Abstract
In recent years, online social networks (OSNs), such as Facebook, Twitter and Sina Weibo, have become extremely popular among Internet users. Unfortunately, attackers also utilize them to hide malicious attacks. Due to the significance of detecting malicious URLs in OSNs, multiple solutions have been offered by OSN operators, security companies, and academic researchers. Most of these solutions use machine-learning methods to train classification models based on different kinds of feature sets. However, most are ineffective because their selected features are conventional. In this paper, we focus on forwarding-based features because of the special connections between forwarding behavior and the propagation of malicious URLs. First, we conduct a comprehensive analysis of conventional URL feature sets. Then, we design some forwarding-based features and choose several graph-based features to combine with them in order to train a detection model. We evaluate the system using about 100,000 original messages collected from Sina Weibo, which is the largest OSN website in China. The high accuracy rate and low false positive rate show that forwarding-based features are much more effective in detecting malicious URLs in OSNs than are other more conventional features. To the best of our knowledge, this work is the first to analyze forwarding-based features in OSNs and offers a valuable contribution to this area of research.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Seeking alpha: Sina corporation’s ceo discusses q1 2013 results - earnings call transcript. http://seekingalpha.com/article/1442711-sina-corporations-ceo-discusses-q1-2013-results-earnings-call-transcript, Accessed Dec 2013
Eshete, B., Villafiorita, A., Weldemariam, K.: Binspect: holistic analysis and detection of malicious web pages. In: Security and Privacy in Communication Networks, pp. 149–166. Springer (2013)
Eshete, B., Villafiorita, A., Weldemariam, K.: Einspect: Evolution-guided analaysis and detection of malicious web pages. Technical report, Fondazione Bruno Kessler (2012)
Aggarwal, A., Rajadesingan, A., Kumaraguru, P.: Phishari: automatic realtime phishing detection on Twitter. In: eCrime Researchers Summit (eCrime), 2012, pp. 1–12. IEEE, (2012)
Rahman, M.S., Huang, T.-K., Madhyastha, H.V., Faloutsos, M.: Efficient and scalable socware detection in online social networks, In: USENIX Security (2012)
Yang, C., Harkreader, R.: Empirical evaluation and new design for fighting evolving Twitter spammers. IEEE Trans. Inf. Forensics Secur. 8(8), 1280–1293 (2013)
Lee, S., Kim, J.: Warningbird: detecting suspicious urls in Twitter stream. In: Symposium on Network and Distributed System Security (NDSS) (2012)
Gao, H., Chen, Y., Lee, K., Palsetia, D., Choudhary, A.N.: Towards online spam filtering in social networks, In: Symposium on Network and Distributed System Security (NDSS) (2012)
Xiang, G..: Toward a phish free world: a feature-type-aware cascaded learning framework for phish detection. PhD thesis, Carnegie Mellon University, (2013)
Wen, S., Zhou, W., Zhang, J., Xiang, Y., Zhou, W., Jia, W.: Modeling propagation dynamics of social network worms. IEEE Trans. Parallel Distrib. Syst. 24(8), 1633–1643 (2013)
Egele, M., Stringhini, G., Kruegel, C., Vigna, G.: Compa: detecting compromised accounts on social networks. In: NDSS (2013)
Lam, K.C., Lau, W.C., Yue, O.: Hitchbot-delivering malicious urls via social hitch-hiking. In: Global Telecommunications Conference (GLOBECOM 2011), 2011 IEEE, pp. 1–6. IEEE, (2011)
Martinez-Romo, J., Araujo, L.: Detecting malicious tweets in trending topics using a statistical analysis of language. Expert Syst. Appl. 40(8), 2992–3000 (2013)
Ahmed, F., Abulaish, M.: An mcl-based approach for spam profile detection in online social networks. In: IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 , pp. 602–608. IEEE, (2012)
Rahman, M.S., Huang, T.-K., Madhyastha, H.V., Faloutsos, M.: Frappe: detecting malicious facebook applications. In: Proceedings of the 8th International Conference on Emerging Networking Experiments and Technologies, pp. 313–324. ACM, (2012)
Google safe browsing api. https://developers.google.com/safe-browsing/?hl=zh-CN, Accessed Dec 2013
Honeypot. http://old.honeynet.org/, Accessed Dec 2013
Egan, S., Irwin, B.: An evaluation of lightweight classification methods for identifying malicious urls. In: Information Security South Africa (ISSA), 2011, pp. 1–6. IEEE, (2011)
Ma, J., Saul, L.K., Savage, S., Voelker, G.M.: Learning to detect malicious urls. ACM Trans. Intell. Syst. Technol (TIST) 2(3), 30 (2011)
Sina weibo api. http://open.weibo.com/, Accessed Dec 2013
Acknowledgments
This work is supported by the National Natural Science Foundation of China under Grant Nos. 61170265 and 61472162.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Cao, J., Li, Q., Ji, Y. et al. Detection of Forwarding-Based Malicious URLs in Online Social Networks. Int J Parallel Prog 44, 163–180 (2016). https://doi.org/10.1007/s10766-014-0330-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10766-014-0330-9