Featured Research

from universities, journals, and other organizations

New malware could steal users social media behavior and info, researchers warn

Date:
October 14, 2010
Source:
American Associates, Ben-Gurion University of the Negev
Summary:
Researchers in Israel are warning against malware threats that extract personal information about relationships in a real-world social network, as well as characteristic information about individuals in the network. Using mathematical models, based on actual mobile network data, the researchers demonstrated that malware attacks could be adapted to follow human behavior on social networks.

A new study by Ben-Gurion University of the Negev (BGU) researchers predicts that a new generation of malware (software written for malicious purposes like identity theft) could steal data on human behavior patterns, which is more dangerous than traditional, detectable attacks.

In the newly published paper, "Stealing Reality," Dr. Yaniv Altshuler and Dr. Yuval Elovici from BGU discuss malware threats that extract personal information about relationships in a real-world social network, as well as characteristic information about individuals in the network. Using mathematical models, based on actual mobile network data, the researchers demonstrated that malware attacks could be adapted to follow human behavior on social networks.

According to the researchers, "Many social networks collect important user data such as age, occupation and role, personality and more to create a 'rich identity.' With access to such sensitive information, the possibility for significantly more targeted and dangerous attacks is now open. There is a level of trust generated among users connected via social networks and these new threats, unbeknownst to the user, seek to violate it."

The research showed that in many cases a "stealth attack" (one that is hard to detect and steals private information at a slow pace) can result in the maximal amount of overall knowledge captured by the operator of this attack. This attack strategy also makes sense when compared to the natural human social interaction and communication patterns. The rate of human communication and evolution of a relationship is very slow compared to traditional malware attack message rates.

A "Stealing Reality" type of attack, which is targeted at learning the social communication patterns, could "piggyback" on the user-generated messages, or imitate their natural patterns, thus not drawing attention to itself, while still achieving its target goals.

One of the biggest risks of real world social media network information being stolen is that this type is very static, especially when compared to traditional targets of malicious attacks. For example, passwords, usernames and credit cards can be changed. An infected computer could be wiped and re-installed. An online e-mail, instant messenger or social networking account could be easily replaced with a similar one, and the users' contacts can be quickly warned of the original account's breach.

However, it is much harder to change one's network of real world, person-to-person relationships, friendships or family ties. The victim of a "behavioral pattern" theft cannot easily change his or her behavior and life patterns. Plus this type of information, once out, would be very hard to contain. In addition, once the information has been extracted in digital form, it would be quite hard, if not impossible, to make sure that all copies have been deleted.

The researchers explain in the study published on the arXiv.org research Web site that "Many commercial entities have realized the value of information derived from communication and other behavioral data for a great deal of applications, like marketing campaigns, customer retention and security screenings. There is no reason to think that developers of malicious applications will not implement the same methods and algorithms into future malware, or that they have not already started doing so. There already exist secondary markets for resale of this type of information."


Story Source:

The above story is based on materials provided by American Associates, Ben-Gurion University of the Negev. Note: Materials may be edited for content and length.


Journal Reference:

  1. Yaniv Altshuler, Nadav Aharony, Yuval Elovici, Alex Pentland, Manuel Cebrian. Stealing Reality. arXiv, 2010; (submitted)

Cite This Page:

American Associates, Ben-Gurion University of the Negev. "New malware could steal users social media behavior and info, researchers warn." ScienceDaily. ScienceDaily, 14 October 2010. <www.sciencedaily.com/releases/2010/10/101014100015.htm>.
American Associates, Ben-Gurion University of the Negev. (2010, October 14). New malware could steal users social media behavior and info, researchers warn. ScienceDaily. Retrieved April 20, 2014 from www.sciencedaily.com/releases/2010/10/101014100015.htm
American Associates, Ben-Gurion University of the Negev. "New malware could steal users social media behavior and info, researchers warn." ScienceDaily. www.sciencedaily.com/releases/2010/10/101014100015.htm (accessed April 20, 2014).

Share This



More Computers & Math News

Sunday, April 20, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Nintendo Changed Gaming World, but Its Future Uncertain: Upstone

Nintendo Changed Gaming World, but Its Future Uncertain: Upstone

AFP (Apr. 19, 2014) The Nintendo Game Boy celebrates its 25th anniversary Monday and game expert Stephen Upstone says the console can be credited with creating a trend towards handheld gaming devices. Duration: 01:21 Video provided by AFP
Powered by NewsLook.com
Why Did Nike Fire Most Of Its Nike FuelBand Team?

Why Did Nike Fire Most Of Its Nike FuelBand Team?

Newsy (Apr. 19, 2014) Nike fired most of its Digital Sport hardware team, the group behind Nike's FuelBand device. Could Apple or an overcrowded market be behind layoffs? Video provided by Newsy
Powered by NewsLook.com
Nearly Two Weeks On, The Internet Copes With Heartbleed

Nearly Two Weeks On, The Internet Copes With Heartbleed

Newsy (Apr. 19, 2014) The Internet is taking important steps in patching the vulnerabilities Heartbleed highlighted, but those preventive measures carry their own costs. Video provided by Newsy
Powered by NewsLook.com
Facebook To Share Nearby Friends Data With Advertisers

Facebook To Share Nearby Friends Data With Advertisers

Newsy (Apr. 19, 2014) A Facebook spokesperson has confirmed the company will use GPS data from the new Nearby Friends feature for advertising sometime in the future. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins