon Knight

Working to Keep our Children Safe in a World Filled with Technology

Webroot Product Key code for Serial Key Activation

Jon Peppler, Menlo Security Channels

Scams, Identity Theft, and Viruses Kelly & Caitlin

SECURITY MECHANISM & E-COMMERCE

CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION

Home Internet Vulnerabilities

Smart Portal To Protect Child Online

Introduction to Systems Security

Computer Security.

CYBERSAFETY & Personal information

Policies and Procedures to Protect you, your Office and your Data

Internet Safety – Social Media

Privacy and Data Mining

Cybersecurity and Cyberhygiene

Spear Phishing Awareness

Wireless Spoofing Attacks on Mobile Devices

Introduction to Symantec Security Service

Introduction-Cyber Safety

Cybersecurity Simplified: Phishing

Presentation transcript:

Online Social Network: Threats & Solutions GE Liqi CAI Ni LIN Ziyi proudly Presented

figure1.1 Word Cloud of OSNs with More Than 100 Million Active Users. In recent years, global online social network (OSN) usage has increased sharply as these networks have become interwoven into people’s everyday lives as virtual meeting places that facilitate communication.

Outline 1. Threats 2. Solutions 3. Discussions

1 Threats

Threats 1. Classic threats, namely, privacy and security threats that not only jeopardize OSN users but also Internet users not using social networks. 2. Modern threats, that is, threats that are mostly unique to the environment of OSNs and which use the OSN infrastructure to endanger user privacy and security. 3. Combination threats, where we describe how today’s attackers can, and often do, combine various types of attacks in order to create more sophisticated and lethal attacks.

Classical Threats Malware. Malware in social networks uses the OSN structure to propagate itself among users and their friends in the network. Phishing Attacks. Cross-Site Scripting (XSS).

Modern threats are typically unique to OSN environments. De-Anonymization Attacks. Identity Clone Attacks. Socware. Clickjacking.

Clickjacking An example of a clickjacking attack occurred on Twitter in 2009 when Twitter was plagued by a “Don’t Click” attack. The attacker tweeted a link with the message “Don’t Click” along with a masked URL (the actual URL domain was hidden). When Twitter users clicked on the “Don’t Click” message, the message automatically spread virally and was posted onto their Twitter accounts.

2 Solution

1、Social Network Operator Solution 2、Commercial Solution Intro 1、Social Network Operator Solution 2、Commercial Solution 3、Academic Solution

Social Network Operator Solution Authentication Mechanisms to make sure the user is the real person Security and Privacy Settings enable users to protect their personal data Internet Protection Mechanisms additional internal protection mechanisms for defense Report Users users can report abuse or policy violations

Commercial Solution Software manage privacy settings; protect children from harmful content Application eg. warns the user about unsafe links and sites Web Service help parents to control their children in using social network Software Suite include anti-virus, fire-wall, and other Internet protection layers

Academic Solution Improving Privacy Setting Interfaces help user to configure the privacy setting well Phishing Detection base on identify phishing websites and phishing URLs Spammer Detection Cloned Profile Detection Fake Profile Detection Socware Detection Preventing Information and Location Leakage

3 Discussion

Protection Layers First protection layer: Door lock Second protection layer: Security alarm Third protection layer: Security camera Fourth protection layer: Neighborhood watch Fifth protection layer: Policeforce NEXT

First: Door lock Prevent unwelcome intruders Entering and viewing OSN users’ personal posts and details Security and Privacy Settings Privacy Scanner, ZoneAlarm Privacy Scan Improving privacy settings. BACK

Second: Security alarm Prevent malicious users Collecting OSN users’ personal posts and details Different commercial Internet security solutions &Solutions offered by academic researchers Effective in identifying active threats Insufficient for identifying more targeted threats de-anonymization attacks, identity clone attacks, inference attacks. BACK

Third: Security camera Specific to children Protect both young children and teenagers Monitor online activity various monitoring software, eg. Net Nanny & MinorMonitor Help parents protect their children online predators and cyberbullying BACK

Fourth: Neighborhood watch Using wisdom of the crowd pinpoint malicious users Various solutions Report other users to OSN operator Work together to identify & report Fake profiles, clickjacking, internet fraud, socware, and cyberbullying BACK

Fifth: Security alarm Authentication mechanisms Make sure that only real people can login Identifying malicious users Prevent them from logging into & attacking other users Identify potential threats Based on network topology, users’ IP, login times, behavioral patterns BACK

Future Research Create synergy among the different security solutions Apply various algorithms to enhance OSN security Analyze and evaluate the different existing privacy solutions Developing privacy-preserving OSNs Studying the emerging security threats

4 Conclusion

References [1] Academia.edu. http://www.academia.edu/. [Online; accessed 09- January-2014]. [2] A. Acquisti and R. Gross. Imagined communities: Awareness, information sharing, and privacy on the facebook. In Privacy enhancing technologies, pages 36–58. Springer, 2006. [3] A. Acquisti, R. Gross, and F. Stutzman. Faces of facebook: Privacy in the age of augmented reality. BlackHat USA, 2011. [4] A. Aggarwal, J. Almeida, and P. Kumaraguru. Detection of spam tip- ping behaviour on foursquare. In Proceedings of the 22nd international conference on World Wide Web companion, pages 641–648. Interna- tional World Wide Web Conferences Steering Committee, 2013.

Thank you!