Socnetmalwarex

Download Report

Transcript Socnetmalwarex

Two types of malware propagating through social
networks, Cross Site Scripting (XSS) and
Koobface worm.
How these two types of malware are propagated
through social networks.
What is being done to help prevent the spread of
malware on social networks
Social Networking Malware
The first major online social network worm is detected as Samy
worm, a cross scripting attack, on MySpace.
Koobface is the best known social networking malware.
Total number of profile infections after 20 hours
Modeling and Simulation of Spreading
Worms
Research has been done in modeling and simulation of spreading worms since online
social networks serve lots of users around the world.
To begin the simulation of the trend of XSS worm and Koobface worm propagation.
• Researchers assume that a single visit on the social network site is an event.
• A visited person has two states which include: the visited profile is one of the visitor’s
friends and the visited profile belongs to none of the visitor’s friends.
• For this research, it has been assumed all people in the network are vulnerable
Modeling and Simulation of Spreading XSS
XXS worm propagation simulation in the social network has one person
chosen with an equal probability. The chosen person visits their friends with
the probability of q
Modeling and Simulation of XSS
Another experiment is to understand the effect of the total number of infected profiles on
XSS propagation. It is assumed that 1,10,100,1000 and 5000 initial infected profiles in the
simulation with the probability q equal to 0.9.
Simulated Propagation on Koobface
worm
In each case the user checks if it has a spam message. With the probability p, that the user
clicks the link and executes the malware. The user is infected and sends spam messages
containing the malicious link to all their friends. It was assumed that all people execute the
malicious code with the same probability of p equals 0.5 and 0.7.
Modeling and Simulation of Spreading
Worms
To visualize how the Koobface worm spreads faster than XSS
worms, presume figure three is a small social network
A small Social network
To provide a sense of the scale and scope of malware attacks on websites, consider the
following statistics:
• Every 1.3 seconds a new web page is getting infected
• 77% of Web sites with malicious code are legitimate sites that have been compromised
• The number of malware-infected web pages has grown 12x in 4 years
• 40% percent of social network user have encountered malicious attacks
What is the anti-virus and anti-malware communities
doing to protect social network users?
Cloud anti-virus
Cloud anti-virus involves moving the detection of malicious and unwanted files from end
hosts, into the network. Clients no longer need to continually update their local signature
database.
Symantec and BitDefender, two security firms, are starting to experiment with Facebook
apps that are a social networking cloud anti-virus
When the apps detect a malicious link on the
user’s wall, they include the alert in a report.
Warns the user when his Facebook profile
settings have a privacy risk.
The apps are testing social networking capabilities of Facebook, providing
features to alert the user’s Facebook friends if the links they shared are
malicious.
Conclusion
A lot of major flaws with social networks come down to user awareness and user
responsibility. Some people don’t fully understand what malware does and others don’t use
any form of antivirus software.
Today, I have explained two different types of malware, Koobface and Cross Site Scripting,
and how they are spread throughout social networks.
Also, how anti-virus communities are trying to prevent the spread of malware throughout
social networks.
Questions?