Hongyu Gao, Tuo Huang, Jun Hu, Jingnan Wang

slurpslapoutNetworking and Communications

Nov 20, 2013 (3 years and 4 months ago)


Hongyu Gao, Tuo Huang, Jun Hu, Jingnan Wang

Boyd et al. Social Network Sites: Definition, History, and Scholarship.
Journal of Computer
Mediated Communication
(1), article 11. 2007

Rapid growth of social network sites spawns a new area of network security and
privacy issues

To conduct a comprehensive survey of
existing and potential attack behaviors in
social network sites

Identify patterns in such attack behaviors

Review existing solutions, measurement as
well as defense mechanisms

Social Engineering attacks



Social Network vs. Social Network Sites (SNS)

Sybil attack

Social network Account Attack

Hack the social network account using password cracking.

Malware attack

Social Network sites as vectors of malware

SNS as vectors for conventional spamming

Messages, Wallposts, Comments, …

Detection and measurements

Message spam and comment spam are
similar with traditional spam.In my space
there is new form of spam

deceptive profile

This kind of spammer uses sexy photo and
seductive story in about me section to attract

Figure 1: An example of a deceptive spam profile

Social honeypots can be seen as a kind of
active detection of social network spam.

The author constructed 51 honeypot profiles
and associated them with distinct geographic
location in Myspace to collect the deceptive
spam profiles.

For the num of their honeypots is small,so the
dataset they collected is very limited.

This paper is a comprehensive behavior
based detection and it can be cataloged into
passive dectection compared with “Social

The author manually select a test collection
of real YouTube users, classifying them

spammers, promoters, and legitimates. Using
this collection,they provided a
characterization of social and content
attributes that help distinguish each user
class.They used a state
art supervised
classification algorithm to detect spammers
and promoters, and assess its effectiveness in
their test collection.

They considered three attribute sets, namely,
video attributes, user attributes, and social
network (SN) attributes.

They characterize each video by its duration,
numbers of views and of commentaries
received, ratings, number of times the video
was selected as favorite, as well as numbers
of honors and of external links

They select the following 10 user attributes:
number of friends, number of videos
Uploaded, number of videos watched,
number of videos added as favorite, numbers
of video responses posted and received,
numbers of subscriptions and subscribers,
average time between video uploads, and
maximum number of videos uploaded in 24

Social network (SN) attributes: clustering
coefficient, betweenness,reciprocity,
assortativity, and UserRank.

For it is passive detection,it need pre
knowledge and another drawback is that
using supervised learning algorithm may
require large dataset for learning, otherwise
the result will not be accurate.


No specific recipient

Using SNS as free advertisement site

Can completely undermine the service of the website
especially if launched as Sybil attacks

Detection Metrics






A general form of attack to reputation systems

Large amount of fake identities “outvote” honest

Can be used to thwart the intended purpose of certain

Sybil Nodes have small “Quotient Cuts”

Inherent social networks do not

Possible to encircle the Sybil nodes

The most notorious worm in social network is
the koobface. According to Trend Micro, the
attack from koobface as follows:

Step 1: Registering a Facebook account.

Step 2:Confirming an e
mail address in Gmail to
activate the registered account.

Step 3: Joining random Facebook groups.

Step 4: Adding “friends” and posting messages on
their walls.

There are worms and other threats that have
plagued social networking sites. E.g. Grey
Goo targeting at Second Life, JS/SpaceFlash
targeting at MySpace,Kut Wormer targeting
at Orkut, Secret Crush targeting at Facebook,

Until now there are few papers on detecting
these attacks.

Hack the social network account using
password cracking.

In February,2009, the Twitter account of Miley
Cyrus was hijacked too and someone posted some
offensive messages