IJISA Vol. 7, No. 3, 8 Feb. 2015
Cover page and Table of Contents: PDF (size: 634KB)
Full Text (PDF, 634KB), PP.13-20
Views: 0 Downloads: 0
Fake Profiles, Cloning Attack, Trusted Social Graph (TSG), Friend Pattern, Regular Expressions, and Deterministic Finite Automata (DFA)
Online Social Networks (OSN) are considering one of the most popular internet applications which attract millions of users around the world to build several social relationships. Emerging the Web 2.0 technology allowed OSN users to create, share, or exchange types of contents in a popular fashion. The other hand, OSN are considering one of the most popular platforms for the intruders to spread several types of OSN attacks. Creating fake profiles for launching cloning attacks is one of the most risky attacks which target Users' profiles in Online Social Networks, the attacker seek to impersonate user's identity through duplicating user's online presence in the same or across several social networks, therefore, he can deceive OSN users into forming trusting social relations with his created fake profiles. These malicious profiles aim to harvest sensitive user's information or misuse the reputation of the legitimate profile's owner, as well as it may be used as a spy profiles for other criminal parties. Detecting these fake profiles still represent a major problem from OSN Security and Privacy point of view. In this paper we introduced a theoretical framework which depends on a novel topology of a social graph called Trusted Social Graph (TSG) which used to visualize trusted instances of social communications between OSN users. Another contribution is a proposed detection model that based on TSG topology as well as two techniques; Deterministic Finite Automaton (DFA) and Regular Expression. Our proposed detection model used to recognize the stranger instances of communications and social actions that performed using fake profiles in OSN.
Ali M. Meligy, Hani M. Ibrahim, Mohamed F. Torky, "A Framework for Detecting Cloning Attacks in OSN Based on a Novel Social Graph Topology", International Journal of Intelligent Systems and Applications(IJISA), vol.7, no.3, pp.13-20, 2015. DOI:10.5815/ijisa.2015.03.02
[1]M.Bosma, E.Meij, and W.Weerkamp, " A Framework for Unsupervised Spam Detection in Social Networking Sites" ECIR 2012: 34th European Conference on Information Retrival, PP.364-375.
[2]Y.Altshler, Y.Elovici, A,B.Cremers, N.Aharony,and A.Pentland, "Security and Privacy in Social Networks" Springer NewYork, 2013.
[3]G.Stringhini, C.Kruegel, and G.Vigna, "Detecting Spammers on Social Networks" in proceedings of the 26th Annual Computer Security Applications Conference, ACM 2010,PP. 1-9.
[4]L.Bilge, T.Strufe,D.Balzarotti, and E.Kirda, " All Your Contacts Belong to us: Automated Identity Theft Attacks on Social Networks", in proceedings of the 18th international conference on world wide web. ACM,2009, PP.551-560.
[5]B.Furth," Handbook of Social Network Technologies and Applications", Springer,NewYork,2010.
[6]M. Balduzzi,C. Platzer, T. Holz, E.Kirda, D. Balzorotti, and C. Kruegel. "Abusing Social Networks for Automated User Profiling" Research Report RR-10-233, EURECOM, 2012, http://www.iseclab.org/ papers/ socialabuse-TR.pdf.
[7]D.Irani, M.Balduzzi, D.Balzorotti, E.Kirda, and C.Pu, " Reverse Social Engineering Attacks in Online Social Networks" detection of intrusions and malware and vulnerability assessment, PP.55-74, 2011.
[8]M.Conti, R.Poovendran, and, M.Secchiero, " Fake Book: Detecting Fake Profiles in Online Social Networks" Advanced in Social Network Analysis and Mining (ASONAM), 2012,IEEE/ACM International Conference on Pages, 1071-1078.
[9]M.R.Khoyyambashi, F.S.Rizi, "An Approach for Detecting Profile Cloning in Online Social Networks", e-commerce in developing countries: with focus on e-security (ECD), 2013 7th international conference, and pp.1-12.
[10]G.Kontaxi, I.Polakis,S.Ioannidis, and E.Markatos, " Detecting Social Network Profile Cloning" in previous computing and communications workshops (PERCOM workshops), 2011, IEEE International Conference on IEEE, 2011, PP.295-300.
[11]R.Baden, N.Spring,and B.Bhattachorjee, "Identifying Close Friends on the Internet," in Proc. Of workshop on hot Topics in networks (HotNets-VIII), 2009.R.Baden, N.Spring,and B.Bhattachorjee, "Identifying Close Friends on the Internet," in Proc. Of workshop on hot Topics in networks (HotNets-VIII), 2009.
[12]M.Fire, G.Katz, and Y.Elovici, " Strangers Intrusion Detection_Detecting Spammers and Fake Profiles in Social Networks Based on Topology Anomalies"2012, http:/www.academia.edu/1518357/ strangers_ Intrusion _Detection_Spammers_and _Fake_Profiles_in_ Social_Networks_ Based_ on_Topology_Anomalies.
[13]K.Lee, J.Caverlee, and S.Webb, "Uncovering Social Spammers:Social HoneyPots+ Machine Learning" in Proceeding of the 33rd International ACM SIGIR Conference on Research and Development Information Retrieval, ACM, 2010,PP. 435-442.
[14]L.Jin, H.Takabi, and J.B.D.Joshi, "Towards Active Detection of Iddentity Clone Attacks on Online Social Networks" Proceedings of the first ACM Conference on Data and Application Security and Privacy,NewYork USA,2011,PP.27-38.
[15]A.Singh, A,H.Toderici, k.Ross, and M.Stamp, "Social Networking for Botnet Command and Control",MECS, I.J.Computer Network and Information Security,2013, 6,pp 11-17.
[16]J.Gross, and J.Yellen, "Hand Book of Graph Theory" CRC Press LLC 2004,PP.253-256.