Scribd
Upload
405 views

Attack Spectrum and Countermeasures

This document discusses various types of attacks on online social networks, including impersonation attacks like plain impersonation, profile cloning, profile hijacking, and profile porting. It also covers identity theft, which involves impersonating users in the real world. The document provides examples of these attacks and discusses ways they can be countered, such as using stronger authentication, detecting profile similarities, and giving users more control over privacy and anonymity settings.

Uploaded by

skjvdnskdj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
405 views

Attack Spectrum and Countermeasures

This document discusses various types of attacks on online social networks, including impersonation attacks like plain impersonation, profile cloning, profile hijacking, and profile porting. It also covers identity theft, which involves impersonating users in the real world. The document provides examples of these attacks and discusses ways they can be countered, such as using stronger authentication, detecting profile similarities, and giving users more control over privacy and anonymity settings.

Uploaded by

skjvdnskdj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Attack Spectrum and

Countermeasures
K. Vignesh Viswanathan - 106116046
Introduction

● The diversity of available OSN platforms opens doors for a variety of attacks
on privacy of the users, integrity of their profiles, and the availability of the
user-provided contents.
● Technical realization behind an attack may strongly depend on the
functionality and in particular on the use of different protection mechanisms
within the OSN platform. Therefore, not every attack technique will have the
same impact when used against different OSN platforms.
● Since OSN providers typically have full control over the network resources,
no meaningful protection appears possible if the attacks are mounted by the
provider itself.
Plain Impersonation

● The adversary aims to create fake profiles for real-world users.


● The success of this attack strongly depends on the authentication
mechanisms deployed in the registration process.
● This attack can be easily performed if an email address is created in
advance.
● Consequence of plain impersonation is that the adversary can participate in
the OSN applications on behalf of the impersonated user with all damaging
consequences for the user.
● This attack can be thwarted only through the deployment of stronger
authentication techniques. Real world identification would help.
Profile Cloning

● A special type of impersonation attack that occurs within the same OSN
platform.
● The goal of the adversary here is to create a profile for some user that is
already in possession of some valid profile in the same network.
● Adversary can create confusion through impersonation of other registered
users and possibly gain access to the private information communicated to
that users.
● Tools like iCloner used.
● Deploy mechanisms that are able to detect similarities between different
profiles, in particular with regard to the personal information that is visible to
the OSN users.
Example of Profile Cloning

1) CEO Fraud
● It is a scam in which cybercriminals spoof company email accounts and
impersonate executives to try and fool an employee in accounting or HR into
executing unauthorized wire transfers, or sending out confidential tax
information.
● The scam has resulted in siphoning of 26 billion dollars.
Profile Hijacking
● The goal of the adversary mounting a profile hijacking attack is to obtain
control over some existing profile within an OSN platform.
● Profile hijacking is successful if the adversary can obtain passwords of
other users.
● OSN providers typically deploy protection against such attacks by restricting
the number of login attempts or by using techniques that require human
interaction such as CAPTCHAs.
● Tools like an iCloner can bypass CAPTCHAs. Adversaries can also use
phishing or obtain password for other online services.
● The OSN functionality can be misused to distribute messages aiming to lure
users to fake login websites.
● Password access can be changed by OSN provider.
Examples

1) Centcom – US Military’s Central Command


2) Burger King
3) Facebook Security Scam

Hackers hijacked users’ accounts, impersonating Facebook security. These


accounts would then send fake messages to other users, warning them that their
account was about to be disabled and instructing the users to click on a link to
verify their account. The users would be directed to a false Facebook page which
asked them to enter their login info, as well as their credit card information to
secure their account.
Profile Porting

● Type of impersonation where some profile that exists within one OSN
platform is cloned into another OSN platform.
● This attack can be realized via registration of a profile using some new email
address.
● The significance of porting is that users may be completely unaware that
their profiles have been ported.
● Thwarting isn’t easy. Profile similarity tools that work across platforms need
to be used.
ID Theft

● It refers to the impersonation of the OSN users in the real world.


● Adversary should be able to convince anyone about the ownership of some
particular OSN profile.
● Can possibly misuse the reputation or expertise of the real profile owner for
own benefit, while leaving the owner unaware of the attack.
● Requires same effort as that of profile hijacking.
● Often it would simply suffice to claim the ownership of a profile and perform
the actual communication via other channels.
● The only solution is to rely on other means of real-world identification such
as national identity cards, driver’s licenses, etc.
Profiling

● It is an attack against any target OSN user aiming to collect information


about OSN activities or further attributes of that user,
● This attack can be typically performed by OSN users, possibly in an
automated way, since the collectable information is usually publicly
accessible by all OSN users.
● The risk of profiling attacks performed by OSN users can be diminished via
fine-grained access control and anonymizing techniques.
● Allow access based on individual basis and not based on roles.
● An alternative solution could be to let users decide whether their activities
(e.g. discussion comments) should be kept unlinkable to their profiles.

You might also like