Harvesting the Low-hanging Fruits: Defending Against Automated Large-Scale Cyber-Intrusions by Focusing on the Vulnerable Population Hassan Halawa 1 , Konstantin Beznosov 1 , Yazan Boshmaf 2 , Baris Coskun 3 , Matei Ripeanu 1 , and Elizeu Santos-Neto 4 1 The University of British Columbia 2 Qatar Computing Research Institute 3 Yahoo! Research 4 Google, Inc.
35
Embed
Harvesting the Low-hanging Fruits Defending Against ...matei/papers/nspw16slides.pdf · Íntegro: Leveraging Victim Prediction for Robust Fake Account Detection in Large Scale OSNs.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Harvesting the Low-hanging Fruits:Defending Against Automated Large-Scale
Cyber-Intrusions by Focusing on the Vulnerable Population
Hassan Halawa 1, Konstantin Beznosov 1, Yazan Boshmaf 2,Baris Coskun 3, Matei Ripeanu 1, and Elizeu Santos-Neto 4
1 The University of British Columbia2 Qatar Computing Research Institute
3 Yahoo! Research4 Google, Inc.
Focus on the vulnerable population
Proposed Paradigm
2
Current vs. Proposed Paradigm
3
Phishing
4
Phishing
5
Phishing
6
Phishing
7
Efficient Compromise-Detection Campaigns
Phishing
8
Personalized ControlsImmunization
Efficient Compromise-Detection Campaigns
Phishing
9
Throttled OutboxDelayed Inbox
Personalized ControlsImmunization
Efficient Compromise-Detection Campaigns
Predicting the vulnerable population
10
Advantages of the proposed paradigm
11
● Proactive
● Targeted
● Efficient
● Robust
Intermission
12
Focus on detecting theattacks/attackers
Current Paradigm
13
Problems with the current paradigm
14[SNS’11] Tao Stein, Erdong Chen, and Karan Mangla. 2011. Facebook immune system.
In Proceedings of the 4th Workshop on Social Network Systems (SNS'11). ACM, pp. 8, New York, NY, USA.
Fake Accounts in OSNs
15
Enhanced Graph-Based Defences
Customized User Experience
Efficient Compromise-Detection Campaigns
Íntegro: in a nutshell
16[ECS’16] Boshmaf, Y., Logothetis, D., Siganos, G., Lería, J., Lorenzo, J., Ripeanu, M., Beznosov, K., and Halawa, H. (2016).
Íntegro: Leveraging Victim Prediction for Robust Fake Account Detection in Large Scale OSNs.
Elsevier Computers & Security. 61: 142-168.
Íntegro: System Model
17[ECS’16] Boshmaf, Y., Logothetis, D., Siganos, G., Lería, J., Lorenzo, J., Ripeanu, M., Beznosov, K., and Halawa, H. (2016).
Íntegro: Leveraging Victim Prediction for Robust Fake Account Detection in Large Scale OSNs.
Elsevier Computers & Security. 61: 142-168.
Íntegro: Trust Propagation
18
[ECS’16] Boshmaf, Y., Logothetis, D., Siganos, G., Lería, J., Lorenzo, J., Ripeanu, M., Beznosov, K., and Halawa, H. (2016).
Íntegro: Leveraging Victim Prediction for Robust Fake Account Detection in Large Scale OSNs.
Elsevier Computers & Security. 61: 142-168.
Summary
19
Harvesting the Low-hanging Fruits:Defending Against Automated Large-Scale
Cyber-Intrusions by Focusing on the Vulnerable Population
Hassan Halawa 1, Konstantin Beznosov 1, Yazan Boshmaf 2,Baris Coskun 3, Matei Ripeanu 1, and Elizeu Santos-Neto 4
1 The University of British Columbia2 Qatar Computing Research Institute
3 Yahoo! Research4 Google, Inc.
Contact Email: [email protected] Web Site: http://netsyslab.ece.ubc.ca/wiki/index.php/Artemis