Basic Search / Detailed Display

Author: 戴君翰
Jyun-han Dai
Thesis Title: 基於粉絲頁成長行為時間序列模型之社群網路點擊綁架偵測機制
Detecting Clickjacking on Social Network Through Time-evolution of Fanpage Growing Behavior Modeling
Advisor: 李漢銘
Hahn-Ming Lee
Committee: 林豐澤
Feng-tse Lin
鄭博仁
Albert B. Jeng
廖弘源
Mark Liao
鄭欣明
Shin-ming Cheng
Degree: 碩士
Master
Department: 電資學院 - 資訊工程系
Department of Computer Science and Information Engineering
Thesis Publication Year: 2014
Graduation Academic Year: 102
Language: 英文
Pages: 74
Keywords (in Chinese): 社群網路點擊綁架馬可夫模型相似度
Keywords (in other languages): Social network, Clickjacking, Markov model, Similarity measure
Reference times: Clicks: 245Downloads: 3
Share:
School Collection Retrieve National Library Collection Retrieve Error Report
  • 隨著的社群網路服務日漸發達,社群網路上的惡意攻擊行為越來越多樣化。 惡意點擊綁架是個傳統的網頁攻擊手法,但是透過結合社群網路,發展出一個新興的攻擊手法。社群網路服務提供商(如:Facebook)迫切需要一套惡意點 擊綁架粉絲頁的防禦或偵測機制。然而,傳統的惡意點擊保護或偵測機制都以客戶端實作為主。社群服務提供商無法強致使用者安裝保護機制。並且在近年來的研究指出,現今的惡意點擊綁架保護與偵測機制都有機會被破解。本研究提出利用粉絲頁中粉絲成長行為之時間序列分析,偵測 Facebook 上的惡意點擊綁架粉絲頁。


    The service providers of social network urgently require the confrontation through the modeling the ”clickjacking” patterns to detect the Clickjacking fans pages behavior.The Clikjacking in social network is bypassed currently not only signature-based mechanisms but also more complicated abnormal patterns, e.g., bipartite relations between users and pages. Therefore, in this study, we pro- pose a mechanisms named Clickjacking Hunter, detect Clickjacking fanpages throuhgh modeling fans base growing of fanpages evolution.

    中文摘要 i ABSTRACT iii 致謝 v 1 Introduction 1 1.1 Motivation............................... 2 1.2 ChallengesandGoals......................... 4 1.3 Contributions............................. 5 1.4 TheOutlineofThesis ........................ 6 2 Background and Related Work 7 2.1 Facebook ............................... 7 2.1.1 FanpageinFacebook..................... 7 2.1.2 LikeandShareButtons ................... 8 2.2 ClickjackingAttack.......................... 8 2.3 Clickjacking Attack Detection and Protection . . . . . . . . . . . 9 2.3.1 ClientSideSolutions..................... 9 2.3.2 ServerSideSolutions..................... 10 2.4 Time-evolution Modeling of Social Networks . . . . . . . . . . . . 11 2.5 Abnormal Behavior Detection in Social Networks . . . . . . . . . 13 3 Clickjacking Hunter 15 3.1 Characteristics of Clickjacking on Facebook . . . . . . . . . . . . 16 3.2 FeatureExtraction .......................... 18 3.2.1 NewFansLikeofFanpages ................. 18 3.2.2 Member Friendship Structure of Fanpages . . . . . . . . . 21 3.3 ConsequentBehaviorModeling ................... 25 3.4 LatentBehaviorIndexing ...................... 27 3.5 Time-evolution Modeling for Clickjacking Fanpages Detection . . 29 4 Experiments 32 4.1 ExperimentSetupandDataset ................... 33 4.1.1 ExperimentSetup ...................... 33 4.1.2 DatasetCollectionandLabel ................ 34 4.2 EvaluationMetrics .......................... 35 4.3 EffectivenessAnalysis ........................ 36 4.3.1 Effectiveness of The Different Parameters Comparison . . 36 4.3.2 Effectiveness of the Different Size of Training Information 38 4.4 ExperimentDiscussion........................ 39 4.4.1 CasesStudy.......................... 41 4.4.2 ParameterEstimation .................... 44 5 Conclusions and Further Work 48 5.1 Conclusions .............................. 48 5.2 FurtherWork ............................. 50

    [1] Apache Hadoop. http://hadoop.apache.org/.
    [2] Apache Mahout. https://mahout.apache.org/.
    [3] Facebook Fanpage. https://www.facebook.com/help/174987089221178.
    [4] Facebook FQL. https://developers.facebook.com/docs/reference/fql/.
    [5] Facebook Graph API. https://developers.facebook.com/docs/graph-api.
    [6] Facebook Improvements to our Site Integrity Systems. http://facebook.com/10151005934870766.
    [7] Facebook Social Plugins. https://developers.facebook.com/docs/plugins.
    [8] Facebook4J. http://facebook4j.org/en/index.html.
    [9] JAMA : A Java Matrix Package. http://math.nist.gov/javanumerics/jama/.
    [10] MyWOT. https://www.mywot.com/.
    [11] No Script. http://noscript.net/.
    [12] The Same Origin Policy. http://www.mozilla.org/projects/security/components/same- origin.html.
    [13] F. Amblard, A. Casteigts, P. Flocchini, W. Quattrociocchi, and N. Santoro, “On the temporal analysis of scientific network evolution,” in Computational Aspects of Social Networks (CASoN), 2011 International Conference on, 2011, pp. 169–174.
    [14] M. Balduzzi, M. Egele, E. Kirda, D. Balzarotti, and C. Kruegel, “A solution for the automated detection of clickjacking attacks,” in Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, 2010, pp. 135–144.
    [15] A. Beutel, W. Xu, V. Guruswami, C. Palow, and C. Faloutsos, “Copycatch: stopping group attacks by spotting lockstep behavior in social networks,” in Proceedings of the 22nd international conference on World Wide Web, 2013, pp. 119–130.
    [16] M. Egele, G. Stringhini, C. Kruegel, and G. Vigna, “Compa: Detecting compromised accounts on social networks.” in NDSS, 2013.
    [17] S. Gaito, M. Zignani, G. P. Rossi, A. Sala, X. Zhao, H. Zheng, and B. Y. Zhao, “On the bursty evolution of online social networks,” in Proceedings of the First ACM International Workshop on Hot Topics on Interdisciplinary Social Networks Research, 2012, pp. 1–8.
    [18] S. Ghosh, B. Viswanath, F. Kooti, N. K. Sharma, G. Korlam, F. Benevenuto, N. Ganguly, and K. P. Gummadi, “Understanding and combating link farm- ing in the twitter social network,” in Proceedings of the 21st international conference on World Wide Web, 2012, pp. 61–70.
    [19] N. Z. Gong, W. Xu, L. Huang, P. Mittal, E. Stefanov, V. Sekar, and D. Song, “Evolution of social-attribute networks: measurements, modeling, and im- plications using google+,” in Proceedings of the 2012 ACM conference on Internet measurement conference, 2012, pp. 131–144.
    [20] R. Gonzalez, R. Cuevas, R. Motamedi, R. Rejaie, and A. Cuevas, “Google+ or google-?: dissecting the evolution of the new osn in its first year,” in Proceedings of the 22nd international conference on World Wide Web, 2013, pp. 483–494.
    [21] R. Hansen and J. Grossman, “Clickjacking,” Sec Theory, Internet Security, 2008.
    [22] X. Hu, J. Tang, Y. Zhang, and H. Liu, “Social spammer detection in mi- croblogging,” in Proceedings of the Twenty-Third international joint confer- ence on Artificial Intelligence, 2013, pp. 2633–2639.
    [23] L.-S. Huang, A. Moshchuk, H. J. Wang, S. Schecter, and C. Jackson, “Click- jacking: Attacks and defenses.” in USENIX Security Symposium, 2012, pp. 413–428.
    [24] J. Jiang, C. Wilson, X. Wang, W. Sha, P. Huang, Y. Dai, and B. Y. Zhao, “Understanding latent interactions in online social networks,” ACM Trans- actions on the Web (TWEB), vol. 7, no. 4, p. 18, 2013.
    [25] M. Jiang, P. Cui, A. Beutel, C. Faloutsos, and S. Yang, “Inferring strange be- havior from connectivity pattern in social networks,” in Advances in Knowl- edge Discovery and Data Mining. Springer, 2014, pp. 126–138.
    [26] R. Kikas, M. Dumas, and M. Karsai, “Bursty egocentric network evolution in skype,” Social Network Analysis and Mining, vol. 3, no. 4, pp. 1393–1401, 2013.
    [27] U. U. Rehman, W. A. Khan, N. A. Saqib, and M. Kaleem, “On detection and prevention of clickjacking attack for osns,” in Frontiers of Information Technology (FIT), 2013 11th International Conference on, 2013, pp. 160– 165.
    [28] G. Rydstedt, E. Bursztein, D. Boneh, and C. Jackson, “Busting frame bust- ing: a study of clickjacking vulnerabilities at popular sites,” IEEE Oakland Web, vol. 2, pp. 6–19, 2010.
    [29] T. Sakaki, M. Okazaki, and Y. Matsuo, “Earthquake shakes twitter users: real-time event detection by social sensors,” in Proceedings of the 19th inter- national conference on World wide web, 2010, pp. 851–860.
    [30] J. A. Shamsi, S. Hameed, W. Rahman, F. Zuberi, K. Altaf, and A. Am- jad, “Clicksafe: Providing security against clickjacking attacks,” in High- Assurance Systems Engineering (HASE), 2014 IEEE 15th International Sym- posium on, 2014, pp. 206–210.
    [31] G. Stringhini, G. Wang, M. Egele, C. Kruegel, G. Vigna, H. Zheng, and B. Y. Zhao, “Follow the green: growth and dynamics in twitter follower markets,” in Proceedings of the 2013 conference on Internet measurement conference, 2013, pp. 163–176.
    [32] Y. Sun, J. Han, C. C. Aggarwal, and N. V. Chawla, “When will it happen?: relationship prediction in heterogeneous information networks,” in
    Proceedings of the fifth ACM international conference on Web search and data mining, 2012, pp. 663–672.
    [33] S. Tang, N. Dautenhahn, and S. T. King, “Fortifying web-based applications automatically,” in Proceedings of the 18th ACM conference on Computer and communications security, 2011, pp. 615–626.
    [34] C. Wilson, A. Sala, K. P. Puttaswamy, and B. Y. Zhao, “Beyond social graphs: User interactions in online social networks and their implications,” ACM Transactions on the Web (TWEB), vol. 6, no. 4, p. 17, 2012.
    [35] M. Zalewski., X-Frame-Options, or solving the wrong prob- lem. http://lcamtuf.blogspot.com/2011/12/x-frame-options-or-solving- wrong.html.

    QR CODE