Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Social Approach to Security: Using Social Networks to Help Detect Malicious Web Content Michael Robertson, Yin Pan, and Bo Yuan Department of Networking,

Published byHelen Roberta Johnston Modified over 8 years ago

Similar presentations

Presentation on theme: "A Social Approach to Security: Using Social Networks to Help Detect Malicious Web Content Michael Robertson, Yin Pan, and Bo Yuan Department of Networking,"— Presentation transcript:

1 A Social Approach to Security: Using Social Networks to Help Detect Malicious Web Content Michael Robertson, Yin Pan, and Bo Yuan Department of Networking, Security, and Systems Administration B. Thomas Golisano College of Computing and Information Sciences Rochester Institute of Technology Rochester, New York 14623 Speaker: 林韋呈 MA2G0101 碩研資工一甲 1

2 Outline  Introduction  The Facebook Application System  The Application Testing  Experiment Results  Conclusions 2

3 Introduction(1/3)  In recent years, the tremendous growth in both the size and popularity of social networking sites, such as MySpace, Twitter and Facebook.  Unfortunately, the proliferation of computer malware, such as viruses and phishing attacks, has also continued to rise in this same span of time 3

4 Introduction(2/3)  One of the most famous examples of this new breed of attacks is the Koobface virus, which has plagued users of both Facebook and MySpace.  the Koobface virus spreads through hyperlinks that appear to come from one of your friends, usually advertising a funny video. 4

5 Introduction(3/3)  In an attempt to combat this problem, static methods, such as blacklists, often have a tremendous success rate when it comes to identifying attacks, hough they are often difficult to maintain due to the short lifespan of malware and phishing sites.  Dynamic detection methods, such as the server’s geographic location, domain name, or offered content. 5

6 The Facebook Application System(1/5) Process Modules 6

7 The Facebook Application System(2/5)  Facebook Heuristics 7

8 The Facebook Application System(3/5)  Traditional Heuristics 8

9 The Facebook Application System(4/5)  Google Safe Browsing Checks the URL hash against the Google Safe Browsing databases (both blacklist and malware). If the URL exits in either the blacklist or malware list, the score for the link will be $BAD SCORE*100, which penalizes the link severely; otherwise, just return $GOOD SCORE 9

10 The Facebook Application System(5/5)  Twitter Heuristics If the full link appears on Twitter, the check function returns $GOOD SCORE*2, else if the domain used in the link appears on Twitter, the function returns $GOOD SCORE; otherwise, the function returns $BAD SCORE. 10

11 The Application Testing  Once the application was built, testing began by volunteers who approved the application for use on their profiles and ran the automatic scan on their News Feeds several times.  During the testing, 377 individuals were reached, only 22 took the time to participate in the study. the application is split into two main functional components: the automated scan and the manual scan. 11

12 Experiment Results 12

13 Experiment Results(1/3) 13

14 Experiment Results(2/3) 14

15 Experiment Results(3/3) 15

16 Conclusions  This research has shown that it is in fact possible to detect malicious web content with the help of heuristics based on social networking data.  This research was able to exceed the 34% success rate for detecting legitimate content achieved by Boykin and Roychowdhury in their study.  Bring its effectiveness to a point that is reliable enough for use in real-world environments. 16

17 Q&A 17

18 感謝聆聽 18

Download ppt "A Social Approach to Security: Using Social Networks to Help Detect Malicious Web Content Michael Robertson, Yin Pan, and Bo Yuan Department of Networking,"

Similar presentations

Reporter: Jing Chiu Advisor: Yuh-Jye Lee 2015/7/181Data Mining & Machine Learning Lab.

Reporter: Jing Chiu Advisor: Yuh-Jye Lee /7/181Data Mining & Machine Learning Lab.
Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.

Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.
Understanding and Detecting Malicious Web Advertising

Understanding and Detecting Malicious Web Advertising
Day 4-1-1 anti-virus 3-3-1.anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW 2007 2008.09.09 Yue Zhang, Jason Hong, and Lorrie Cranor.

1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW Yue Zhang, Jason Hong, and Lorrie Cranor.
Facebook Security and Privacy Issues Brian Allen Network Security Analyst Washington University December 2, 2010 Alumni House.

Facebook Security and Privacy Issues Brian Allen Network Security Analyst Washington University December 2, 2010 Alumni House.
Social Media Networking Sites Charlotte Jenkins Designing the Social Web 06-10-2011.

Social Media Networking Sites Charlotte Jenkins Designing the Social Web
Social Media What it means for Ohio State. Social Media So you’ve got Facebook, Twitter, YouTube, Four Square, and Google + What is next Make it effective,

Social Media What it means for Ohio State. Social Media So you’ve got Facebook, Twitter, YouTube, Four Square, and Google + What is next Make it effective,
Building Robust and Automatic Authentication Systems with Activity- Based Personal Questions Mentor: Danfeng Yao Anitra Babic Chestnut Hill College Computer.

Building Robust and Automatic Authentication Systems with Activity- Based Personal Questions Mentor: Danfeng Yao Anitra Babic Chestnut Hill College Computer.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Free Online Resources: Build Your Youth Program 2008 National Convention.

Free Online Resources: Build Your Youth Program 2008 National Convention.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Examining the Effectiveness and Techniques of the Anti-Phishing Technology in Leading Web Browsers and Security Toolbars. Wesley W. Owen

Examining the Effectiveness and Techniques of the Anti-Phishing Technology in Leading Web Browsers and Security Toolbars. Wesley W. Owen
11 The Ghost In The Browser Analysis of Web-based Malware Reporter: 林佳宜 Advisor: Chun-Ying Huang 2010/3/29.

11 The Ghost In The Browser Analysis of Web-based Malware Reporter: 林佳宜 Advisor: Chun-Ying Huang /3/29.
2010.11.22 資安新聞簡報 報告者:劉旭哲、曾家雄. Spam down, but malware up 報告者:劉旭哲.

資安新聞簡報 報告者:劉旭哲、曾家雄. Spam down, but malware up 報告者:劉旭哲.
GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore.

GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore.
Social Media Attacks By Laura Jung. How the Attacks Start Popularity of these sites with millions of users makes them perfect places for cyber attacks.

Social Media Attacks By Laura Jung. How the Attacks Start Popularity of these sites with millions of users makes them perfect places for cyber attacks.
Authors: Gianluca Stringhini Christopher Kruegel Giovanni Vigna University of California, Santa Barbara Presenter: Justin Rhodes.

Authors: Gianluca Stringhini Christopher Kruegel Giovanni Vigna University of California, Santa Barbara Presenter: Justin Rhodes.
Hacker Zombie Computer Reflectors Target.

Hacker Zombie Computer Reflectors Target.
Using Windows Firewall and Windows Defender

Using Windows Firewall and Windows Defender

Similar presentations

Ads by Google