Understanding the behavior of malicious applications in social networks
- 20 September 2010
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Network
- Vol. 24 (5), 14-19
- https://doi.org/10.1109/mnet.2010.5578913
Abstract
The World Wide Web has evolved from a collection of static HTML pages to an assortment of Web 2.0 applications. Online social networking in particular is becoming more popular by the day since the establishment of SixDegrees in 1997. Millions of people use social networking web sites daily, such as Facebook, My-Space, Orkut, and LinkedIn. A side-effect of this growth is that possible exploits can turn OSNs into platforms for malicious and illegal activities, like DDoS attacks, privacy violations, disk compromise, and malware propagation. In this article we show that social networking web sites have the ideal properties to become attack platforms. We introduce a new term, antisocial networks, that refers to distributed systems based on social networking web sites which can be exploited to carry out network attacks. An adversary can take control of a visitor's session by remotely manipulating their browsers through legitimate web control functionality such as image-loading HTML tags, JavaScript instructions, and Java applets.Keywords
This publication has 14 references indexed in Scilit:
- Getting political on social network sites: Exploring online political discourse on FacebookFirst Monday, 2009
- Prying Data out of a Social NetworkPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- All your contacts are belong to usPublished by Association for Computing Machinery (ACM) ,2009
- Eight friends are enoughPublished by Association for Computing Machinery (ACM) ,2009
- The (Potential) Benefits of Campaigning via Social Network SitesJournal of Computer-Mediated Communication, 2009
- Social networks and context-aware spamPublished by Association for Computing Machinery (ACM) ,2008
- Social phishingCommunications of the ACM, 2007
- PuppetnetsPublished by Association for Computing Machinery (ACM) ,2006
- Why phishing worksPublished by Association for Computing Machinery (ACM) ,2006
- Information revelation and privacy in online social networksPublished by Association for Computing Machinery (ACM) ,2005