Featured Research

from universities, journals, and other organizations

App protects Facebook users from hackers

Date:
October 9, 2012
Source:
University of California - Riverside
Summary:
A new app to detect spam and malware posts on Facebook users' walls was found to be highly accurate, fast and efficient, new study suggests.

Cyber-crime is expanding to the fertile grounds of social networks and University of California, Riverside engineers are fighting it.

Related Articles


A recent four-month experiment conducted by several UC Riverside engineering professors and graduate students found that the application they created to detect spam and malware posts on Facebook users' walls was highly accurate, fast and efficient.

The researchers also introduced the new term "socware" -- pronounced "sock-where" -- to describe a combination of "social malware," encompassing all criminal and parasitic behavior on online social networks.

Their free application, MyPageKeeper, successfully flagged 97 percent of socware during the experiment. In addition, it was only incorrect -- flagging posts of socware that did not fit into those categories -- 0.005 percent of the time.

The researchers also found that it took an average of .0046 seconds to classify a post, which is far quicker than the 1.9 seconds it takes using the traditional approach of web site crawling. MyPageKeeper's more efficient classification also translates to lower costs, cutting expenses by up to 40 times.

"This is really the perfect recipe for socware detection to be viable at scale: high accuracy, fast, and cheap," said Harsha V. Madhyastha, an assistant professor of computer science and engineering at UC Riverside's Bourns College of Engineering.

Madhyastha conducted the research with Michalis Faloutsos, a professor of computer science and engineering, and Md Sazzadur Rahman and Ting-Kai Huang, both Ph.D. students. Rahman presented the paper outlining the findings at the recent USENIX Security Symposium 2012.

During the four-month experiment, which was conducted from June to October 2011, the researchers analyzed more than 40 million posts from 12,000 people who installed MyPageKeeper. They found that 49 percent of users were exposed to at least one socware post during the four months.

"This is really an arms race with hackers," said Faloutsos, who has studied web security for more than 15 years. "In many ways, Facebook has replaced e-mail and web sites. Hackers are following that same path and we need new applications like MyPageKeeper to stop them."

The application, which is already attracting commercial interest, works by continuously scanning the walls and news feeds of subscribed users, identifying socware posts and alerting the users. In the future, the researchers are considering allowing MyPageKeeper to remove malicious posts automatically.

The key novelty of the application is that it factors in the "social context" of the post. Social context includes the words in the post and the number of "likes" and comments it received.

For example, the researchers determined that the presence of words -- such as 'FREE,' 'Hurry,' 'Deal' and 'Shocked' -- provide a strong indication of the post being spam. They found that the use of six of the top 100 keywords is sufficient to detect socware.

The researchers point out that users are unlikely to 'like' or comment on socware posts because they add little value. Hence, fewer likes or comments are also an indicator of socware.

Furthermore, MyPageKeeper checks URLs against domain lists that have been identified as being responsible for spam, phishing or malware. Any URL that matches is classified as socware.

During the four-month experiment, the researchers also found:

  • A consistently large number of socware notifications are sent every day, with noticeable spikes on a few days. For example, 4,056 notifications were sent on July 11, 2011, which corresponded to a scam that went viral conning users into completing surveys with the pretext of fake free products.
  • Only 54 percent of socware links have been shortened by URL shorteners such as bit.ly and tinyurl.com. The researchers thought this number would be higher because URL shorteners allow the web site address to be hidden. They also found that many scams use somewhat obviously "fake" domain names, such as http://iphonefree5. com and http://nfljerseyfree. com, but users seem to fall for it and click the link.
  • Certain words are much more likely to be found in Facebook socware than in e-mail spam. For example, "omg" is 332 times more likely to appear in Facebook socware. Meanwhile, "bank" is 56 times more likely to appear in e-mail spam.
  • Twenty percent of socware links are hosted inside of Facebook.

This activity is so high that the researchers expect that Facebook will have to do more to protect its users against socware.

"Malware on Facebook seems to be hosted and enabled by Facebook itself," Faloutsos said. "It's a classic parasitic kind of behavior. It is fascinating and sad at the same time."

App: https://apps.facebook.com/mypagekeeper/


Story Source:

The above story is based on materials provided by University of California - Riverside. The original article was written by Sean Nealon. Note: Materials may be edited for content and length.


Cite This Page:

University of California - Riverside. "App protects Facebook users from hackers." ScienceDaily. ScienceDaily, 9 October 2012. <www.sciencedaily.com/releases/2012/10/121009112429.htm>.
University of California - Riverside. (2012, October 9). App protects Facebook users from hackers. ScienceDaily. Retrieved November 22, 2014 from www.sciencedaily.com/releases/2012/10/121009112429.htm
University of California - Riverside. "App protects Facebook users from hackers." ScienceDaily. www.sciencedaily.com/releases/2012/10/121009112429.htm (accessed November 22, 2014).

Share This


More From ScienceDaily



More Computers & Math News

Saturday, November 22, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

European Parliament Might Call For Google's Break-Up

European Parliament Might Call For Google's Break-Up

Newsy (Nov. 22, 2014) This is the latest development in an antitrust investigation accusing Google of unfairly prioritizing own products and services in search results. Video provided by Newsy
Powered by NewsLook.com
Google Announces Improvements To Balloon-Borne Wi-Fi Project

Google Announces Improvements To Balloon-Borne Wi-Fi Project

Newsy (Nov. 21, 2014) In a blog post, Google said its balloons have traveled 3 million kilometers since the start of Project Loon. Video provided by Newsy
Powered by NewsLook.com
Is Nintendo Making A Comeback With 'Super Smash Bros.'?

Is Nintendo Making A Comeback With 'Super Smash Bros.'?

Newsy (Nov. 21, 2014) Nintendo released new "Super Smash Bros." Friday, and it's getting great reviews. Could this mean a comeback for the gaming company? Video provided by Newsy
Powered by NewsLook.com
NSA Director: China Can Damage US Power Grid

NSA Director: China Can Damage US Power Grid

AP (Nov. 20, 2014) China and "one or two" other countries are capable of mounting cyberattacks that would shut down the electric grid and other critical systems in parts of the United States, according to Adm. Michael Rogers, director of the National Security Agency and hea Video provided by AP
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:

Strange & Offbeat Stories


Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins