A Framework for Detecting Cloning Attacks in OSN Based on a Novel Social Graph Topology

Online Social Networks (OSN) are considering one of the most popular internet applications which attract millions of users around the world to build several social relationships. Emerging the Web 2.0 technology allowed OSN users to create, share, or exchange types of contents in a popular fashion. The other hand, OSN are considering one of the most popular platforms for the intruders to spread several types of OSN attacks. Creating fake profiles for launching cloning attacks is one of the most risky attacks which target Users' profiles in Online Social Networks, the attacker seek to impersonate user's identity through duplicating user's online presence in the same or across several social networks, therefore, he can deceive OSN users into forming trusting social relations with his created fake profiles. These malicious profiles aim to harvest sensitive user's information or misuse the reputation of the legitimate profile's owner, as well as it may be used as a spy profiles for other criminal parties. Detecting these fake profiles still represent a major problem from OSN Security and Privacy point of view. In this paper we introduced a theoretical framework which depends on a novel topology of a social graph called Trusted Social Graph (TSG) which used to visualize trusted instances of social communications between OSN users. Another contribution is a proposed detection model that based on TSG topology as well as two techniques; Deterministic Finite Automaton (DFA) and Regular Expression. Our proposed detection model used to recognize the stranger instances of communications and social actions that performed using fake profiles in OSN.

[1]  Borko Furht,et al.  Handbook of Social Network Technologies and Applications , 2010, Handbook of Social Network Technologies.

[2]  Wouter Weerkamp,et al.  A Framework for Unsupervised Spam Detection in Social Networking Sites , 2012, ECIR.

[3]  Mohammad Reza Khayyambashi,et al.  An approach for detecting profile cloning in online social networks , 2013, 7th International Conference on e-Commerce in Developing Countries:with focus on e-Security.

[4]  Mauro Conti,et al.  FakeBook: Detecting Fake Profiles in On-Line Social Networks , 2012, 2012 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining.

[5]  Gianluca Stringhini,et al.  Detecting spammers on social networks , 2010, ACSAC '10.

[6]  Y. Elovici,et al.  Strangers Intrusion Detection - Detecting Spammers and Fake Proles in Social Networks Based on Topology Anomalies , 2012 .

[7]  Christopher Krügel,et al.  Abusing Social Networks for Automated User Profiling , 2010, RAID.

[8]  Hassan Takabi,et al.  Towards active detection of identity clone attacks on online social networks , 2011, CODASPY '11.

[9]  Calton Pu,et al.  Reverse Social Engineering Attacks in Online Social Networks , 2011, DIMVA.

[10]  Armin B. Cremers,et al.  Security and Privacy in Social Networks , 2014, Springer New York.

[11]  Gail-Joon Ahn,et al.  Security and Privacy in Social Networks , 2011, IEEE Internet Comput..

[12]  Kyumin Lee,et al.  Uncovering social spammers: social honeypots + machine learning , 2010, SIGIR.

[13]  Leyla Bilge,et al.  All your contacts are belong to us: automated identity theft attacks on social networks , 2009, WWW '09.

[14]  Mark Stamp,et al.  Social Networking for Botnet Command and Control , 2013 .

[15]  Bobby Bhattacharjee,et al.  Identifying Close Friends on the Internet , 2009, HotNets.

[16]  Sotiris Ioannidis,et al.  Detecting social network profile cloning , 2011, 2011 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops).