Dr. Christopher Kruegel
University of California, Santa Barbara
Security and Privacy Threats in Online Social Networks
About Dr. Kapadia:
Dr. Christopher Kruegel is an Associate Professor in the Computer Science Department at the University of California, Santa Barbara. His research interests are computer and communications security, with an emphasis on malware analysis and detection, web security, and security in social networks. Dr. Kruegel enjoys to build systems and to make security tools available to the public. He has published more than 100 conference and journal papers. Dr. Kruegel is a recent recipient of the NSF CAREER Award, the MIT Technology Review TR35 Award for young innovators, an IBM Faculty Award, and several best paper awards.
Online social networks (such as Facebook, Twitter, and LinkedIn) are regularly used by hundreds of millions of people around the globe. Unfortunately, the tremendous success of these networks has also attracted the interest of cyber-criminals. In our work, we have analyzed security and privacy threats to online social networks and their users.
As one example, I will present our work on detecting spammers on social networks. We have set up a large and diverse set of honey-profiles, accounts whose sole purpose is to accept all friend requests and passively log the traffic that they receive. Based on the analysis of the messages that these profiles received, we developed techniques to detect spammers in social networks. The results of this work were used to notify Twitter of accounts that exhibit spam-like behavior. Recently, we extended this line of work with a system to identify compromised accounts. Compromising legitimate user accounts is particularly effective, as attackers can leverage the trust relationships that the owner of an account has established in the past. Moreover, given the previous, legitimate activities, compromised accounts are more difficult to detect and clean up. I will introduce a novel approach to detect compromised user accounts in social networks, and discuss its application to Twitter and Facebook.
As a second example, I will discuss the privacy impact of malicious web crawlers on (large) legitimate web sites. Although crawlers are useful tools that help users to find content on the web, they may also be malicious. Interestingly, social networking sites are frequent targets of malicious crawling activity. In our work, we developed a novel approach for the detection and containment of crawlers. Our detection is based on the observation that the traffic from crawlers significantly differs from users traffic, even when many users are hidden behind a single web proxy. Moreover, we present a technique for crawler campaign attribution that discovers synchronized traffic coming from multiple hosts. Finally, we introduce a containment technique that leverages our detection results to effectively block crawlers with active techniques while minimizing the impact on legitimate users. Our experimental results in collaboration with a large, popular social networking site demonstrate that our system can distinguish between crawlers and users with high accuracy.