Friend-in-the-Middle Attacks: Exploiting Social Networking Sites for Spam

Friend-in-the-middle attacks on social networking sites can be used to harvest social data in an automated fashion. Attackers can then exploit this data for large-scale attacks using context-aware spam and social phishing. The authors prove the feasibility of such an attack and simulate the impact o...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE internet computing 2011-05, Vol.15 (3), p.28-34
Hauptverfasser:	Huber, M, Mulazzani, M, Weippl, E, Kitzler, G, Goluch, S
Format:	Artikel
Sprache:	eng
Schlagworte:	Automated Cloning Computation Computer simulation Data mining Facebook Feasibility Internet Internet computing Networks phishing Security Social network services Social networking sites spam Spamming Unsolicited electronic mail
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	34
container_issue	3
container_start_page	28
container_title	IEEE internet computing
container_volume	15
creator	Huber, M Mulazzani, M Weippl, E Kitzler, G Goluch, S
description	Friend-in-the-middle attacks on social networking sites can be used to harvest social data in an automated fashion. Attackers can then exploit this data for large-scale attacks using context-aware spam and social phishing. The authors prove the feasibility of such an attack and simulate the impact on Facebook. Alarmingly, all major social networking sites are vulnerable to this attack because they fail to appropriately secure the network layer.
doi_str_mv	10.1109/MIC.2011.24
format	Article
fullrecord	<record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_5696718</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>5696718</ieee_id><sourcerecordid>875089249</sourcerecordid><originalsourceid>FETCH-LOGICAL-c312t-2151d5090909bbde115e54e62f36a6385efb7bd2c686ea0e8206c4073c51466f3</originalsourceid><addsrcrecordid>eNpd0LFOwzAQBmALgUQpTIwsEQsDcvE5tuOwoaqFSi0Mhdlykgu4TZNgpwLenpQiBuThrNOn091PyDmwEQBLbxaz8YgzgBEXB2QAqQDKIIbD_s90ShPN4JichLBijGnNYUBmU--wLqirafeGdOGKosLorutsvg630eSzrRrXufo1Wja5s1X0iN1H49c_HddhiMrGR8vWbk7JUWmrgGe_dUheppPn8QOdP93PxndzmsfAO8pBQiFZuntZViCARClQ8TJWVsVaYpklWcFzpRVahpozlQuWxLkEoVQZD8nVfm7rm_cths5sXMixqmyNzTYYncj-Vi7SXl7-k6tm6-t-OaMV11yAlj263qPcNyF4LE3r3cb6LwPM7EI1fahmF6rhotcXe-0Q8U9KlaoEdPwNwvlwMA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>862824185</pqid></control><display><type>article</type><title>Friend-in-the-Middle Attacks: Exploiting Social Networking Sites for Spam</title><source>IEEE Electronic Library (IEL)</source><creator>Huber, M ; Mulazzani, M ; Weippl, E ; Kitzler, G ; Goluch, S</creator><creatorcontrib>Huber, M ; Mulazzani, M ; Weippl, E ; Kitzler, G ; Goluch, S</creatorcontrib><description>Friend-in-the-middle attacks on social networking sites can be used to harvest social data in an automated fashion. Attackers can then exploit this data for large-scale attacks using context-aware spam and social phishing. The authors prove the feasibility of such an attack and simulate the impact on Facebook. Alarmingly, all major social networking sites are vulnerable to this attack because they fail to appropriately secure the network layer.</description><identifier>ISSN: 1089-7801</identifier><identifier>EISSN: 1941-0131</identifier><identifier>DOI: 10.1109/MIC.2011.24</identifier><identifier>CODEN: IICOFX</identifier><language>eng</language><publisher>Los Alamitos: IEEE</publisher><subject>Automated ; Cloning ; Computation ; Computer simulation ; Data mining ; Facebook ; Feasibility ; Internet ; Internet computing ; Networks ; phishing ; Security ; Social network services ; Social networking sites ; spam ; Spamming ; Unsolicited electronic mail</subject><ispartof>IEEE internet computing, 2011-05, Vol.15 (3), p.28-34</ispartof><rights>Copyright IEEE Computer Society May 2011</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c312t-2151d5090909bbde115e54e62f36a6385efb7bd2c686ea0e8206c4073c51466f3</citedby><cites>FETCH-LOGICAL-c312t-2151d5090909bbde115e54e62f36a6385efb7bd2c686ea0e8206c4073c51466f3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/5696718$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,796,27923,27924,54757</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/5696718$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Huber, M</creatorcontrib><creatorcontrib>Mulazzani, M</creatorcontrib><creatorcontrib>Weippl, E</creatorcontrib><creatorcontrib>Kitzler, G</creatorcontrib><creatorcontrib>Goluch, S</creatorcontrib><title>Friend-in-the-Middle Attacks: Exploiting Social Networking Sites for Spam</title><title>IEEE internet computing</title><addtitle>MIC</addtitle><description>Friend-in-the-middle attacks on social networking sites can be used to harvest social data in an automated fashion. Attackers can then exploit this data for large-scale attacks using context-aware spam and social phishing. The authors prove the feasibility of such an attack and simulate the impact on Facebook. Alarmingly, all major social networking sites are vulnerable to this attack because they fail to appropriately secure the network layer.</description><subject>Automated</subject><subject>Cloning</subject><subject>Computation</subject><subject>Computer simulation</subject><subject>Data mining</subject><subject>Facebook</subject><subject>Feasibility</subject><subject>Internet</subject><subject>Internet computing</subject><subject>Networks</subject><subject>phishing</subject><subject>Security</subject><subject>Social network services</subject><subject>Social networking sites</subject><subject>spam</subject><subject>Spamming</subject><subject>Unsolicited electronic mail</subject><issn>1089-7801</issn><issn>1941-0131</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2011</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GNUQQ</sourceid><recordid>eNpd0LFOwzAQBmALgUQpTIwsEQsDcvE5tuOwoaqFSi0Mhdlykgu4TZNgpwLenpQiBuThrNOn091PyDmwEQBLbxaz8YgzgBEXB2QAqQDKIIbD_s90ShPN4JichLBijGnNYUBmU--wLqirafeGdOGKosLorutsvg630eSzrRrXufo1Wja5s1X0iN1H49c_HddhiMrGR8vWbk7JUWmrgGe_dUheppPn8QOdP93PxndzmsfAO8pBQiFZuntZViCARClQ8TJWVsVaYpklWcFzpRVahpozlQuWxLkEoVQZD8nVfm7rm_cths5sXMixqmyNzTYYncj-Vi7SXl7-k6tm6-t-OaMV11yAlj263qPcNyF4LE3r3cb6LwPM7EI1fahmF6rhotcXe-0Q8U9KlaoEdPwNwvlwMA</recordid><startdate>201105</startdate><enddate>201105</enddate><creator>Huber, M</creator><creator>Mulazzani, M</creator><creator>Weippl, E</creator><creator>Kitzler, G</creator><creator>Goluch, S</creator><general>IEEE</general><general>IEEE Computer Society</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>3V.</scope><scope>7XB</scope><scope>8AL</scope><scope>8FE</scope><scope>8FG</scope><scope>8FK</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K7-</scope><scope>L6V</scope><scope>M0N</scope><scope>M7S</scope><scope>P5Z</scope><scope>P62</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>Q9U</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>F28</scope><scope>FR3</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>201105</creationdate><title>Friend-in-the-Middle Attacks: Exploiting Social Networking Sites for Spam</title><author>Huber, M ; Mulazzani, M ; Weippl, E ; Kitzler, G ; Goluch, S</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c312t-2151d5090909bbde115e54e62f36a6385efb7bd2c686ea0e8206c4073c51466f3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2011</creationdate><topic>Automated</topic><topic>Cloning</topic><topic>Computation</topic><topic>Computer simulation</topic><topic>Data mining</topic><topic>Facebook</topic><topic>Feasibility</topic><topic>Internet</topic><topic>Internet computing</topic><topic>Networks</topic><topic>phishing</topic><topic>Security</topic><topic>Social network services</topic><topic>Social networking sites</topic><topic>spam</topic><topic>Spamming</topic><topic>Unsolicited electronic mail</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Huber, M</creatorcontrib><creatorcontrib>Mulazzani, M</creatorcontrib><creatorcontrib>Weippl, E</creatorcontrib><creatorcontrib>Kitzler, G</creatorcontrib><creatorcontrib>Goluch, S</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>ProQuest Central (Corporate)</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>Computing Database (Alumni Edition)</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>Computer Science Database</collection><collection>ProQuest Engineering Collection</collection><collection>Computing Database</collection><collection>Engineering Database</collection><collection>Advanced Technologies & Aerospace Database</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>ProQuest Central Basic</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ANTE: Abstracts in New Technology & Engineering</collection><collection>Engineering Research Database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE internet computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Huber, M</au><au>Mulazzani, M</au><au>Weippl, E</au><au>Kitzler, G</au><au>Goluch, S</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Friend-in-the-Middle Attacks: Exploiting Social Networking Sites for Spam</atitle><jtitle>IEEE internet computing</jtitle><stitle>MIC</stitle><date>2011-05</date><risdate>2011</risdate><volume>15</volume><issue>3</issue><spage>28</spage><epage>34</epage><pages>28-34</pages><issn>1089-7801</issn><eissn>1941-0131</eissn><coden>IICOFX</coden><abstract>Friend-in-the-middle attacks on social networking sites can be used to harvest social data in an automated fashion. Attackers can then exploit this data for large-scale attacks using context-aware spam and social phishing. The authors prove the feasibility of such an attack and simulate the impact on Facebook. Alarmingly, all major social networking sites are vulnerable to this attack because they fail to appropriately secure the network layer.</abstract><cop>Los Alamitos</cop><pub>IEEE</pub><doi>10.1109/MIC.2011.24</doi><tpages>7</tpages></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 1089-7801
ispartof	IEEE internet computing, 2011-05, Vol.15 (3), p.28-34
issn	1089-7801 1941-0131
language	eng
recordid	cdi_ieee_primary_5696718
source	IEEE Electronic Library (IEL)
subjects	Automated Cloning Computation Computer simulation Data mining Facebook Feasibility Internet Internet computing Networks phishing Security Social network services Social networking sites spam Spamming Unsolicited electronic mail
title	Friend-in-the-Middle Attacks: Exploiting Social Networking Sites for Spam
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-08T21%3A16%3A59IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Friend-in-the-Middle%20Attacks:%20Exploiting%20Social%20Networking%20Sites%20for%20Spam&rft.jtitle=IEEE%20internet%20computing&rft.au=Huber,%20M&rft.date=2011-05&rft.volume=15&rft.issue=3&rft.spage=28&rft.epage=34&rft.pages=28-34&rft.issn=1089-7801&rft.eissn=1941-0131&rft.coden=IICOFX&rft_id=info:doi/10.1109/MIC.2011.24&rft_dat=%3Cproquest_RIE%3E875089249%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=862824185&rft_id=info:pmid/&rft_ieee_id=5696718&rfr_iscdi=true