Your browser does not support JavaScript!

Home    Protecting the Social Graph: Client–side mitigation of Cross–Site Content Forgery attacks  

Results - Details

Add to Basket
[Add to Basket]
Identifier 000376966
Title Protecting the Social Graph: Client–side mitigation of Cross–Site Content Forgery attacks
Alternative Title Προστατεύοντας τον κοινωνικό γραφό : αντιμετώπιση Cross-Site Content Forgery επιθέσεων στην πλευρά του χρήστη
Author Λιγούρας, Σπυρίδων Αντώνιος
Thesis advisor Μαρκάτος, Ευάγγελος
Abstract In recent years, online social networks have greatly expanded; dominating the World Wide Web and challenging established norms of communication and user interaction such as e–mail and online forums. This effect has caught the attention of spammers, fraudsters and scammers who eagerly transported to this new medium. The social graph has become an attractive target. By compromising portions of the graph, attackers can both access user information and employ viral graph distribution of spam, phishing attacks etc. This thesis focuses on such attacks against the social graph. Our example case is Facebook, the leading online social network. We discuss current countermeasures and protective mechanisms available to Facebook users and propose the design of a real–time detection and monitoring solution for emergent social attacks. Furthermore, we identify a new signi􀃶cant technique called Cross–Site Content Forgery (CSCF) that can facilitate attacks in order to elude detection. We mitigate these cloaking attacks by designing and developing a framework to transparently protect users from CSCF. To do so, our framework validates content and metadata across multiple points–of–observation, comparing responses and issuing verdicts on the client–side. We have implemented a prototype of our framework as a browser extension for the Google Chrome browser, which we have made available to the community.
Language English
Subject Content Forgery
Social Graph
Κοινωνικός γράφος
Issue date 2012-11-16
Collection   School/Department--School of Sciences and Engineering--Department of Computer Science--Post-graduate theses
  Type of Work--Post-graduate theses
Views 508

Digital Documents
No preview available

Download document
View document
Views : 18