ABSTRACT
In this paper, we propose to use a continuous authentication approach to detect the in-situ identity fraud incidents, which occur when the attackers use the same devices and IP addresses as the victims. Using Facebook as a case study, we show that it is possible to detect such incidents by analyzing SNS users' browsing behavior. Our experiment results demonstrate that the approach can achieve reasonable accuracy given a few minutes of observation time.
- Josh Constine. Facebook has users identify friends in photos to verify accounts, prevent unauthorized access. http://www.insidefacebook.com/2010/07/26/facebook-photos-verify/, 2010.Google Scholar
- Josh Constine. Facebook asks every user for a verified phone number to prevent security disaster. http://techcrunch.com/2012/06/14/facebook-security-tips/, 2012.Google Scholar
- Facebook. Removal of offline_access permission. https://developers.facebook.com/roadmap/offline-access-removal/.Google Scholar
- Keith Hampton. Social networking sites and our lives part 2: Who are social networking site users' http://pewinternet.org/Reports/2011/Technology-and-social-networks/Part-2/Facebook-activities.aspx, 2011.Google Scholar
- Ed Hansberry. Most consumers don't lock mobile phone via PIN. http://www.informationweek.com/mobility/security/most-consumers-dont-lock-mobile-phone-vi/231700155, 2011.Google Scholar
- Adam N Joinson. Looking at, looking up or keeping up with people?: motives and use of Facebook. In Proc. of ACM CHI 2008, pages 1027--1036, 2008. Google ScholarDigital Library
- Paul Mah. Stored passwords add to mobile security risks. http://www.itbusinessedge.com/cm/blogs/mah/stored-passwords-add-to-mobile-security-risks/?cs=47183, 2011.Google Scholar
- Maja Pusara and Carla E Brodley. User re-authentication via mouse movements. In Proc. of the ACM Workshop on Visualization and data mining for computer security, pages 1--8, 2004. Google ScholarDigital Library
- SJ Shepherd. Continuous authentication by analysis of keyboard typing characteristics. In European Convention on Security and Detection, pages 111--114, 1995.Google ScholarCross Ref
- Credant Technologies. Phone data makes 4.2 million* brits vulnerable to ID theft. http://www.credant.com/news-a-events/press-releases/69-phone-data-makes-42-million-brits-vulnerable-to-id-theft.html.Google Scholar
- Roger Yu. Lost cellphones added up fast in 2011. http://usatoday30.usatoday.com/tech/news/story/2012-03--22/lost-phones/53707448/1, 2012.Google Scholar
Index Terms
- Detecting in-situ identity fraud on social network services: a case study on facebook
Recommendations
Detecting TCP SYN Flood Attack Based on Anomaly Detection
NETAPPS '10: Proceedings of the 2010 Second International Conference on Network Applications, Protocols and ServicesTransmission Control Protocol (TCP) Synchronized (SYN) Flood has become a problem to the network management to defend the network server from being attacked by the malicious attackers. The malicious attackers can easily exploit the TCP three-way ...
Social Media Anomaly Detection: Challenges and Solutions
WSDM '17: Proceedings of the Tenth ACM International Conference on Web Search and Data MiningAnomaly detection is of critical importance to prevent malicious activities such as bullying, terrorist attack planning, and fraud information dissemination. With the recent popularity of social media, new types of anomalous behaviors arise, causing ...
Social capital, social network and identity bonds: a reconceptualization
C&T '09: Proceedings of the fourth international conference on Communities and technologiesWe argue that along with social network analysis, or approaches focusing on social ties and social networks, researchers in information science can also benefit from looking at the identity bonding perspective. In this paper, by synthetic and critical ...
Comments