Labeling images with a computer game
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Friendster and publicly articulated social networking
CHI '04 Extended Abstracts on Human Factors in Computing Systems
Information revelation and privacy in online social networks
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Designing ethical phishing experiments: a study of (ROT13) rOnl query features
Proceedings of the 15th international conference on World Wide Web
A face(book) in the crowd: social Searching vs. social browsing
CSCW '06 Proceedings of the 2006 20th anniversary conference on Computer supported cooperative work
A familiar face(book): profile elements as signals in an online social network
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Communications of the ACM
Email Accessibility and Social Networking
OCSC '09 Proceedings of the 3d International Conference on Online Communities and Social Computing: Held as Part of HCI International 2009
Personality traits, usage patterns and information disclosure in online communities
Proceedings of the 23rd British HCI Group Annual Conference on People and Computers: Celebrating People and Technology
Privacy wizards for social networking sites
Proceedings of the 19th international conference on World wide web
Uncovering social spammers: social honeypots + machine learning
Proceedings of the 33rd international ACM SIGIR conference on Research and development in information retrieval
Exploiting social networking sites for spam
Proceedings of the 17th ACM conference on Computer and communications security
Cheap and automated socio-technical attacks based on social networking sites
Proceedings of the 3rd ACM workshop on Artificial intelligence and security
Collaboration on Social Network Sites: Amateurs, Professionals and Celebrities
Computer Supported Cooperative Work
Abusing social networks for automated user profiling
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Detecting spammers on social networks
Proceedings of the 26th Annual Computer Security Applications Conference
Toward worm detection in online social networks
Proceedings of the 26th Annual Computer Security Applications Conference
Understanding the behavior of malicious applications in social networks
IEEE Network: The Magazine of Global Internetworking
A study on context services model with location privacy
ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
The socialbot network: when bots socialize for fame and money
Proceedings of the 27th Annual Computer Security Applications Conference
A survey of emerging approaches to spam filtering
ACM Computing Surveys (CSUR)
Mitigating the malicious trust expansion in social network service
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Contextcapture: exploring the usage of context-based awareness cues in informal information sharing
Proceedings of the 15th International Academic MindTrek Conference: Envisioning Future Media Environments
Detecting collective attention spam
Proceedings of the 2nd Joint WICOW/AIRWeb Workshop on Web Quality
ACM SIGMETRICS Performance Evaluation Review
Network forensics: random infection vs spreading epidemic
Proceedings of the 12th ACM SIGMETRICS/PERFORMANCE joint international conference on Measurement and Modeling of Computer Systems
Reframing the design of context-aware computing
BCS-HCI '11 Proceedings of the 25th BCS Conference on Human-Computer Interaction
Efficient and scalable socware detection in online social networks
Security'12 Proceedings of the 21st USENIX conference on Security symposium
SybilControl: practical sybil defense with computational puzzles
Proceedings of the seventh ACM workshop on Scalable trusted computing
Crime scene investigation: SMS spam data analysis
Proceedings of the 2012 ACM conference on Internet measurement conference
Do online social network friends still threaten my privacy?
Proceedings of the third ACM conference on Data and application security and privacy
Design and analysis of a social botnet
Computer Networks: The International Journal of Computer and Telecommunications Networking
Identification of potential malicious web pages
AISC '11 Proceedings of the Ninth Australasian Information Security Conference - Volume 116
Appinspect: large-scale evaluation of social networking apps
Proceedings of the first ACM conference on Online social networks
Using naive bayes to detect spammy names in social networks
Proceedings of the 2013 ACM workshop on Artificial intelligence and security
Social engineering attacks on the knowledge worker
Proceedings of the 6th International Conference on Security of Information and Networks
Anatomy of drive-by download attack
AISC '13 Proceedings of the Eleventh Australasian Information Security Conference - Volume 138
Social spammer detection in microblogging
IJCAI'13 Proceedings of the Twenty-Third international joint conference on Artificial Intelligence
Hi-index | 0.00 |
Social networks are popular for online communities. This paper evaluates the risk of sophisticated context-aware spam that could result from information sharing on social networks and discusses potential mitigation strategies. Unlike normal spam, context-aware spam would likely have a high click-through rate due to exploitation of authentic social connections. Context-aware spam could lead to more insidious attacks that try to install malware or steal passwords. In this paper, we analyzed Facebook, a popular social networking website. Our goal was to determine how many users were vulnerable to context-aware attack email and understand aspects of Facebook's design that make such attacks possible. We also classified different kinds of email attacks based on certain pieces of data such as birthdays, lists of friends, wall posts, and user news feeds. We analyzed Facebook starting from a single university e-mail address to calculate the number of users who would be vulnerable to each type of attack. We found that a hacker could send sophisticated context-aware email to approximately 85% of users. Furthermore, our analysis shows that people with private profiles are almost equally vulnerable to a subset of attacks. Finally, we discuss defense strategies. Some strategies would require users to coordinate their privacy policies with each other. We also suggest design improvements for social networks that may help reduce exposure to context-aware attack email.