OSNGuard: Detecting Worms with User Interaction Traces in Online Social Networks
| Autor: | Dengguo Feng, Huang Huafeng, Lingyun Ying, Purui Su, Yang Yi, Liang He, Huipeng Fang |
|---|---|
| Rok vydání: | 2013 |
| Předmět: |
Exploit
Computer science InformationSystems_INFORMATIONSYSTEMSAPPLICATIONS Cross-site scripting computer.file_format Tracing JavaScript Computer security computer.software_genre World Wide Web Microsoft Windows Overhead (computing) Executable computer Block (data storage) computer.programming_language |
| Zdroj: | Information and Communications Security ISBN: 9783319027258 ICICS |
| Popis: | In the last few years we have witnessed an incredible development of online social networks (OSNs), which unfortunately causes new security threats, e.g., OSN worms. Different from traditional worms relying on software vulnerabilities, these new worms are able to exploit trust between friends in OSNs. In this paper, a new worm propagation model was proposed, named EP-Model, to find out the common characteristics of OSN worms including XSS-based JavaScript worms and Social-Engineering-based Executable worms. And then we designed OSNGuard, a client-side defense mechanism which could prevent the propagation of OSN worms conforming to the EP-Model. Particularly, starting from tracing relevant user interactions with client processes visiting OSNs, our system could identify and block malicious payload-submissions from worms by analyzing these traced user activities. To prove the effectiveness of OSNGuard, we presented a prototype implementation for Microsoft Windows platform and evaluated it on a small-scale OSN website. The system evaluations showed that OSNGuard could sufficiently protect users against OSN worms in a real-time manner and the performance tests also revealed that our system introduced less than 2.5% memory overhead when simultaneously monitoring up to 10 processes. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|