TY - GEN
T1 - SocialImpact
T2 - 17th European Symposium on Research in Computer Security, ESORICS 2012
AU - Zhao, Ziming
AU - Ahn, Gail-Joon
AU - Hu, Hongxin
AU - Mahi, Deepinder
PY - 2012/9/5
Y1 - 2012/9/5
N2 - Existing research on net-centric attacks has focused on the detection of attack events on network side and the removal of rogue programs from client side. However, such approaches largely overlook the way on how attack tools and unwanted programs are developed and distributed. Recent studies in underground economy reveal that suspicious attackers heavily utilize online social networks to form special interest groups and distribute malicious code. Consequently, examining social dynamics, as a novel way to complement existing research efforts, is imperative to systematically identify attackers and tactically cope with net-centric threats. In this paper, we seek a way to understand and analyze social dynamics relevant to net-centric attacks and propose a suite of measures called SocialImpact for systematically discovering and mining adversarial evidence. We also demonstrate the feasibility and applicability of our approach by implementing a proof-of-concept prototype Cassandra with a case study on real-world data archived from the Internet.
AB - Existing research on net-centric attacks has focused on the detection of attack events on network side and the removal of rogue programs from client side. However, such approaches largely overlook the way on how attack tools and unwanted programs are developed and distributed. Recent studies in underground economy reveal that suspicious attackers heavily utilize online social networks to form special interest groups and distribute malicious code. Consequently, examining social dynamics, as a novel way to complement existing research efforts, is imperative to systematically identify attackers and tactically cope with net-centric threats. In this paper, we seek a way to understand and analyze social dynamics relevant to net-centric attacks and propose a suite of measures called SocialImpact for systematically discovering and mining adversarial evidence. We also demonstrate the feasibility and applicability of our approach by implementing a proof-of-concept prototype Cassandra with a case study on real-world data archived from the Internet.
UR - http://www.scopus.com/inward/record.url?scp=84865577915&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84865577915&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-33167-1_50
DO - 10.1007/978-3-642-33167-1_50
M3 - Conference contribution
AN - SCOPUS:84865577915
SN - 9783642331664
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 877
EP - 894
BT - Computer Security, ESORICS 2012 - 17th European Symposium on Research in Computer Security, Proceedings
Y2 - 10 September 2012 through 12 September 2012
ER -