4. Categorisation of Deceptions in OSNs
• Harvesting Information
– Techniques:
• Phishing
Email harvesting
Send out email with a fake URL link.
• Account hijacking
Hijack an existing user account through the OSN’s session
cookies hijacking.
Attacker impersonate the victim and retrieve the required
information from the victim’s friends.
5. Categorisation of Deceptions in OSNs
• Identity Cloning Attacks (ICA)
Queen Elsa
Princess AnnaOlaf
Kristoff Prince Hans
Cinderella Rapunzel
Princess Charming
Elsa2014
6. Categorisation of Deceptions in OSNs
• Boosting Reputation in the OSNs
– Sybil Attack
• Attacker creates multiple fake profiles called Sybil
nodes.
• These Sybil nodes will ’like’ the attacker’s
post/link/comment or give ratings.
• This act unfairly increases the attacker’s rating,
gaining them the reputation and power to influence
and deceive other users in the same site.
7. Categorisation of Deceptions in OSNs
• Spam
– Sharing wall post, and spread itself to friend’s
wall post containing links or advertisements,
attracting OSN users to click them.
• Gaining numbers (esp. Twitter)
– To gain trust and support from the other users
and the public by deceiving them on the
number of followers.
9. Prevention and Detection Solution
Deception Threat Protection Solution
Identity Cloning Attack
(ICA)
User profile and friends’ link network similarity detection
- Similar identities are filtered using profile similarities,
friend list network and other attributes. If the similarities
exceed the set minimum value, the identities are
considered as suspicious and will be validated.
Spam Social message similarity detection
- Spammers’ message contents are similar towards their
friend lists or on their wall as they are advertisements and
containing URL links to certain websites.
Software application
- Barracuda Labs developed Barracuda Profile Protector
and a prototype by the researchers at University of
California analyses content posted by OSNs users. It will
detect, block or remove malicious or suspicious content.
10. Prevention and Detection Solution
Deception Threat Protection Solution
Sybil attack SybilGuard
- A technique that examines the entire social network to
cluster the Sybil nodes together base on the relationship
edge, limiting the attack edges by the Sybil nodes.
Diffusion of
misinformation
Social and engagement interactions
- Having high number of social interaction increases the
trust level between users. It will computes more
reasonable trust values that satisfy the source constraints
considering the impact of social aspects and the property
of trust.
11. Trust Evaluation for Protection of
Deceptions
• User trust propagation evaluation
– OSN users that receive a request from new OSN
user cannot determine the requestor’s identity
as the could be forged by the attacker based
from the original user.
– Propose:
• Doing cross social network profile from an external
and the internal source could help in evaluating the
user’s trust level and propagate trust to the other
users.
12. Trust Evaluation for Protection of
Deceptions
• Information credibility evaluation
– Users have to assess the credibility of information
sources by themselves.
– Current solution:
• The CredRank algorithm calculates users’ credibility by
computing the user’s message posts similarity and their
behaviour similarity in order to cluster them together
– Information shared by credible user really came from
them and not an impostor / the information is credible.
– Propose:
• To avoid misinformation diffused by a credible user, each post
should be reviewed externally and ranked through the reply
comments from the followers.
13. Conclusions
• Trust relationship in OSNs can be easily
deceived.
• However, trust mechanism can also be an
effective mean to prevent deceptions.
• OSN user trust and information credibility
evaluations are promising approaches to
prevent deception in OSNs.