AZƏRBAYCAN MİLLİ ELMLƏR AKADEMİYASI
SOSİAL ŞƏBƏKƏLƏRDƏ TƏHLÜKƏSİZLİK PROBLEMLƏRİ
Şıxəliyev Ramiz H.

Bu gün İnternetdə çoxlu sayda sosial şəbəkələr mövcuddur. Bu sosial şəbəkələr çox populyardır və insanların həyatında vacib rol oynayır. Bunula yanaşı, sosial şəbəkələr informasiya təhlükəsizliyi sahəsində yeni risklərin yaranmasına gətirib çıxarmışdır. Bu risklər ziyanlı proqramların və spamların yayılması, sosial mühəndislik və sosial şəbəkə hesablarına hücumların həyata keçirilməsi, izləmə, aldatma və s. kimi təhlükələrlə bağlıdır. Məqalə sosial şəbəkələrdə mövcud təhlükələrin analizinə və onlardan qorunma məsələlərinə həsr olunmuşdur. (səh. 80-88)

Açar sözlər:sosial şəbəkə, ziyanlı proqram, spam, fişinq, saxta profil.
Ədəbiyyat
  • Stern J., Introduction to web 2.0 technologies, http://www.wlac.edu
  • İmamverdiyev Y., Sosial media və təhlükəsizlik problemləri / Beynəlxalq Telekommunikasiya İttifaqının 150 illiyinə həsr olunmuş İnformasiya təhlükəsizliyinin multidissiplinar problemləri üzrə II Respublika elmi-praktiki konfransı, 2015, səh. 189-192.
  • http://www.statista.com/topics/1164/social-networks/
  • Stringhini G., Kruegel C., Vigna G., Detecting spammers on social networks / Proc. of the 26th annual computer security applications conference, 2010, pp. 1-9.
  • Jacoby D., Facebook security phishing attack in the wild, https://securelist.com/blog/events/31951/facebook-security-phishing-attack-in-the-wild-14
  • https://en.wikipedia.org/wiki/Malware
  • https://en.wikipedia.org/wiki/Spamming/
  • https://en.wikipedia.org/wiki/Phishing
  • Baltazar J., Costoya J., Flores R., The real face of koobface: The largest web 2.0 botnet explained, Trend Micro Res., 2009, vol. 5, no. 9, 10 p.
  • Amin T., Okhiria O., Lu J., An J., Facebook: A comprehensive analysis of phishing on a social system, EECE 412 Term Project Report, 2010, 6p., http://www.courses.ece.ubc.ca/412/term_project/reports/ 2010/facebook.pdf
  • Cavit D. Microsoft security intelligence report, 2010, vol. 10, 89 p. http://www.microsoft.com/en-us/download/details.aspx?id=17030
  • Fire M., Katz G., and Elovici Y., Strangers intrusion detection-detecting spammers and fake profiles in social networks based on topology anomalies / ASE human journal, 2012, 1, no. 1, pp. 26-39.
  • Lundeen R., Ou J., Rhodes T., New ways I’m going to hack your web app // of the Blackhat AD, 2011, pp. 1-11.
  • McMillan R., Researchers make wormy twitter attack / PCWorld, 2009, http://www.pcworld.idg.com.au/article/296382/researchers_make_wormy_twitter_attack/
  • Krishnamurthy B., Wills C. E., On the leakage of personally identifiable information via online social networks // of the 2nd ACM workshop on online social networks, 2009, pp. 7-12.
  • Wondracek G., Holz T., Kirda E., and Kruegel C., A practical attack to de-anonymize social network users // of the security and privacy IEEE symposium, 2010, pp. 223-238.
  • Peled O., Fire M., Rokach L., Elovici Y. Entity matching in online social networks // of the international conference on social computing, 2013, pp. 339-344.
  • Facebook, Form 10-k (Annual Report)—Filed 02/01/13 for the Period Ending 12/31/12, 2013, 139 p., http://ficom/downloads/AMDA-NJ5DZ/2301311196x0 xS1326801-13-3/1326801/1326801-13-3.pdf
  • The Faces of Facebook, http://www.app.thefacesoffacebook.com/
  • Douceur J. R., The sybil attack // of the 1st international workshop on peer-to-peer systems, 2002, pp. 251-260, http://www.dl.acm.org/citation.cfm?id=646334.687813
  • Gao H. Detecting and characterizing social spam campaigns // of the 10th ACM SIGCOMM conference on Internet measurement, 2010, pp. 35-47.
  • Boshmaf Y., Muslukhov I., Beznosov K., and Ripeanu M., The socialbot network: When bots socialize for fame and money // of the 27th annual computer security applications conference, 2011, pp. 93-102.
  • Jeffries A., Facebook’s security check asks users to identify photos of friends’ dogs, Gummi Bears [UPDATED], 2010, http://readwrite.com/2010/08/04/facebooks_security_check_asks_users_to_identify_ph
  • Song A., Introducing login approvals, 2011, https://www.facebook.com/note.php?note_id=10150172618258920
  • Liu Y., Gummadi K., Krishnamurthy B., and Mislove A., Analyzing facebook privacy settings: User expectations vs. reality // of the ACM SIGCOMM conference on Internet measurement conference, 2011, pp. 61-70.
  • Mahmood S., Desmedt Y., Poster: Preliminary analysis of google+’s privacy // of the 18th ACM conference on Computer and communications security, 2011, pp. 809-812.
  • Facebook, Facebook Help Center: Privacy, http://www.facebook.com/help/privacy
  • Axten S., Staying in control of your facebook logins, https://www.facebook.com/notes/facebook/staying-in-control-of-your-facebook-logins/389991097130
  • Fire M., Kagan D., Elyashar A., and Elovici Y., Friend or foe? Fake profile identification in online social networks / Springer journal of social network analysis and mining, 2014, vol.4 no.1, pp 194-216.
  • Chowdhury A., State of twitter spam, 2010, https://blog.twitter.com/2010/state-twitter-spam
  • Stein T., Chen E., and Mangla K., Facebook immune system // of the 4th workshop on social network systems, 2011, pp. 1–8.
  • Facebook, Report abuse or policy violations, https://www.facebook.com/report
  • Axon S., Facebook Will Add a Panic Button for U.K. Teens, Jul. 2010., http://www.mashable.com/2010/07/11/facebook-panic-button-ceop
  • AVG, Avg Privacyfix: http://www.privacyficom
  • Symantec, Norton Safe Web: https://www.facebook.com/appcenter/nortonsafeweb
  • McAfee, Mcafee Social Protection Beta: https://www.protectmediaonline.com
  • Lipford H. R., Besmer A., Watson J., Understanding privacy settings in facebook with an audience view // of the 1st conference on usability, psychology, and security, 2008, pp. 21-28.
  • Luo W., Xie Q, Hengartner U, FaceCloak: An architecture for user privacy on social networking sites, // of the international conference on computational science and engineering, 2009, vol. 3, pp. 26-33.
  • Fang L., LeFevre K., Privacy wizards for social networking sites // of the 19th international conference on world wide web, 2010, pp. 351-360.
  • Garera S., Provos N., Chew M., Rubin A. D., A framework for detection and measurement of phishing attacks // of the ACM workshop on recurring malcode, 2007, pp. 1-8.
  • Ma J., L. Saul K., Savage S., Voelker G. M., Beyond blacklists: Learning to detect malicious web sites from suspicious urls // of the 15th ACM SIGKDD international conference on knowledge discovery and data mining, 2009, pp. 1245-1254.
  • Xiang G., Hong J., Rose C. P., Cranor L., CANTINA+ A feature-rich machine learning framework for detecting phishing web sites / A ACM transactions on information and system security 2011, vol. 14, no. 2, pp. 1-28.
  • Lee S., Kim J., Warningbird: Detecting suspicious urls in twitter stream // Proc. Of the 19th Annual Network & Distributed System Security Symposium, 2012, pp. 1-
  • Benevenuto F., Rodrigues T., Almeida V., Almeida J., Gonзalves M., Detecting spammers and content promoters in online video social networks // of the 32nd international ACM SIGIR conference on research and development in information retrieval, 2009, pp. 620-627.
  • Wang A., Don’t follow me: Spam detection in twitter // of the international conference on security and cryptography, 2010, pp. 1-10.
  • Aggarwal A., Almeida J., Kumaraguru P., Detection of spam tipping behaviour on foursquare // of the. 22nd international conference on World Wide Web, 2013, pp. 641-648.
  • Kontaxis G., Polakis I., Ioannidis S., Markatos E., Detecting social network profile cloning // of the IEEE international conference on pervasive computing and communications workshops, 2011, pp. 295-300.
  • Shan Z., Cao H., Lv J., Yan C., and Liu A., Enhancing and identifying cloning attacks in online social networks // of the 7th international conference on ubiquitous information management and communication, 2013, pp. 17-19.
  • Koll D., Jun Li, Stein, J., Xiaoming Fu, On the state of OSN-based Sybil defenses // of the IFIP networking conference, 2014, pp. 1-9.
  • Yu H., Kaminsky M., Gibbons P., and Flaxman A., Sybilguard: Defending against sybil attacks via social networks // of the conference on applications, technologies, architectures, and protocols for computer communications, 2006, vol. 36, no. 4, pp. 267-278.
  • Yu H., Gibbons P. B., Kaminsky M., and Xiao F., Sybillimit: A nearoptimal social network defense against sybil attacks / IEEE/ACM transactions on networking, 2010, vol. 18, no. 3, pp. 885-898.
  • Danezis G. and Mittal P., Sybilinfer: Detecting sybil nodes using social networks // of the 16th annual network & distributed system security symposium, 2009, 16 p.
  • Cao Q., Sirivianos M., Yang X., Pregueiro T., Aiding the detection of fake accounts in large scale social online services // of the 9th USENIX conference on networked systems design and implementation, 2012, p. 15.