View
225
Download
0
Category
Preview:
DESCRIPTION
Abstract OSN Vulnerabilities Socialbot Network The Attack Findings FIS effectiveness
Citation preview
Authors:Yazan Boshmaf, Lldar Muslukhov, Konstantin Beznosov, Matei Ripeanu
University of British ColumbiaAnnual Computer Security Applications Conference (ACSAC) 2011
Presented By:Gavin Grant
http://en.wikipedia.org/wiki/CAPTCHA
http://developers.facebook.com/docs/reference/api/
AbstractOSN VulnerabilitiesSocialbot NetworkThe AttackFindingsFIS effectiveness
Social Networks have millions of users
Illustrate that Online Social Networks (OSN) are vulnerable to infiltrations by socialbotsIn particular Facebook80% success rate
Socialbots – computer programs that control OSN accounts and mimic real users
Ineffective CAPTCHAsHiring cheap labor ($1 per 1,000 broken)Reusing session IDs of known CAPTCHAs
Fake User Accounts and ProfilesEmail and profile
Crawlable Social GraphsTraversing linked profiles
Exploitable Platforms and APIsUse APIs to automate the execution of
activities
Set of socialbots owned and maintained by human controller called the botherder
Made up of socialbots, botmaster, and command and control channel
Socialbot controls a profileData collected called botcargoCapable of executing commands
Botmaster is software botherder uses to send commands through C & C channel
C & C facilitates transfer of botcargo and commands
Read, write, connect, disconnect
Set of commands used to mimic a real userNative commands
Master commands
Botworker builds and maintains profilesBotupdater pushes new software updatesC & C engine maintains a repository of
master commandsMaster commands needed
ClusterRand_connect(k)DeclusterCrawl_extneighborhoodMutual_connectHarvest-data
Communication model
Works with socialbot-OSN ChannelOnly OSN-specific API calls and HTTP traffic
Helps in non detection
Socialbot has to hide its real identity
Botmaster should be able to perform large-scale infiltration
C & C channel traffic has to look benign
Facebook Immune System (FIS)8 week processExploited Facebook’s Graph API to carry out social-interaction operationsUsed HTTP request to send friendship requestIheartquotes.com, decaptcher.com, hotornot.com, mail.ru
102 socialbots created and 1 botmasterUsers were created manually49 males53 females5053 valid profile IDs25 request per day per socialbotHarvested data
First 2 weeks2 days t send 5043 request (2,391 male , 2.662
female)976 accepted (381 M, 595 F)
Next 6 weeks3,517 more users added2,079 infiltrated successfully Generated 250 GB inbound and 3 GB outbound
trafficAcceptance rate increase to 80% as mutual
friends increased
News feedsProfile infoWall messages3,055 direct neighborhoods1,085,785 extended neighborhoods
Real time learning system used to protect its users
Only 20 bots were flagged by system
Doesn’t consider fake accounts a real threat
OSN vulnerability to a large-scale socialbot network infiltration
Defense social networks have against social bots that mimic human behavior
Prayed on common user behavior
Only Facebook was attacked
Didn’t provide any prevention techniques
Try on other social networking sites
Not create socialbots manually
Recommended