Abstract
The popularity of online social networks (OSNs) have attracted malware creators who would use OSNs as a platform to propagate automated worms from one user’s computer to another’s. On the other hand, the topic of malware propagation in OSNs has only been investigated recently. In this chapter, we discuss recent advances on the topic of malware propagation by way of online social networking. In particular, we present three malware propagation techniques in OSNs, namely cross site scripting (XSS), Trojan and clickjacking types, and their characteristics via analytical models and simulations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Andersson H, Britton T (2000) Stochastic epidemic models and their statistical analysis. Springer, New York
Barabási A, Albert R (1999) Emergence of scaling in random networks. Science 286(5439):509–512
Benevenuto F, Rodrigues T, Cha M, Almeida V (2009) Characterizing user behavior in online social networks. In: Proceedings of the 9th ACM SIGCOMM conference on internet measurement conference. ACM, New York, pp 49–62
Boguna M, Pastor-Satorras R, Vespignani A (2003) Epidemic spreading in complex networks with degree correlations. In: Lecture notes in physics: statistical mechanics of complex networks, vol 625, pp 127–147
Cheng S-M, Ao WC, Chen P-Y, Chen K-C (2011) On modeling malware propagation in generalized social networks. IEEE Commun Lett 15:25–27
Davidsen J, Ebel H, Bornholdt S (2002) Emergence of a small world from local interactions: modeling acquaintance networks. Phys Rev Lett 88(12): 128701
Dekker AH (2008) Realistic social networks for simulation using network rewiring. In: Proceeding of international congress on modeling and simulation, pp 677–683
Faghani MR, Matrawy A, Lung C (2012) A study of malware propagation in online social networks. In: Proceeding of 5th IEEE IFIP international conference on new technologies, mobility and security. IEEE Press, New York
Faghani MR, Nguyen UT (2012) SoCellBot: a new botnet design to infect smartphones via social networks. In: Proceeding of 25th IEEE Canadian conference on electrical and computer engineering. IEEE Press, New York
Faghani MR, Saidi H (2009) Malware propagation in online social networks. In: Proceeding of the 4th IEEE international malicious and unwanted programs. IEEE Press, New York, pp 8–14
Faghani MR, Saidi H (2009) Social networks’ XSS worms. In: Proceeding of the 12th IEEE international conference on computational science and engineering. IEEE Press, New York, pp 1137–1141
Griffin C, Brooks R (2006) A note on the spread of worms in scale-free networks. IEEE Trans Syst Man Cybern, Part B, Cybern 36(1):198–202
Grossman J (2006) Cross-site scripting worms and viruses: the impending threat and the best defense. http://www.whitehatsec.com/downloads/WHXSSThreats.pdf
Holme P, Beom J (2002) Growing scale-free networks with tunable clustering. Phys Rev E 65:026107
Lab K (2008) Detects new worm attacking MySpace and Facebook. http://www.kaspersky.com/news?id=207575670
Mannan M, Van Oorschot PC (2005) On instant messaging worms, analysis and countermeasures. In: Proceedings of the 2005 ACM workshop on rapid malcode. ACM, New York, pp 2–11
Moore C, Newman MEJ (2000) Epidemics and percolation in small-world networks. Phys Rev E 61:5678–5682
Moreno Y, Gomez J, Pacheco AF (2003) Epidemic incidence in correlated complex networks. Phys Rev E 68:521–529
Nguyen NP, Ying X, Thai MT (2010) A novel method for worm containment on dynamic social networks. In: The military communications conference. IEEE Press, New York, pp 475–478
Open W (2010) Application security project, OWASP top 10 project. http://www.owasp.org
Pastor-Satorras R, Vespignani A (2001) Epidemic spreading in scale-free networks. Phys Rev Lett 86:3200–3203
Staniford S, Paxson V, Weaver N (2002) How to own the internet in your spare time. In: Proceedings of 11th USENIX security symposium. USENIX Association, Berkeley, pp 149–167
Stein T, Chen E, Mangla K (2011) Facebook immune system. In: Proceeding of eurosys social network systems SNS. ACM, New York, pp 8:1–8:8
Telo Nunes A (2006) Epidemics in small world networks. Eur Phys J B, Condens Matter Phys 50(1):205–208
Viger F, Latapy F (2005) Efficient and simple generation of random simple connected graphs with prescribed degree sequence. In: Proceeding of the 11th conference of computing and combinatorics. Springer, Berlin, pp 440–449
Watts DJ (1999) Networks, dynamics, and the small-world phenomenon. Am J Sociol 105(2):493–527
Wilson C, Boe B, Sala A, Puttaswamy KPN, Zhao BY (2009) User interactions in social networks and their implications. In: Proceedings of the 4th ACM European conference on computer systems. ACM, New York, pp 205–218
Xu W, Zhang F, Zhu S (2010) Toward worm detection in online social networks. In: Proceedings of the 25th annual computer security applications conference. ACM, New York, pp 11–20
Yan G, Chen G, Eidenbenz S, Li N (2011) Malware propagation in online social networks: nature, dynamics, and defense implications. In: Proceedings of the 6th ACM symposium on information, computer and communications security. ACM, New York, pp 196–206
Yong-Yeol A, Seungyeop Kaok H, Moon S, Jeong H (2007) Analysis of topological characteristics of huge online social networking services. In: Proceeding of the 16th international conference on world wide web. ACM, New York, pp 835–844
Zou C, Towsley D, Gong W (2002) Code red worm propagation modeling and analysis. In: Proceedings of the ACM conference on computer and communications security. ACM, New York, pp 138–147
Zou CC, Towsley D, Gong W (2007) Modeling and simulation study of the propagation and defense of internet email worm. IEEE Trans Dependable Secure Comput 4(2):105–118
Acknowledgements
We would like to thank Hossein Saidi, Ashraf Matrawy, Chung-Horng Lung and our anonymous reviewers for their helpful comments and discussions.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Faghani, M.R., Nguyen, U.T. (2013). A Study of Malware Propagation via Online Social Networking. In: Özyer, T., Erdem, Z., Rokne, J., Khoury, S. (eds) Mining Social Networks and Security Informatics. Lecture Notes in Social Networks. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-6359-3_13
Download citation
DOI: https://doi.org/10.1007/978-94-007-6359-3_13
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-6358-6
Online ISBN: 978-94-007-6359-3
eBook Packages: Computer ScienceComputer Science (R0)