Hybrid Real-Time Protection System for Online Social Networks

The impact of Online Social Networks (OSNs) on human lives is foreseen to be very large with unprecedented amount of data and users. OSN users share their ideas, photos, daily life events, feelings and news. Since OSNs’ security and privacy challenges are more potential than ever before, it is necessary to enhance the protection and filtering approaches of OSNs contents. This paper explores OSNs’ threats and challenges, and categorize them into: account-based, URL-based and content-based threats. In addition, we analyze the existing protection methods and highlight their limitations and weaknesses. Based on that, we propose a comprehensive, user-level, proactive and real-time OSNs’ protection system, called Hybrid Real-time Social Networks Protector (HRSP). HRSP has three components; a user-level security protocol and two classification models. The protocol defines a structure for OSN’s cryptographic services, including encryption, access control and users’ authentication. The classification models employ machine learning, black lists, white lists and users’ feedback, in order to classify URLs into: Benign, Risk and Inappropriate classes, and contents into: Benign, Hate speech and Inappropriate classes. We constructed two data sets of 150,000 URLs and 22,000 tweets to build and test the two classification models. Results show an overall accuracy of 93.2% for the URL model and 84.4% for the content model, while the protocol implementation produces compatible size and time overhead. The components of HRSP are integrated and have compatible design with OSN platforms.

[1]  Guy Lapalme,et al.  A systematic analysis of performance measures for classification tasks , 2009, Inf. Process. Manag..

[2]  Ersin Uzun,et al.  An encryption-based access control framework for content-centric networking , 2015, 2015 IFIP Networking Conference (IFIP Networking).

[3]  Johannes A. Buchmann,et al.  Integrity, authenticity, non-repudiation, and proof of existence for long-term archiving: A survey , 2015, Comput. Secur..

[4]  Tudor Dumitras,et al.  Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits , 2015, USENIX Security Symposium.

[5]  Shadi Aljawarneh,et al.  Comprehensive study of symmetric key and asymmetric key encryption algorithms , 2017, 2017 International Conference on Engineering and Technology (ICET).

[6]  Daniel Zappala,et al.  Social Authentication for End-to-End Encryption , 2016, WAY@SOUPS.

[7]  Di PietroRoberto,et al.  Fame for sale , 2015 .

[8]  Athanasios V. Vasilakos,et al.  Understanding user behavior in online social networks: a survey , 2013, IEEE Communications Magazine.

[9]  Zheyi Chen,et al.  Detecting spammers on social networks , 2015, Neurocomputing.

[10]  Jing Zhou,et al.  Hate Speech Detection with Comment Embeddings , 2015, WWW.

[11]  David M. W. Powers,et al.  Evaluation: from precision, recall and F-measure to ROC, informedness, markedness and correlation , 2011, ArXiv.

[12]  Roberto Di Pietro,et al.  Fame for sale: Efficient detection of fake Twitter followers , 2015, Decis. Support Syst..

[13]  Prabaharan Poornachandran,et al.  A lexical approach for classifying malicious URLs , 2015, 2015 International Conference on High Performance Computing & Simulation (HPCS).

[14]  Yuval Elovici,et al.  Social Networks : Threats and Solutions , 2013 .

[15]  Suzanne O'Connell,et al.  The risks of social networking , 2015 .

[16]  Mahmoud A. Mahmoud,et al.  Fake Account Detection in Twitter Based on Minimum Weighted Feature set , 2015 .

[17]  Jeanna Neefe Matthews,et al.  Fake Twitter accounts: profile characteristics obtained using an activity-based pattern detection approach , 2015, SMSociety.

[18]  Shadi Aljawarneh,et al.  A multithreaded programming approach for multimedia big data: encryption system , 2017, Multimedia Tools and Applications.

[19]  Adrian Perrig,et al.  SafeSlinger: easy-to-use and secure public-key exchange , 2013, MobiCom.

[20]  Heejo Lee,et al.  Detecting Malicious Web Links and Identifying Their Attack Types , 2011, WebApps.

[21]  Aidan Cheng Using Machine Learning to Detect Malicious URLs , 2017 .

[22]  Daniel Zappala,et al.  Why Johnny Still, Still Can't Encrypt: Evaluating the Usability of a Modern PGP Client , 2015, ArXiv.

[23]  Scott R. Stroud,et al.  Social Media, Online Sharing, and the Ethical Complexity of Consent in Revenge Porn , 2016 .

[24]  Konstantin Beznosov,et al.  Privacy Aspects of Health Related Information Sharing in Online Social Networks , 2013, HealthTech.

[25]  Ricardo Baeza-Yates,et al.  Modern Information Retrieval - the concepts and technology behind search, Second edition , 2011 .

[26]  Abhishek Singhal,et al.  A literature survey on social engineering attacks: Phishing attack , 2016, 2016 International Conference on Computing, Communication and Automation (ICCCA).

[27]  Imran Awan Cyber-Extremism: Isis and the Power of Social Media , 2017, Society.

[28]  Shadi Aljawarneh,et al.  A resource-efficient encryption algorithm for multimedia big data , 2017, Multimedia Tools and Applications.

[29]  Ashish Sureka,et al.  Applying Social Media Intelligence for Predicting and Identifying On-line Radicalization and Civil Unrest Oriented Threats , 2015, ArXiv.

[30]  R. das Nair,et al.  Pornography Addiction in Adults: A Systematic Review of Definitions and Reported Impact. , 2016, The journal of sexual medicine.

[31]  Brij B. Gupta,et al.  A Novel Framework to Alleviate Dissemination of XSS Worms in Online Social Network (OSN) using View Segregation , 2017 .