• DocumentCode
    1431727
  • Title

    Friend-in-the-Middle Attacks: Exploiting Social Networking Sites for Spam

  • Author

    Huber, Markus ; Mulazzani, Martin ; Weippl, Edgar ; Kitzler, Gerhard ; Goluch, Sigrun

  • Volume
    15
  • Issue
    3
  • fYear
    2011
  • Firstpage
    28
  • Lastpage
    34
  • Abstract
    Friend-in-the-middle attacks on social networking sites can be used to harvest social data in an automated fashion. Attackers can then exploit this data for large-scale attacks using context-aware spam and social phishing. The authors prove the feasibility of such an attack and simulate the impact on Facebook. Alarmingly, all major social networking sites are vulnerable to this attack because they fail to appropriately secure the network layer.
  • Keywords
    computer crime; social networking (online); ubiquitous computing; unsolicited e-mail; Facebook; context aware spam; friend-in-the-middle attack; large scale attack; social networking site; social phishing; Cloning; Data mining; Facebook; Security; Social network services; Unsolicited electronic mail; Internet computing; Social networking sites; phishing; spam;
  • fLanguage
    English
  • Journal_Title
    Internet Computing, IEEE
  • Publisher
    ieee
  • ISSN
    1089-7801
  • Type

    jour

  • DOI
    10.1109/MIC.2011.24
  • Filename
    5696718