Authors: Yazan Boshmaf, Lldar Muslukhov, Konstantin Beznosov, Matei Ripeanu University of British Columbia Annual Computer Security Applications Conference.

Slides:

Advertisements

Similar presentations

Social Channels Cat Lee Program Manager, Developer Relations facebook.com/cat Driving traffic to your app.

Advertisements

SOCELLBOT: A New Botnet Design to Infect Smartphones via Online Social Networking th IEEE Canadian Conference on Electrical and Computer Engineering(CCECE)

All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks Reporter : 鄭志欣 Advisor: Hsing-Kuo Pao Date : 2010/12/06 1.

1 MIS 2000 Class 22 System Security Update: Winter 2015.

Laboratory for Education and Research in Secure Systems Engineering (LERSSE) Networked Systems Laboratory (NetSysLab) Department of Electrical & Computer.

Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

Social Media Networking Sites Charlotte Jenkins Designing the Social Web

Intrusion Detection Systems and Practices

Asynchronous Communication via Facebook By: Justine Ide.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

Miscreant of Social Networks Paper1: Social Honeypots, Making Friends With A Spammer Near You Paper2: Social phishing Kai and Isaac.

INTERNET DATABASE. Internet and E-commerce Internet – a worldwide collection of interconnected computer network Internet – a worldwide collection of interconnected.

Making friends on Facebook Isaac, Rahul, Alex and Kai.

User Interactions in OSNs Evangelia Skiani. Do you have a Facebook account? Why? How likely to know ALL your friends? Why confirm requests? Why not remove.

Botnets Abhishek Debchoudhury Jason Holmes. What is a botnet? A network of computers running software that runs autonomously. In a security context we.

DISTRIBUTED PROCESS IMPLEMENTAION BHAVIN KANSARA.

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Zifei Shan, Haowen Cao, Jason Lv, Cong Yan, Annie Liu Peking University, China 1.

BEGIN. 1. When was the Facebook found? A. February 14,2004. February 14,2004 B. February 04, 2004 C. February 05, 2004 Show Score.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Botnets An Introduction Into the World of Botnets Tyler Hudak

資安新聞簡報報告者：劉旭哲、曾家雄. Spam down, but malware up 報告者：劉旭哲.

Detecting Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, Giovanni Vigna (University of California) Annual Computer Security Applications.

LexisNexis – On-Line ID Proofing for Lenders Lender employees must have Level 2 eAuthentication accounts to access various Guaranteed Loan System web pages.

Phishing Rising to the challenge Amy Marasco Microsoft.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

Social Media Attacks By Laura Jung. How the Attacks Start Popularity of these sites with millions of users makes them perfect places for cyber attacks.

Authors: Gianluca Stringhini Christopher Kruegel Giovanni Vigna University of California, Santa Barbara Presenter: Justin Rhodes.

Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.

Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.

Bots Used to Facilitate Spam Matt Ziemniak. Discuss Snort lab improvements Spam as a vehicle behind cyber threats Bots and botnets What can be done.

Vulnerabilities in peer to peer communications Web Security Sravan Kunnuri.

A Proxy-based Real-time Protection Mechanism for Social Networking Sites Presented by Omar Alzahrani A Proxy-based Real-Time Protection Omar Alzahrani.

Mark Phillip markphillip.com The New Facebook: More than just a redesign.

 Two types of malware propagating through social networks, Cross Site Scripting (XSS) and Koobface worm.  How these two types of malware are propagated.

A Multifaceted Approach to Understanding the Botnet Phenomenon Authors : Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, Andreas Terzis Computer Science.

BOTNETS Presented By : Ramesh kumar Ramesh kumar 08EBKIT049 08EBKIT049 A BIGGEST THREAT TO INERNET.

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,

1 Intrusion Detection Methods “Intrusion detection is the process of identifying and responding to malicious activity targeted at computing and networking.

By Gianluca Stringhini, Christopher Kruegel and Giovanni Vigna Presented By Awrad Mohammed Ali 1.

POP-SNAQ: Privacy-preserving Open Platform for Social Network Application Queries Brian Thompson Huijun Xiong.

Lecture 24 Wireless Network Security

Chien-Chung Shen Bot and Botnet Chien-Chung Shen

Ethical Issues in Computer Science CSCI 328, Fall 2013 Session 8 Ethics in IT Societies II.

Malicious Software.

Socialbots and its implication On ONLINE SOCIAL Networks Md Abdul Alim, Xiang Li and Tianyi Pan Group 18.

FriendFinder Location-aware social networking on mobile phones.

FriendFinder Location-aware social networking on mobile phones.

Facebook for Beginners One Session Class. What will you learn today? What can you do on Facebook? Creating a profile Privacy Connecting with friends Sending.

Computer Security By Duncan Hall.

Speaker:Chiang Hong-Ren An Investigation and Implementation of Botnet Detection Schemes.

Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.

CPT 123 Internet Skills Class Notes Internet Security Session B.

Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August

Sybil Attacks VS Identity Clone Attacks in Online Social Networks Lei Jin, Xuelian Long, Hassan Takabi, James B.D. Joshi School of Information Sciences.

Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.

Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.

Methods of Tracking Position i Pod Touch – Wi-Fi used to find location by detecting known hotspots. iPhone – Cellular triangulation uses the mobile communication.

AN INTRODUCTION TO FACEBOOK. Learning Objectives A brief introduction to the social networking site Facebook. Instructions to create an account. How to.

Database and Cloud Security

To Join the Teleconference

Dieudo Mulamba November 2017

Home Internet Vulnerabilities

What is Phishing? Pronounced “Fishing”

When Machine Learning Meets Security – Secure ML or Use ML to Secure sth.? ECE 693.

Presentation transcript:

Authors: Yazan Boshmaf, Lldar Muslukhov, Konstantin Beznosov, Matei Ripeanu University of British Columbia Annual Computer Security Applications Conference (ACSAC) 2011 Presented By: Gavin Grant

Abstract OSN Vulnerabilities Socialbot Network The Attack Findings FIS effectiveness

Social Networks have millions of users Illustrate that Online Social Networks (OSN) are vulnerable to infiltrations by socialbots In particular Facebook 80% success rate Socialbots – computer programs that control OSN accounts and mimic real users

Ineffective CAPTCHAs Hiring cheap labor ($1 per 1,000 broken) Reusing session IDs of known CAPTCHAs Fake User Accounts and Profiles and profile Crawlable Social Graphs Traversing linked profiles Exploitable Platforms and APIs Use APIs to automate the execution of activities

Set of socialbots owned and maintained by human controller called the botherder Made up of socialbots, botmaster, and command and control channel Socialbot controls a profile Data collected called botcargo Capable of executing commands Botmaster is software botherder uses to send commands through C & C channel C & C facilitates transfer of botcargo and commands

Read, write, connect, disconnect Set of commands used to mimic a real user Native commands Master commands

Botworker builds and maintains profiles Botupdater pushes new software updates C & C engine maintains a repository of master commands Master commands needed Cluster Rand_connect(k) Decluster Crawl_extneighborhood Mutual_connect Harvest-data

Communication model Works with socialbot-OSN Channel Only OSN-specific API calls and HTTP traffic Helps in non detection

Socialbot has to hide its real identity Botmaster should be able to perform large-scale infiltration C & C channel traffic has to look benign

Facebook Immune System (FIS) 8 week process Exploited Facebook’s Graph API to carry out social- interaction operations Used HTTP request to send friendship request Iheartquotes.com, decaptcher.com, hotornot.com, mail.ru

102 socialbots created and 1 botmaster Users were created manually 49 males 53 females 5053 valid profile IDs 25 request per day per socialbot Harvested data

First 2 weeks 2 days t send 5043 request (2,391 male, female) 976 accepted (381 M, 595 F) Next 6 weeks 3,517 more users added 2,079 infiltrated successfully Generated 250 GB inbound and 3 GB outbound traffic Acceptance rate increase to 80% as mutual friends increased

News feeds Profile info Wall messages 3,055 direct neighborhoods 1,085,785 extended neighborhoods

Real time learning system used to protect its users Only 20 bots were flagged by system Doesn’t consider fake accounts a real threat

OSN vulnerability to a large-scale socialbot network infiltration Defense social networks have against social bots that mimic human behavior Prayed on common user behavior

Only Facebook was attacked Didn’t provide any prevention techniques

Try on other social networking sites Not create socialbots manually