DocumentCode
1431727
Title
Friend-in-the-Middle Attacks: Exploiting Social Networking Sites for Spam
Author
Huber, Markus ; Mulazzani, Martin ; Weippl, Edgar ; Kitzler, Gerhard ; Goluch, Sigrun
Volume
15
Issue
3
fYear
2011
Firstpage
28
Lastpage
34
Abstract
Friend-in-the-middle attacks on social networking sites can be used to harvest social data in an automated fashion. Attackers can then exploit this data for large-scale attacks using context-aware spam and social phishing. The authors prove the feasibility of such an attack and simulate the impact on Facebook. Alarmingly, all major social networking sites are vulnerable to this attack because they fail to appropriately secure the network layer.
Keywords
computer crime; social networking (online); ubiquitous computing; unsolicited e-mail; Facebook; context aware spam; friend-in-the-middle attack; large scale attack; social networking site; social phishing; Cloning; Data mining; Facebook; Security; Social network services; Unsolicited electronic mail; Internet computing; Social networking sites; phishing; spam;
fLanguage
English
Journal_Title
Internet Computing, IEEE
Publisher
ieee
ISSN
1089-7801
Type
jour
DOI
10.1109/MIC.2011.24
Filename
5696718
Link To Document