Zifei Shan
ABSTRACT
Recently Online Social Networks (OSNs) are enjoying a continuous boom, while suffering from omnifarious malicious attacks. Cloning attack is one of the attack patterns towards online social networks, where typically the attacker disguises fake accounts as real users by thieving and copying their profiles, and sends friend requests to the friends of the cloned victim. It is difficult for ordinary users to detect these fake identities because of the identical names and similar profile information. In this paper, we raise two possible improvements, namely snowball sampling and iteration attack, to the regular attack pattern upgrading its efficiency and power, so that the attackers can more easily engage into the community. An experiment has been conducted on Renren, the largest OSN in China, to fully compare and substantiate the effectiveness of the enhanced strategy with traditional attacks and different levels of cloning attacks. Then we discuss approaches to detect cloning attacks and put forward a detector named CloneSpotter, which can be deployed into OSN servers. The detector takes advantage of the detailed login IP records and provides solid evidence of locations, in order to judge whether the suspicious accounts are manipulated by real users or attackers. Besides, we discuss a content-based approach to protect users from cloning attacks, which can be easily implemented into distributed clients.
Our contribution lies in two aspects. First, we improve a threatening attack pattern towards OSNs, and test its effectiveness in real systems. Second, we provide an effective defense method to detect cloning attacks, which is real-time and lightweight. By deploying the detectors, OSN systems can assist users to accurately distinguish cloning accounts, and safeguard their privacy.
- P. Biernacki and D. Waldorf. Snowball sampling: Problems, techniques and chain-referral sampling. Sociological Methods And Research, 10(2): 141--163, 1981.Google Scholar
Cross Ref
- L. Bilge, T. Strufe, D. Balzarotti, and E. Kirda. All your contacts are belong to us: automated identity theft attacks on social networks. In Proceedings of the 18th international conference on World wide web, WWW '09, pages 551--560, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- G. Danezis and P. Mittal. Sybilinfer: Detecting sybil nodes using social networks.Google Scholar
- J. Douceur. The sybil attack. In P. Druschel, F. Kaashoek, and A. Rowstron, editors, Peer-to-Peer Systems, volume 2429 of Lecture Notes in Computer Science, pages 251--260. Springer Berlin / Heidelberg, 2002. Google ScholarDigital Library
- L. Garton, C. Haythornthwaite, and B. Wellman. Studying online social networks. Journal of Computer-Mediated Communication, 3(1): 0--0, 1997.Google ScholarCross Ref
- S. Ghosh, B. Viswanath, F. Kooti, N. K. Sharma, G. Korlam, F. Benevenuto, N. Ganguly, and K. P. Gummadi. Understanding and combating link farming in the twitter social network. In Proceedings of the 21st international conference on World Wide Web, WWW '12, pages 61--70, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
- N. Hastings and P. McLean. Tcp/ip spoofing fundamentals. In Computers and Communications, 1996., Conference Proceedings of the 1996 IEEE Fifteenth Annual International Phoenix Conference on, pages 218--224, mar 1996.Google ScholarCross Ref
- P. Heymann, G. Koutrika, and H. Garcia-Molina. Fighting spam on social web sites: A survey of approaches and future challenges. Internet Computing, IEEE, 11(6): 36--45, nov.-dec. 2007. Google ScholarDigital Library
- M. Huber, M. Mulazzani, E. Weippl, G. Kitzler, and S. Goluch. Friend-in-the-middle attacks: Exploiting social networking sites for spam. Internet Computing, IEEE, 15(3): 28--34, may-june 2011. Google ScholarDigital Library
- J. Jiang, Z. Shan, W. Sha, X. Wang, and Y. Dai. Detecting and validating sybil groups in the wild. In Distributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on, pages 127--132, june 2012. Google ScholarDigital Library
- G. Kontaxis, I. Polakis, S. Ioannidis, and E. Markatos. Detecting social network profile cloning. In Pervasive Computing and Communications Workshops (PERCOM Workshops), 2011 IEEE International Conference on, pages 295--300, march 2011.Google ScholarCross Ref
- N. Tran, B. Min, J. Li, and L. Subramanian. Sybil-resilient online content voting. In Proceedings of the 6th USENIX symposium on Networked systems design and implementation, NSDI'09, pages 15--28, Berkeley, CA, USA, 2009. USENIX Association. Google ScholarDigital Library
- W. Wei, F. Xu, C. Tan, and Q. Li. Sybildefender: Defend against sybil attacks in large social networks. In INFOCOM, 2012 Proceedings IEEE, pages 1951--1959, march 2012.Google ScholarCross Ref
- C. Yang, R. Harkreader, J. Zhang, S. Shin, and G. Gu. Analyzing spammers' social networks for fun and profit: a case study of cyber criminal ecosystem on twitter. In Proceedings of the 21st international conference on World Wide Web, WWW '12, pages 71--80, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
- Z. Yang, C. Wilson, X. Wang, T. Gao, B. Y. Zhao, and Y. Dai. Uncovering social network sybils in the wild. In Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference, IMC '11, pages 259--268, New York, NY, USA, 2011. ACM. Google ScholarDigital Library
- H. Yu, P. Gibbons, M. Kaminsky, and F. Xiao. Sybillimit: A near-optimal social network defense against sybil attacks. In Security and Privacy, 2008. SP 2008. IEEE Symposium on, pages 3--17, may 2008. Google ScholarDigital Library
- H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. Sybilguard: defending against sybil attacks via social networks. SIGCOMM Comput. Commun. Rev., 36(4): 267--278, Aug. 2006. Google ScholarDigital Library
Index Terms
- Enhancing and identifying cloning attacks in online social networks
Recommendations
P2DAP — Sybil Attacks Detection in Vehicular Ad Hoc Networks
Vehicular ad hoc networks (VANETs) are being increasingly advocated for traffic control, accident avoidance, and management of parking lots and public areas. Security and privacy are two major concerns in VANETs. Unfortunately, in VANETs, most privacy-...
Evaluation of Sybil Attacks Protection Schemes in KAD
AIMS '09: Proceedings of the 3rd International Conference on Autonomous Infrastructure, Management and Security: Scalability of Networks and ServicesIn this paper, we assess the protection mechanisms entered into recent clients to fight against the Sybil attack in KAD, a widely deployed Distributed Hash Table. We study three main mechanisms: a protection against flooding through packet tracking, an ...
On Secure and Privacy-Aware Sybil Attack Detection in Vehicular Communications
The foreseen dream of Vehicular Ad Hoc NETwork (VANET) deployment is obstructed by long-chased security and privacy nightmares. Despite of the increasing demand for perfect privacy, it conflicts with rather more serious security threat called `Sybil ...
Comments