Upload
mecheko-sha
View
112
Download
0
Embed Size (px)
DESCRIPTION
ICCOINS 2014 slide presentation
Citation preview
A Survey on Deceptions in Online Social
Networks (OSNs)Shafiza Mohd Shariff
MIIT,Universiti Kuala Lumpur
Presentation Outline
• Introduction• Categorisation of Deceptions in OSNs• Prevention and Detection Solution• Trust Evaluation for Protection of
Deceptions• Conclusions• Q&A
Introduction
Categorisation of Deceptions in OSNs
• Harvesting Information– Techniques:• Phishing
Email harvesting Send out email with a fake URL link.
• Account hijacking Hijack an existing user account through the OSN’s session
cookies hijacking. Attacker impersonate the victim and retrieve the required
information from the victim’s friends.
Categorisation of Deceptions in OSNs
• Identity Cloning Attacks (ICA)Queen Elsa
Princess AnnaOlaf
Kristoff Prince Hans
Cinderella Rapunzel
Princess Charming
Elsa2014
Categorisation of Deceptions in OSNs
• Boosting Reputation in the OSNs– Sybil Attack• Attacker creates multiple fake profiles called Sybil
nodes.• These Sybil nodes will ’like’ the attacker’s
post/link/comment or give ratings.• This act unfairly increases the attacker’s rating,
gaining them the reputation and power to influence and deceive other users in the same site.
Categorisation of Deceptions in OSNs
• Spam– Sharing wall post, and spread itself to friend’s
wall post containing links or advertisements, attracting OSN users to click them.
• Gaining numbers (esp. Twitter)– To gain trust and support from the other users
and the public by deceiving them on the number of followers.
Categorisation of Deceptions in OSNs
• Diffusion of Misinformation
Prevention and Detection Solution
Deception Threat Protection Solution
Identity Cloning Attack (ICA)
User profile and friends’ link network similarity detection- Similar identities are filtered using profile similarities,friend list network and other attributes. If the similarities exceed the set minimum value, the identities are considered as suspicious and will be validated.
Spam Social message similarity detection- Spammers’ message contents are similar towards their friend lists or on their wall as they are advertisements andcontaining URL links to certain websites.
Software application- Barracuda Labs developed Barracuda Profile Protector and a prototype by the researchers at University of California analyses content posted by OSNs users. It will detect, block or remove malicious or suspicious content.
Prevention and Detection Solution
Deception Threat Protection Solution
Sybil attack SybilGuard- A technique that examines the entire social network to cluster the Sybil nodes together base on the relationship edge, limiting the attack edges by the Sybil nodes.
Diffusion ofmisinformation
Social and engagement interactions- Having high number of social interaction increases the trust level between users. It will computes more reasonable trust values that satisfy the source constraintsconsidering the impact of social aspects and the property of trust.
Trust Evaluation for Protection of Deceptions
• User trust propagation evaluation– OSN users that receive a request from new OSN
user cannot determine the requestor’s identity as the could be forged by the attacker based from the original user.
– Propose:• Doing cross social network profile from an external
and the internal source could help in evaluating the user’s trust level and propagate trust to the other users.
Trust Evaluation for Protection of Deceptions
• Information credibility evaluation– Users have to assess the credibility of information sources
by themselves.– Current solution:
• The CredRank algorithm calculates users’ credibility by computing the user’s message posts similarity and their behaviour similarity in order to cluster them together
– Information shared by credible user really came from them and not an impostor / the information is credible.
– Propose:• To avoid misinformation diffused by a credible user, each post
should be reviewed externally and ranked through the reply comments from the followers.
Conclusions
• Trust relationship in OSNs can be easily deceived.
• However, trust mechanism can also be an effective mean to prevent deceptions.
• OSN user trust and information credibility evaluations are promising approaches to prevent deception in OSNs.
Q &
A