Security Aspects of Social Networks at Campus Party 2010
-
Upload
anchises-moraes -
Category
Technology
-
view
1.072 -
download
1
description
Transcript of Security Aspects of Social Networks at Campus Party 2010
![Page 1: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/1.jpg)
Security Aspects of Social Networks
Anchises M. G. De PaulaSecurity Intelligence Analyst
iDefense, VeriSignFebruary 25, 2010
![Page 2: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/2.jpg)
Agenda
� Motivation� History� Future of Social
Networking� Current Problems� Security aspects of
Social Networking
Source: XKCD - http://xkcd.com
![Page 3: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/3.jpg)
Why Social Networks?
� Global and cultural phenomenon
� Facebook: 400 million users� 3th largest “country” in
the world
� New attack vector for phishers, fraudsters and sexual predators
0
200
400
600
800
1000
1200
1400
1600
China
India
Faceb
ook
USA
Indone
sia
Brazil
Source: Facebook, CIA
Country Population (in millions)
![Page 4: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/4.jpg)
Why Social Networks?
� New organization: “egocentric” approach
� Digital Identities� Profiles� Fakesters
Source: Google
![Page 5: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/5.jpg)
Why Security?
“It’s the great irony of the Information
Age that the very technologies that empower us to
create and to build also empower
those who would disrupt and
destroy”
(Barack Obama)
Source: Whitehouse
![Page 6: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/6.jpg)
History
![Page 7: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/7.jpg)
Demographics
� Dominant social network vary greatly between different geographic regions
� Majority of the online connections between real-life friends
Source: oxyweb
![Page 8: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/8.jpg)
Future of Social Networking
� Virtual Currency
� Mobile Social Networking
� Sensor Networks
� Social TV Source: Wired
![Page 9: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/9.jpg)
Current Problems
� Decentralization and Interoperability
� Managing Social Identities
� Trust and Reputation Management
![Page 10: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/10.jpg)
Current Problems
�Privacy�Personal data�Pictures�Professional
information
![Page 11: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/11.jpg)
Current Problems
�Privacy�Personal data�Pictures�Professional information
�Content Overload
![Page 12: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/12.jpg)
Current Problems
�Offense, Hate and Discrimination
�Child Safety and Sexual Crimes�Defamation
�Stalking�Cyber bullying
�Sexting
![Page 13: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/13.jpg)
Security aspects of Social Networking� Current Security Threats
�Identity/Password Theft�Fake profiles�Targeted attacks
![Page 14: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/14.jpg)
Security aspects of Social Networking� Current Security Threats
�Malicious Code, Viruses and Worms
�Spam, Phishing and Financial Fraud
Malicious Programs Targeting Social Networking Sites
![Page 15: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/15.jpg)
Security aspects of Social Networking� Current Security Threats
�URL Shortening�Hide malicious sites
Source: tweetmeme
![Page 16: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/16.jpg)
Security aspects of Social Networking� Social Networks
under Attack�Exploit of Social
Network Gadgets
�Security vulnerabilities�Cross-site scripting
(XSS)�SQL injection
�DDoS�Worms
�Koobface
![Page 17: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/17.jpg)
Security aspects of Social Networking� Malicious Actors
�Individuals�Spammers and
phishers
�Fraudsters and cyber criminals
�Hacktivists and terrorist groups
�Sexual predators
![Page 18: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/18.jpg)
Security aspects of Social Networking
� Malicious Actors�Terrorism Using Social
Networks and Online Communities
![Page 19: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/19.jpg)
Security aspects of Social Networking� Malicious Actors
�Hacking communities�Recruitment� Information exchange�Marketplace�Hacker for hire
![Page 20: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/20.jpg)
References
� Data Privacy Day: http://dataprivacyday2010.org
� Social Media Security: http://socialmediasecurity.comhttp://twitter.com/SocialMediaSec
� SocialNetworkingWatch: http://www.socialnetworkingwatch.com
� Security and Privacy in Social Networks Bibliography: http://www.cl.cam.ac.uk/~jcb82/sns_bib/main.html
� iDefense: www.idefense.com
![Page 21: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/21.jpg)
Thank you :)
�Anchises M. G. De Paula�http://anchisesbr.blogspot.com�Twitter: @anchisesbr
![Page 22: Security Aspects of Social Networks at Campus Party 2010](https://reader033.fdocuments.net/reader033/viewer/2022052822/554e2260b4c90511778b4f37/html5/thumbnails/22.jpg)
Non-commercial Share Alike (by-nc-sa)
This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License.
To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.5/ or send
a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA