Survey on deception in osn

A Survey on Deceptions in Online Social

Networks (OSNs)Shafiza Mohd Shariff

MIIT,Universiti Kuala Lumpur

Presentation Outline

• Introduction• Categorisation of Deceptions in OSNs• Prevention and Detection Solution• Trust Evaluation for Protection of

Deceptions• Conclusions• Q&A

Introduction

Categorisation of Deceptions in OSNs

• Harvesting Information– Techniques:• Phishing

Email harvesting Send out email with a fake URL link.

• Account hijacking Hijack an existing user account through the OSN’s session

cookies hijacking. Attacker impersonate the victim and retrieve the required

information from the victim’s friends.


• Identity Cloning Attacks (ICA)Queen Elsa

Princess AnnaOlaf

Kristoff Prince Hans

Cinderella Rapunzel

Princess Charming

Elsa2014


• Boosting Reputation in the OSNs– Sybil Attack• Attacker creates multiple fake profiles called Sybil

nodes.• These Sybil nodes will ’like’ the attacker’s

post/link/comment or give ratings.• This act unfairly increases the attacker’s rating,

gaining them the reputation and power to influence and deceive other users in the same site.


• Spam– Sharing wall post, and spread itself to friend’s

wall post containing links or advertisements, attracting OSN users to click them.

• Gaining numbers (esp. Twitter)– To gain trust and support from the other users

and the public by deceiving them on the number of followers.


• Diffusion of Misinformation

Prevention and Detection Solution

Deception Threat Protection Solution

Identity Cloning Attack (ICA)

User profile and friends’ link network similarity detection- Similar identities are filtered using profile similarities,friend list network and other attributes. If the similarities exceed the set minimum value, the identities are considered as suspicious and will be validated.

Spam Social message similarity detection- Spammers’ message contents are similar towards their friend lists or on their wall as they are advertisements andcontaining URL links to certain websites.

Software application- Barracuda Labs developed Barracuda Profile Protector and a prototype by the researchers at University of California analyses content posted by OSNs users. It will detect, block or remove malicious or suspicious content.

Prevention and Detection Solution

Deception Threat Protection Solution

Sybil attack SybilGuard- A technique that examines the entire social network to cluster the Sybil nodes together base on the relationship edge, limiting the attack edges by the Sybil nodes.

Diffusion ofmisinformation

Social and engagement interactions- Having high number of social interaction increases the trust level between users. It will computes more reasonable trust values that satisfy the source constraintsconsidering the impact of social aspects and the property of trust.

Trust Evaluation for Protection of Deceptions

• User trust propagation evaluation– OSN users that receive a request from new OSN

user cannot determine the requestor’s identity as the could be forged by the attacker based from the original user.

– Propose:• Doing cross social network profile from an external

and the internal source could help in evaluating the user’s trust level and propagate trust to the other users.

Trust Evaluation for Protection of Deceptions

• Information credibility evaluation– Users have to assess the credibility of information sources

by themselves.– Current solution:

• The CredRank algorithm calculates users’ credibility by computing the user’s message posts similarity and their behaviour similarity in order to cluster them together

– Information shared by credible user really came from them and not an impostor / the information is credible.

– Propose:• To avoid misinformation diffused by a credible user, each post

should be reviewed externally and ranked through the reply comments from the followers.

Conclusions

• Trust relationship in OSNs can be easily deceived.

• However, trust mechanism can also be an effective mean to prevent deceptions.

• OSN user trust and information credibility evaluations are promising approaches to prevent deception in OSNs.

Q &

A

Education

Survey on deception in osn