Toward Detecting Malicious Links in Online Social Networks through User Behavior

Alghamdi, Bandar; Watson, Jason; Xu, Yue

doi:10.1109/wiw.2016.014

Cited by 30 publications

(11 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, connecting to DNS or Whois also requires on average a 1.6 second delay [64] which is time expensive. Phishers can also avoid presenting accurate host features by using link shortners, web hosting services [92], or using compromised accounts so that registrations appear associated with the compromised account owner and not the phisher [93]. Some of these avoidances can be themselves used as features, for example, identifying if the host information is hosting provider or a link shortening service [92].…”

Section: B Host Featuresmentioning

confidence: 99%

“…[51,57,60,89]). While these three dates are commonly used in research, the domain age is the most commonly used, with a range of definitions for "recent" -2 [93], 3 [94], or 6 months [65,95]. Fang et al, [95] found that approximately 95% of the phishing URLs in their dataset were less than six months old and Hao et al [96] found 55% of domains appeared the day after they were registered.…”

Section: B Host Featuresmentioning

confidence: 99%

See 1 more Smart Citation

A Review of Human- and Computer-Facing URL Phishing Features

Althobaiti

Rummani

Vaniea

2019

2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

View full text Add to dashboard Cite

When detecting phishing websites, both humans and computers rely on aspects of the website (features) to aid in their decision making. In this work, we conduct a review of URL-based phishing features that appear in publications targeting humanfacing and automated anti-phishing approaches. We focus on both humans and computers to obtain a more comprehensive feature list and create a cross-community foundation for future research. We reviewed 94 papers and categorise their features into: lexical, host, rank, redirection, certificate, search engine, and black/white lists. We find that research on automation has used all feature categories but several, such as host-based features (e.g. DNS), are minimally explored in human-facing anti-phishing research.

show abstract

Section: B Host Featuresmentioning

confidence: 99%

Section: B Host Featuresmentioning

confidence: 99%

A Review of Human- and Computer-Facing URL Phishing Features

Althobaiti

Rummani

Vaniea

2019

2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

View full text Add to dashboard Cite

show abstract

“…[20]. Alghamdi et al analyzed and evaluated the detection of malicious URLs in existing social networks and explained that the future detection work needs to combine the characteristics of URLs with other aspects [21]. Han et al designed a honeypot system that for the first time analyzed the entire life cycle of a phishing attack and clearly identified victims from the attackers and other third-party visitors [22].…”

Section: Related Workmentioning

confidence: 99%

Stopping the Cyberattack in the Early Stage: Assessing the Security Risks of Social Network Users

Feng

et al. 2019

Security and Communication Networks

View full text Add to dashboard Cite

Online social networks have become an essential part of our daily life. While we are enjoying the benefits from the social networks, we are inevitably exposed to the security threats, especially the serious Advanced Persistent Threat (APT) attack. The attackers can launch targeted cyberattacks on a user by analyzing its personal information and social behaviors. Due to the wide variety of social engineering techniques and undetectable zero-day exploits being used by attackers, the detection techniques of intrusion are increasingly difficult. Motivated by the fact that the attackers usually penetrate the social network to either propagate malwares or collect sensitive information, we propose a method to assess the security risk of the user being attacked so that we can take defensive measures such as security education, training, and awareness before users are attacked. In this paper, we propose a novel user analysis model to find potential victims by analyzing a large number of users’ personal information and social behaviors in social networks. For each user, we extract three kinds of features, i.e., statistical features, social-graph features, and semantic features. These features will become the input of our user analysis model, and the security risk score will be calculated. The users with high security risk score will be alarmed so that the risk of being attacked can be reduced. We have implemented an effective user analysis model and evaluated it on a real-world dataset collected from a social network, namely, Sina Weibo (Weibo). The results show that our model can effectively assess the risk of users’ activities in social networks with a high area under the ROC curve of 0.9607.

show abstract

“…However, it has opened up its users to harmful activities. Committing fraud and propagating malware are criminal actions wherein users are engaged to access a URL and run a malicious code on the computer of an OSN user [16].…”

Section: Malwarementioning

confidence: 99%

Privacy and Security Issues in Online Social Networks

et al. 2018

View full text Add to dashboard Cite

The advent of online social networks (OSN) has transformed a common passive reader into a content contributor. It has allowed users to share information and exchange opinions, and also express themselves in online virtual communities to interact with other users of similar interests. However, OSN have turned the social sphere of users into the commercial sphere. This should create a privacy and security issue for OSN users. OSN service providers collect the private and sensitive data of their customers that can be misused by data collectors, third parties, or by unauthorized users. In this paper, common security and privacy issues are explained along with recommendations to OSN users to protect themselves from these issues whenever they use social media.

show abstract

Toward Detecting Malicious Links in Online Social Networks through User Behavior

Cited by 30 publications

References 16 publications

A Review of Human- and Computer-Facing URL Phishing Features

A Review of Human- and Computer-Facing URL Phishing Features

Stopping the Cyberattack in the Early Stage: Assessing the Security Risks of Social Network Users

Privacy and Security Issues in Online Social Networks

Contact Info

Product

Resources

About