Presentation is loading. Please wait.

Presentation is loading. Please wait.

Surveying The Landscape of Threats Facing Users In The Social Web Steve Webb, Ph.D. Emory Guest Lecture April 16, 2009.

Published byEsther Singleton Modified over 8 years ago

Similar presentations

Presentation on theme: "Surveying The Landscape of Threats Facing Users In The Social Web Steve Webb, Ph.D. Emory Guest Lecture April 16, 2009."— Presentation transcript:

1 Surveying The Landscape of Threats Facing Users In The Social Web Steve Webb, Ph.D. Emory Guest Lecture April 16, 2009

2 Introduction The World Wide Web is evolving into a “social Web” World’s top Web destinations are now dominated by social environments

3 Introduction (cont.) New and exciting ways to connect with others Wildly popular  200 million active Facebook users  100 million YouTube videos  1.5 million SecondLife residents

4 Introduction (cont.) And as always... attackers love crashing big parties Threat categories  Traditional Attacks  Socially Enhanced Attacks  Social Web-specific Attacks Let’s take a closer look…

5 Traditional Attacks Social environment characteristics  Large and very distributed  Numerous communication mechanisms  Relatively naïve user bases That seems like a paradise for attackers…

6 Malware Propagation Worms  Samy  Mikeyy Spyware  Ad networks  Rogue apps Adware  Zango

7 Spam Comment spam Bulletin spam Message spam

8 Phishing Fraudulent login display Grants access to resources outside of the community Compromised accounts used to launch additional attacks

9 Research Challenges Same problems… new and more challenging environment More information available… but it’s a double-edged sword

10 Research Challenges How can we adapt existing techniques to these environments? What new approaches are necessary?

11 Socially Enhanced Attacks Obviously, social environments are vulnerable to traditional attacks But that’s just the beginning…

12 Socially Enhanced Attacks (cont.) Key barrier for attackers has been private information Generic attacks against the masses

13 Socially Enhanced Attacks (cont.) What if attackers knew private information about their victims? Oh, wait! Isn’t that what social environments provide?!?!

14

15 What’s The Big Deal? Name, Age, Gender, and Location Friends Relationship Status Interests and Favorite Things Education/Employment History Etc., Etc., Etc.

16 Socially Enhanced Attacks (cont.) ORIGINAL From: Bellusci Thresa Subject: Jessica Alba's hot scene If your powder is damped and gun can't fire: We know the spark you need! http://yqazqvot.com/http://yqazqvot.com/

17 Socially Enhanced Attacks (cont.) SOCIALLY ENHANCED From: Li Xiong Subject: Jessica Alba's hot scene Steve, Check out this link: http://yqazqvot.com/http://yqazqvot.com/ -Li

18 Socially Enhanced Attacks (cont.) Scary, right?! Not isolated to spam  Malware propagation and phishing attacks benefit too

19 Socially Enhanced Attacks (cont.)

20 SOCIALLY ENHANCED From: Li Xiong Subject: Check out this auction… Steve, I think you might like this Kevin Smith auction… http://url.com/http://url.com/ -Li

21 Research Challenges How can we protect users without killing the fun of these environments? How do you identify a needle in a stack of needles?

22 Social Web-specific Attacks Phishing revisited  Questionably more dangerous than “old school phishing” Creates a new set of problems…

23 Social Identity Theft “Bryan NEEDS HELP URGENTLY!!!” Twitter fail

24 Fake Profiles “Fakesters” Impersonators Thin line between fun and slander

25 Fake Profiles (cont.) The next generation of spam The next generation of malware propagation

26 Research Questions How do we collect examples of these new attacks?  Social Honeypots (CEAS 2008) More importantly, how do we protect users…

27 Purewire Trust Demo http://www.purewiretrust.org

28 Questions

Download ppt "Surveying The Landscape of Threats Facing Users In The Social Web Steve Webb, Ph.D. Emory Guest Lecture April 16, 2009."

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
 For museums online social media has the potential to be more than traditional marketing  Social media is about creating a community with our visitors.

 For museums online social media has the potential to be more than traditional marketing  Social media is about creating a community with our visitors.
Privacy: Facebook, Twitter

Privacy: Facebook, Twitter
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.

Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.
Let’s Be Friends Social Networking & Trade-marks LET’S BE FRIENDS: PROTECTING YOUR BRANDS ON THE INTERNET LEXPERT By Eric Macramalla, Partner, Gowlings.

Let’s Be Friends Social Networking & Trade-marks LET’S BE FRIENDS: PROTECTING YOUR BRANDS ON THE INTERNET LEXPERT By Eric Macramalla, Partner, Gowlings.
All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks Reporter : 鄭志欣 Advisor: Hsing-Kuo Pao Date : 2010/12/06 1.

All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks Reporter : 鄭志欣 Advisor: Hsing-Kuo Pao Date : 2010/12/06 1.
Social media threats. Warning! May contain mild peril.

Social media threats. Warning! May contain mild peril.
ABUSING BROWSER ADDRESS BAR FOR FUN AND PROFIT - AN EMPIRICAL INVESTIGATION OF ADD-ON CROSS SITE SCRIPTING ATTACKS Presenter: Jialong Zhang.

ABUSING BROWSER ADDRESS BAR FOR FUN AND PROFIT - AN EMPIRICAL INVESTIGATION OF ADD-ON CROSS SITE SCRIPTING ATTACKS Presenter: Jialong Zhang.
Facebook Security and Privacy Issues Brian Allen Network Security Analyst Washington University December 2, 2010 Alumni House.

Facebook Security and Privacy Issues Brian Allen Network Security Analyst Washington University December 2, 2010 Alumni House.
Social Media Networking Sites Charlotte Jenkins Designing the Social Web 06-10-2011.

Social Media Networking Sites Charlotte Jenkins Designing the Social Web
Privacy in Social Networks CSCE 201. Reading Dwyer, Hiltz, Passerini, Trust and privacy concern within social networking sites: A comparison of Facebook.

Privacy in Social Networks CSCE 201. Reading Dwyer, Hiltz, Passerini, Trust and privacy concern within social networking sites: A comparison of Facebook.
Hongyu Gao, Tuo Huang, Jun Hu, Jingnan Wang.  Boyd et al. Social Network Sites: Definition, History, and Scholarship. Journal of Computer-Mediated Communication,

Hongyu Gao, Tuo Huang, Jun Hu, Jingnan Wang.  Boyd et al. Social Network Sites: Definition, History, and Scholarship. Journal of Computer-Mediated Communication,
Lecture 16 Secure Social Networking. Overview What is Social Networking? The Good, the Bad and the Ugly How to protect yourself How to protect your children.

Lecture 16 Secure Social Networking. Overview What is Social Networking? The Good, the Bad and the Ugly How to protect yourself How to protect your children.
Hobbies: Social networking YOU TUBE FACE BOOK MYSPACE.

Hobbies: Social networking YOU TUBE FACE BOOK MYSPACE.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
BY CURTIS THOMPSON Social Networking and the Business World.

BY CURTIS THOMPSON Social Networking and the Business World.
Miscreant of Social Networks Paper1: Social Honeypots, Making Friends With A Spammer Near You Paper2: Social phishing Kai and Isaac.

Miscreant of Social Networks Paper1: Social Honeypots, Making Friends With A Spammer Near You Paper2: Social phishing Kai and Isaac.
Web 2.0 Web 2.0 is the term given to describe a second generation of the World Wide Web (WWW) that is focused on the ability for people to collaborate.

Web 2.0 Web 2.0 is the term given to describe a second generation of the World Wide Web (WWW) that is focused on the ability for people to collaborate.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Similar presentations

Ads by Google