Automated Social Engineering Attacks in OSNs
description
Transcript of Automated Social Engineering Attacks in OSNs
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)
Networked Systems Laboratory (NetSysLab)
Department of Electrical & Computer Engineering
Automated Social Engineering Automated Social Engineering Attacks in OSNsAttacks in OSNs
Yazan BoshmafYazan BoshmafKonstantin BeznosovKonstantin Beznosov
Matei RipeanuMatei Ripeanu
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
The Not-So-Private Social Web.Or, Web 2.0
2
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Facebook: Sharing
3
Facebook Archives. http//www.facebook.com
Social Attributes Demographics Preferences
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Facebook: Sharing
4
Social Structure Friends Mutual Friends
Facebook Archives. http//www.facebook.com
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Facebook: Public Access
5
Whoops!Whoops!
Sample!Sample!
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Facebook: Privacy Evolution
6
MCKEON, M. The evolution of privacy in Facebook. http://mattmckeon.com.facebook-privacy
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Facebook: Privacy Evolution
7
MCKEON, M. The evolution of privacy in Facebook. http://mattmckeon.com.facebook-privacy
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Facebook: Privacy Evolution
8
MCKEON, M. The evolution of privacy in Facebook. http://mattmckeon.com.facebook-privacy
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Facebook: Privacy Evolution
9
MCKEON, M. The evolution of privacy in Facebook. http://mattmckeon.com.facebook-privacy
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Facebook: Privacy Evolution
10
MCKEON, M. The evolution of privacy in Facebook. http://mattmckeon.com.facebook-privacy
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Facebook: Privacy Evolution
11
MCKEON, M. The evolution of privacy in Facebook. http://mattmckeon.com.facebook-privacy
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
That’s Natural! People Want to Be Visible.
Or Not?
12
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Automated Cross-Site ID Theft
13
Bilge, L., Strufe, T., Balzarotti, D., and Kirda, E. All your contacts are belong to us: automated identity theft attacks on social networks. In WWW ’09
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Automated Cross-Site ID Theft
14
Bilge, L., Strufe, T., Balzarotti, D., and Kirda, E. All your contacts are belong to us: automated identity theft attacks on social networks. In WWW ’09
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Automated Cross-Site ID Theft
15
Bilge, L., Strufe, T., Balzarotti, D., and Kirda, E. All your contacts are belong to us: automated identity theft attacks on social networks. In WWW ’09
From Facebook
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Automated Cross-Site ID Theft
16
Bilge, L., Strufe, T., Balzarotti, D., and Kirda, E. All your contacts are belong to us: automated identity theft attacks on social networks. In WWW ’09
Sample!Sample!
Why did it work?
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Context-Aware Spam
17
Brown, G., Howe, T., Ihbe, M., Prakash, A., and Borders, K. Social networks and context-aware spam. In CSCW 2008
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Social Phishing
18
Jagatic, T. N., Johnson, N. A., Jakobsson, M., and Menczer, F. Social phishing. Communications ACM 2007
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Oh, Adversaries Like OSNs!
19
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Web Applications Attacks
20
Evron, G. New Facebook worm warning: Wanna see somethong hot? http://darkreading.com/blog/archives/2009/11/new_facebook_wo.html
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Can be Turned into a Botnet!
21
Anthanasopolous, E., Makridakias, A., Antonatos, S., Antoniades, D., Ioannidis, S., Anagnostakis, K. G., and Markatos, E. P. Antisocial networks: Turning a social network into a botnet. In ISC ’08
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Koobface Botnet
22
TrendMicro. The real face of koobface. Technical report 2009
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Social Engineering Exploits Relationships and Trust
23
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Research Questions
24
Mwahaha!Mwahaha!
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
How Many Attacker Did You Befriend Today?
25
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
The Attack - Before
26
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
The Attack - Crawling
27
TargetAdversary
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
The Attack - Ranking
28
TargetAdversary
6
2
8
5
1
7 4
3
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
The Attack - Infiltrating
29
TargetAdversary
6
2
8
5
1
7 4
3
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
The Attack - Infiltrating
30
TargetAdversary
6
2
8
5
1
7 4
3
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
The Attack - Infiltrating
31
TargetAdversary
6
2
8
5
1
7 4
3
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
The Attack - Infiltrating
32
TargetAdversary
6
2
8
5
1
7 4
3
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
The Attack - After
33
6
2
8
5
1
7 4
3
TargetAdversary
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
The Attack - After
34
TargetAdversary
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
What Does The Adversary Have?
35
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
A Network of “Trust”
36
TargetAdversary
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Surveillance
37
TargetAdversary
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Global Surveillance
38
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Amplified Social Engineering
39
TargetAdversary
Sarah, the Pool event last week was
awesome!
Sarah, the Pool event last week was
awesome!
Yeah, I posted the picture! Will send you a
link soon.
Yeah, I posted the picture! Will send you a
link soon.
Aha!Aha!
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Mitigation: The Wisdom of Crowd
40
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Towards Social Collaborative Security
41
Hey Kosta, check out this link
http://www.malicous.com
Hey Kosta, check out this link
http://www.malicous.com
Looks malicious!
Looks malicious!
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Towards Social Collaborative Security
42
Social Network Collaboration Network
Hey Kosta, check out this link
http://www.malicous.com
Hey Kosta, check out this link
http://www.malicous.com
Hey all, this link is malicious
http://www.malicous.com
Hey all, this link is malicious
http://www.malicous.com
?Looks
malicious!Looks
malicious!
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
The Big Picture
• Vulnerability: Authenticity of online relationships + public
information• Things to evaluate:
The attack in real-settings (Now, simulation-only). Usability and expressiveness of privacy controls vs.
privacy implications realized by users.• Identified issues:
How can social networking sites, or OSNs, distinguish between fake and real online identities (Social Sybil Nodes)?
• Future work: Social Collaborative Security (threat identification,
opinion mining, reasoning, alert diffusion, etc.)
43
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
lersse.ece.ubc.ca
44
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Backup
45
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
Evaluation (Simulation)
46
Laboratory for Education and Research in Secure Systems Engineering (LERSSE)Networked Systems Laboratory (NetSysLab)
47