Your browser does not support JavaScript!

Home    Search  

Results - Details

Search command : Author="Μαρκάτος"  And Author="Ευάγγελος"  And Author="Π"

Current Record: 2 of 7

Back to Results Previous page
Next page
Add to Basket
[Add to Basket]
Identifier 000356868
http://elocus.lib.uoc.gr
Title Antisocial networks : turning a social network into an attack platform
Alternative Title Αντικοινωνικά δίκτυα
Author Μακριδάκης, Ανδρέας Ηλία
Thesis advisor Μαρκάτος, Ευάγγελος Π.
Abstract World Wide Web has evolved from a collection of static HTML pages to an assortment of “Web 2.0” applications. Examples of “Web 2.0” applications include wikis, blogs, video sharing web sites, social networking web sites, etc. Since the establishment of the first online social network SixDegrees.com, in 1997, these sites are becoming more popular by the day. Millions of people daily use social networking web sites, such as facebook.com, myspace.com, orkut.com, and linkedin.com. As a side-effect of this fast growth, possible exploits can turn them into platforms for antisocial and illegal activities, like DDoS attacks, privacy violations, disk compromising, malware propagation, etc. In this thesis we show that social networking web sites have the ideal properties to become attack platforms. We introduce a new term, Antisocial Networks. Antisocial Networks are distributed systems based on social networking web sites that can be exploited by attackers, and directed to carry out network attacks. Malicious users are able to take control of the visitors of social web sites by remotely manipulating their browsers through legitimate web control functionality such as image-loading HTML tags, JavaScript instructions, Java applets, etc. We start by identifying all the properties of Facebook, a real-world online social network, and then study how we can utilize these properties and transform it into an attack platform against any host connected to the Internet. Towards this end, we develop a real-world Facebook application that can perform malicious actions covertly. We experimentally measure its impact by studying how innocent Facebook users can be manipulated into carrying out a Denial-of-Service attack. Then, we examine how Facebook applications that embed a Java applet can compromise the hard disk of a Facebook user. As a last threat, we briefly describe how a Facebook application can harvest the sensitive personal information provided by users in their online profile. Finally, we explore other possible misuses of Facebook and how they can be applied to other online social networks.
Language English
Issue date 2009-11-10
Collection   School/Department--School of Sciences and Engineering--Department of Computer Science--Post-graduate theses
  Type of Work--Post-graduate theses
Permanent Link https://elocus.lib.uoc.gr//dlib/6/d/5/metadata-dlib-649495bc90986191e8a52355b5380cf0_1275556050.tkl Bookmark and Share
Views 506

Digital Documents
No preview available

Download document
View document
Views : 14