In recent years, online social network (OSN) services have rapidly
become an indispensable part of society, offering users a wide range of
advantages. Users now see these OSNs not only as platforms for building
connections but also as powerful tools for garnering support from large groups
and for exploring the diverse range of applications available within OSNs.
However, it's important to recognize that OSNs also introduce new potential
threats to the community.
In 2015, the Twitter accounts of U.S. military officials were breached
by individuals claiming allegiance to the Islamic State. Another significant
incident occurred in 2017 when Iranian hackers seized control of the social
media accounts belonging to U.S. State Department officials. However, an attack
method that differs significantly from the typical approaches used to
compromise users on online social networks is known as an Identity Clone Attack
(ICA). The primary aim of this attack is to duplicate an existing user's
profile in order to infiltrate a specific social circle and gather information
that is normally shared among trusted users. This type of attack falls under
the category of cross-site profile cloning. The objective of this research is
to establish a defence mechanism capable of identifying whether a user's friend
request is a clone and pinpointing the colluder's accounts.
It was reported that hackers set up fake Facebook accounts under his name in the hope that his colleagues, friends, and family would make contact and answer private messages to gain sensitive information about him or his network. This work also considers different attack patterns, including colluding attackers who recreate social circles of the targeted user to confuse the target further and send multiple friend requests to the same user. As a result, the profiles in OSNs tend to be similar. Therefore, we need to consider more attributes than just names to avoid the assumption that profiles with identical names are considered fake. Researchers also propose a three-step method to detect ICA colluders in OSNs. The research method matches two user profiles from two different OSNs based on classification techniques that use feature extraction on a user’s friend request information and user’s friend lists based on the user’s general information and friend network similarity, such as the number of mutual friends between the requesting user and the target. These methods consist of three steps:
The first step is to gather profile information of the users’ friend request and search through the same or other OSNs for profiles that are similar and returns the accounts that are the most similar based on the information gathered.
Then, verify the identity of each user's friend request through the friend list.
The final step is to return the friend requests that are colluders.
The behavior that people present while using online social networks has
brought those platforms into the light of malicious users, who now see them as
a significant way to initiate/pose threats to different users within/outside an
organization. Therefore, the urgent need for a robust defence mechanism against
collaborative, malicious users needs to be addressed.
In an ICA attack, the attacker will need to clone an existing user on
the same or different OSN. To make the method more accurate, researchers assume
that the friends in the user’s friend list are legitimate. The aim here is to
detect and prevent ICA collaborators from having access to the private
information of their target.
No comments:
Post a Comment