Шыхалиев Рамиз Г.

Сегодня в Интернете имеется множество социальных сетей.  Эти социальные сети весьма  популярны и играют очень важную роль в жизни людей. Однако социальные сети приводят к появлению новых рисков в области информационной безопасности. Эти риски связаны с такими угрозами, как распространение вредоносных программ и спамов, а также угрозами к учетным записям социальных сетей, преследованием, обманом и т.д. Статья посвящена анализу имеющихся в социальных сетях угроз и вопросам защиты от них. (стр. 80-88)

Ключевые слова:социальная сеть, вредоносная программа, спам, фишинг, фальшивый профиль.
  • Stern J., Introduction to web 2.0 technologies, http://www.wlac.edu
  • İmamverdiyev Y., Sosial media və təhlükəsizlik problemləri / Beynəlxalq Telekommunikasiya İttifaqının 150 illiyinə həsr olunmuş İnformasiya təhlükəsizliyinin multidissiplinar problemləri üzrə II Respublika elmi-praktiki konfransı, 2015, səh. 189-192.
  • http://www.statista.com/topics/1164/social-networks/
  • Stringhini G., Kruegel C., Vigna G., Detecting spammers on social networks / Proc. of the 26th annual computer security applications conference, 2010, pp. 1-9.
  • Jacoby D., Facebook security phishing attack in the wild, https://securelist.com/blog/events/31951/facebook-security-phishing-attack-in-the-wild-14
  • https://en.wikipedia.org/wiki/Malware
  • https://en.wikipedia.org/wiki/Spamming/
  • https://en.wikipedia.org/wiki/Phishing
  • Baltazar J., Costoya J., Flores R., The real face of koobface: The largest web 2.0 botnet explained, Trend Micro Res., 2009, vol. 5, no. 9, 10 p.
  • Amin T., Okhiria O., Lu J., An J., Facebook: A comprehensive analysis of phishing on a social system, EECE 412 Term Project Report, 2010, 6p., http://www.courses.ece.ubc.ca/412/term_project/reports/ 2010/facebook.pdf
  • Cavit D. Microsoft security intelligence report, 2010, vol. 10, 89 p. http://www.microsoft.com/en-us/download/details.aspx?id=17030
  • Fire M., Katz G., and Elovici Y., Strangers intrusion detection-detecting spammers and fake profiles in social networks based on topology anomalies / ASE human journal, 2012, 1, no. 1, pp. 26-39.
  • Lundeen R., Ou J., Rhodes T., New ways I’m going to hack your web app // of the Blackhat AD, 2011, pp. 1-11.
  • McMillan R., Researchers make wormy twitter attack / PCWorld, 2009, http://www.pcworld.idg.com.au/article/296382/researchers_make_wormy_twitter_attack/
  • Krishnamurthy B., Wills C. E., On the leakage of personally identifiable information via online social networks // of the 2nd ACM workshop on online social networks, 2009, pp. 7-12.
  • Wondracek G., Holz T., Kirda E., and Kruegel C., A practical attack to de-anonymize social network users // of the security and privacy IEEE symposium, 2010, pp. 223-238.
  • Peled O., Fire M., Rokach L., Elovici Y. Entity matching in online social networks // of the international conference on social computing, 2013, pp. 339-344.
  • Facebook, Form 10-k (Annual Report)—Filed 02/01/13 for the Period Ending 12/31/12, 2013, 139 p., http://ficom/downloads/AMDA-NJ5DZ/2301311196x0 xS1326801-13-3/1326801/1326801-13-3.pdf
  • The Faces of Facebook, http://www.app.thefacesoffacebook.com/
  • Douceur J. R., The sybil attack // of the 1st international workshop on peer-to-peer systems, 2002, pp. 251-260, http://www.dl.acm.org/citation.cfm?id=646334.687813
  • Gao H. Detecting and characterizing social spam campaigns // of the 10th ACM SIGCOMM conference on Internet measurement, 2010, pp. 35-47.
  • Boshmaf Y., Muslukhov I., Beznosov K., and Ripeanu M., The socialbot network: When bots socialize for fame and money // of the 27th annual computer security applications conference, 2011, pp. 93-102.
  • Jeffries A., Facebook’s security check asks users to identify photos of friends’ dogs, Gummi Bears [UPDATED], 2010, http://readwrite.com/2010/08/04/facebooks_security_check_asks_users_to_identify_ph
  • Song A., Introducing login approvals, 2011, https://www.facebook.com/note.php?note_id=10150172618258920
  • Liu Y., Gummadi K., Krishnamurthy B., and Mislove A., Analyzing facebook privacy settings: User expectations vs. reality // of the ACM SIGCOMM conference on Internet measurement conference, 2011, pp. 61-70.
  • Mahmood S., Desmedt Y., Poster: Preliminary analysis of google+’s privacy // of the 18th ACM conference on Computer and communications security, 2011, pp. 809-812.
  • Facebook, Facebook Help Center: Privacy, http://www.facebook.com/help/privacy
  • Axten S., Staying in control of your facebook logins, https://www.facebook.com/notes/facebook/staying-in-control-of-your-facebook-logins/389991097130
  • Fire M., Kagan D., Elyashar A., and Elovici Y., Friend or foe? Fake profile identification in online social networks / Springer journal of social network analysis and mining, 2014, vol.4 no.1, pp 194-216.
  • Chowdhury A., State of twitter spam, 2010, https://blog.twitter.com/2010/state-twitter-spam
  • Stein T., Chen E., and Mangla K., Facebook immune system // of the 4th workshop on social network systems, 2011, pp. 1–8.
  • Facebook, Report abuse or policy violations, https://www.facebook.com/report
  • Axon S., Facebook Will Add a Panic Button for U.K. Teens, Jul. 2010., http://www.mashable.com/2010/07/11/facebook-panic-button-ceop
  • AVG, Avg Privacyfix: http://www.privacyficom
  • Symantec, Norton Safe Web: https://www.facebook.com/appcenter/nortonsafeweb
  • McAfee, Mcafee Social Protection Beta: https://www.protectmediaonline.com
  • Lipford H. R., Besmer A., Watson J., Understanding privacy settings in facebook with an audience view // of the 1st conference on usability, psychology, and security, 2008, pp. 21-28.
  • Luo W., Xie Q, Hengartner U, FaceCloak: An architecture for user privacy on social networking sites, // of the international conference on computational science and engineering, 2009, vol. 3, pp. 26-33.
  • Fang L., LeFevre K., Privacy wizards for social networking sites // of the 19th international conference on world wide web, 2010, pp. 351-360.
  • Garera S., Provos N., Chew M., Rubin A. D., A framework for detection and measurement of phishing attacks // of the ACM workshop on recurring malcode, 2007, pp. 1-8.
  • Ma J., L. Saul K., Savage S., Voelker G. M., Beyond blacklists: Learning to detect malicious web sites from suspicious urls // of the 15th ACM SIGKDD international conference on knowledge discovery and data mining, 2009, pp. 1245-1254.
  • Xiang G., Hong J., Rose C. P., Cranor L., CANTINA+ A feature-rich machine learning framework for detecting phishing web sites / A ACM transactions on information and system security 2011, vol. 14, no. 2, pp. 1-28.
  • Lee S., Kim J., Warningbird: Detecting suspicious urls in twitter stream // Proc. Of the 19th Annual Network & Distributed System Security Symposium, 2012, pp. 1-
  • Benevenuto F., Rodrigues T., Almeida V., Almeida J., Gonзalves M., Detecting spammers and content promoters in online video social networks // of the 32nd international ACM SIGIR conference on research and development in information retrieval, 2009, pp. 620-627.
  • Wang A., Don’t follow me: Spam detection in twitter // of the international conference on security and cryptography, 2010, pp. 1-10.
  • Aggarwal A., Almeida J., Kumaraguru P., Detection of spam tipping behaviour on foursquare // of the. 22nd international conference on World Wide Web, 2013, pp. 641-648.
  • Kontaxis G., Polakis I., Ioannidis S., Markatos E., Detecting social network profile cloning // of the IEEE international conference on pervasive computing and communications workshops, 2011, pp. 295-300.
  • Shan Z., Cao H., Lv J., Yan C., and Liu A., Enhancing and identifying cloning attacks in online social networks // of the 7th international conference on ubiquitous information management and communication, 2013, pp. 17-19.
  • Koll D., Jun Li, Stein, J., Xiaoming Fu, On the state of OSN-based Sybil defenses // of the IFIP networking conference, 2014, pp. 1-9.
  • Yu H., Kaminsky M., Gibbons P., and Flaxman A., Sybilguard: Defending against sybil attacks via social networks // of the conference on applications, technologies, architectures, and protocols for computer communications, 2006, vol. 36, no. 4, pp. 267-278.
  • Yu H., Gibbons P. B., Kaminsky M., and Xiao F., Sybillimit: A nearoptimal social network defense against sybil attacks / IEEE/ACM transactions on networking, 2010, vol. 18, no. 3, pp. 885-898.
  • Danezis G. and Mittal P., Sybilinfer: Detecting sybil nodes using social networks // of the 16th annual network & distributed system security symposium, 2009, 16 p.
  • Cao Q., Sirivianos M., Yang X., Pregueiro T., Aiding the detection of fake accounts in large scale social online services // of the 9th USENIX conference on networked systems design and implementation, 2012, p. 15.