Surveying The Landscape of Threats Facing Users In The Social Web Steve Webb, Ph.D. Emory Guest Lecture April 16, 2009.

Slides:

Advertisements

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Advertisements

 For museums online social media has the potential to be more than traditional marketing  Social media is about creating a community with our visitors.

Privacy: Facebook, Twitter

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.

Let’s Be Friends Social Networking & Trade-marks LET’S BE FRIENDS: PROTECTING YOUR BRANDS ON THE INTERNET LEXPERT By Eric Macramalla, Partner, Gowlings.

All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks Reporter : 鄭志欣 Advisor: Hsing-Kuo Pao Date : 2010/12/06 1.

Social media threats. Warning! May contain mild peril.

ABUSING BROWSER ADDRESS BAR FOR FUN AND PROFIT - AN EMPIRICAL INVESTIGATION OF ADD-ON CROSS SITE SCRIPTING ATTACKS Presenter: Jialong Zhang.

Facebook Security and Privacy Issues Brian Allen Network Security Analyst Washington University December 2, 2010 Alumni House.

Social Media Networking Sites Charlotte Jenkins Designing the Social Web

Privacy in Social Networks CSCE 201. Reading Dwyer, Hiltz, Passerini, Trust and privacy concern within social networking sites: A comparison of Facebook.

Hongyu Gao, Tuo Huang, Jun Hu, Jingnan Wang.  Boyd et al. Social Network Sites: Definition, History, and Scholarship. Journal of Computer-Mediated Communication,

Lecture 16 Secure Social Networking. Overview What is Social Networking? The Good, the Bad and the Ugly How to protect yourself How to protect your children.

Hobbies: Social networking YOU TUBE FACE BOOK MYSPACE.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

BY CURTIS THOMPSON Social Networking and the Business World.

Miscreant of Social Networks Paper1: Social Honeypots, Making Friends With A Spammer Near You Paper2: Social phishing Kai and Isaac.

Web 2.0 Web 2.0 is the term given to describe a second generation of the World Wide Web (WWW) that is focused on the ability for people to collaborate.

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

Social Networking – The Ways and Means Rosey Broderick May 2011.

+ The Future of Social Media By Abigail Boghurst.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Social impacts of the use of it By: Mohamed Abdalla.

資安新聞簡報報告者：劉旭哲、曾家雄. Spam down, but malware up 報告者：劉旭哲.

Social Networking and On-Line Communities: Classification and Research Trends Maria Ioannidou, Eugenia Raptotasiou, Ioannis Anagnostopoulos.

CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.

NA in the digital age Early attempts Bulletin boards/modems/user groups AOL ( , boards, chat) alt. groups (alt.recovery.na, etc.) NArchive (first.

Creating an Online Professional Presence Using Social Media.

SOCIAL NETWORKS AND THEIR IMPACTS ON BRANDS Edwin Dionel Molina Vásquez.

Social Media Attacks By Laura Jung. How the Attacks Start Popularity of these sites with millions of users makes them perfect places for cyber attacks.

JMU GenCyber Boot Camp Summer, Cyberspace Risks and Defenses Facebook Snapchat P2P filesharing Apps Craigslist Scams JMU GenCyber Boot Camp© 2015.

“Social Networking Services: Tribute to Fashion or Vital Necessity?” Tchirkina Victoria.

Social Networking Student # The History Over the past 15 to 20 social networking sites have increased due to popularity. Today over 350 sites.

Network and Systems Security By, Vigya Sharma (2011MCS2564) FaisalAlam(2011MCS2608) DETECTING SPAMMERS ON SOCIAL NETWORKS.

Using Social Networks to Harvest Addresses Reporter: Chia-Yi Lin Advisor: Chun-Ying Huang Mail: 9/14/

 We all know we need to stay safe while using the Internet, but we may not know just how to do that. In the past, Internet safety was mostly about.

You, Me & Technology. Overview Technology –Our relationship with technology Threats –What, Who, When, Where, Why & How Protection –What we can do to protect.

Social impact of using I.T Fahimul Hoque. Local Community Development in IT have lead to changes in the way local communities work. IT has changed the.

IMGuest-BUS 111 Erica Gallagher Brittany Schmoll Tom Witkauskis.

IT security By Tilly Gerlack.

Social Media The term Social Media refers to the use of web- based and mobile technologies to turn communication into an interactive dialogue… It introduces.

電管碩一 R 凌伊亭 Social Media Use In a Mobile Broadband Environment ： Examination of Determinants of Twitter and Facebook Use International Journal of.

 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.

 Two types of malware propagating through social networks, Cross Site Scripting (XSS) and Koobface worm.  How these two types of malware are propagated.

 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.

Web Attacks— Offense… The Whole Story Yuri & The Cheeseheads Mark Glubisz, Jason Kemble, Yuri Serdyuk, Kandyce Giordano.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Cryptography and Network Security (CS435) Part One (Introduction)

Social Media 101 An Overview of Social Media Basics.

A Data-Reachability Model for Elucidating Privacy and Security Risks Related to the Use of Online Social Networks S. Creese, M. Goldsmith, J. Nurse, E.

Toward Worm Detection in Online Social Networks Wei Xu, Fangfang Zhang, and Sencun Zhu ACSAC

Where the Wild Things (And People) Are: Facebook for Beginners.

FaceBook…. Really?? FaceBook…. Really?? Social networking & Facebook Pam Krambeck, ESU#3

November 19, 2008 CSC 682 Use of Virtualization to Thwart Malware Written by: Ryan Lehan Presented by: Ryan Lehan Directed By: Ryan Lehan Produced By:

What is Spam? d min.

Internet security  Definition  Types of internet security  Firewalls  Anti spyware  Buffer overflow attack  Phishing  Summary.

The social impacts of IT: Spending more time on the computer, laptop, phone, tab etc. than going outside. Negative effect on health. Negative effect on.

Cybersecurity Test Review Introduction to Digital Technology.

Sybil Attacks VS Identity Clone Attacks in Online Social Networks Lei Jin, Xuelian Long, Hassan Takabi, James B.D. Joshi School of Information Sciences.

Password Theft By: Markie Jones. Road Map Do’s Do Not’s What can someone do with it? How do they get it? Who’s most at risk? When & Where are consumers.

Technology Tips and Safety for Teens. Social Networks Social Networks are internet applications which are used to facilitate communication between users.

Information Security Awareness

Social Media Attacks.

Cyberspace Risks and Defenses

Your Online Identity 2018 College Night Jamie McConnell

Spear Phishing Awareness

Security in mobile technologies

Presentation transcript:

Surveying The Landscape of Threats Facing Users In The Social Web Steve Webb, Ph.D. Emory Guest Lecture April 16, 2009

Introduction The World Wide Web is evolving into a “social Web” World’s top Web destinations are now dominated by social environments

Introduction (cont.) New and exciting ways to connect with others Wildly popular  200 million active Facebook users  100 million YouTube videos  1.5 million SecondLife residents

Introduction (cont.) And as always... attackers love crashing big parties Threat categories  Traditional Attacks  Socially Enhanced Attacks  Social Web-specific Attacks Let’s take a closer look…

Traditional Attacks Social environment characteristics  Large and very distributed  Numerous communication mechanisms  Relatively naïve user bases That seems like a paradise for attackers…

Malware Propagation Worms  Samy  Mikeyy Spyware  Ad networks  Rogue apps Adware  Zango

Spam Comment spam Bulletin spam Message spam

Phishing Fraudulent login display Grants access to resources outside of the community Compromised accounts used to launch additional attacks

Research Challenges Same problems… new and more challenging environment More information available… but it’s a double-edged sword

Research Challenges How can we adapt existing techniques to these environments? What new approaches are necessary?

Socially Enhanced Attacks Obviously, social environments are vulnerable to traditional attacks But that’s just the beginning…

Socially Enhanced Attacks (cont.) Key barrier for attackers has been private information Generic attacks against the masses

Socially Enhanced Attacks (cont.) What if attackers knew private information about their victims? Oh, wait! Isn’t that what social environments provide?!?!

What’s The Big Deal? Name, Age, Gender, and Location Friends Relationship Status Interests and Favorite Things Education/Employment History Etc., Etc., Etc.

Socially Enhanced Attacks (cont.) ORIGINAL From: Bellusci Thresa Subject: Jessica Alba's hot scene If your powder is damped and gun can't fire: We know the spark you need!

Socially Enhanced Attacks (cont.) SOCIALLY ENHANCED From: Li Xiong Subject: Jessica Alba's hot scene Steve, Check out this link: -Li

Socially Enhanced Attacks (cont.) Scary, right?! Not isolated to spam  Malware propagation and phishing attacks benefit too

Socially Enhanced Attacks (cont.)

SOCIALLY ENHANCED From: Li Xiong Subject: Check out this auction… Steve, I think you might like this Kevin Smith auction… -Li

Research Challenges How can we protect users without killing the fun of these environments? How do you identify a needle in a stack of needles?

Social Web-specific Attacks Phishing revisited  Questionably more dangerous than “old school phishing” Creates a new set of problems…

Social Identity Theft “Bryan NEEDS HELP URGENTLY!!!” Twitter fail

Fake Profiles “Fakesters” Impersonators Thin line between fun and slander

Fake Profiles (cont.) The next generation of spam The next generation of malware propagation

Research Questions How do we collect examples of these new attacks?  Social Honeypots (CEAS 2008) More importantly, how do we protect users…

Purewire Trust Demo

Questions