Chapter

Soft Estimates for Social Engineering Attack Propagation Probabilities Depending on Interaction Rates Among Instagram Users

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

The purpose of this article is to propose an approach to denoting the parameters of the model for assessing the probability of success of a multi-pass social engineering attack of an attacker on a user. These parameters characterize the evaluation of the probability of propagation of social engineering attacks from user to user in one type of interaction. These estimates are related to the intensity of user interaction, information about which is extracted from data obtained from social Media. The article proposes an approach to the conversion of information about the episodes of interaction between users in the social Media Instagram in assessing the probability of the spread of social engineering attack, based on the Khovanov method. The obtained results help produce social network analysis and serve as a basis for the subsequent analysis of possible trajectories of the spread of multi-pass social engineering attacks, allowing the simulation of social engineering attacks and automated calculation of estimates of the success of the attack on different trajectories. The novelty of the research is to the application quantification method to social links in the context of social engineering attacks.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

Chapter
The task of user accounts matching in different social media and determining those belonging to the same user is relevant in various contexts related to the analysis of social media. The solution of this problem is of both theoretical importance and allows you to expand the understanding of the behavior of users in social media, as well as practical and can be applied to collect data about a single user. This work is devoted to solving the problem of automation of matching the accounts of social media users by analyzing the graphic content posted in the accounts. Previously, a method was proposed to solve this problem, based on the use of a number of content features, the current study develops the proposed approach by searching for duplicate images using SIRF. As a result, a new model for classifying pairs of accounts into the classes “belongs to one user” and “does not belong to one user” was proposed, which achieved higher accuracy and f-score compared to previous results.
Chapter
The purpose of this study is to propose approaches to validation of quantification of variable “relationship between users” in the context of social engineering attacks, as well as consideration of the accuracy of the proposed model, correlativity checks of used in research formulations and desired characteristics and other conditions necessary for implementation when conducting such kind of research. The contribution to the theory of the research area consist in providing approaches to validate of quantification the variable. The practical significance of the results consists in the formation of the basis for the subsequent use of “types of relationship between users” estimates for solving of problems of analysis of the trajectories of propagation of multistep social engineering attacks. The knowledge of such estimates would identify the vulnerabilities on the social graph of the company employees. In addition, this study is one of the components of the foundation for the follow-up diagnostics of information systems in order to identify vulnerabilities to social engineering attacks, and can be used in solving social computing problems. The novelty of the study is validated of quantification the variable of “types of relationship between users”.
Article
Full-text available
Online social networks (OSN) are one of the most popular forms of modern communication and among the best known is Facebook. Information about the connection between users on the OSN is often very scarce. It's only known if users are connected, while the intensity of the connection is unknown. The aim of the research described was to determine and quantify friendship intensity between OSN users based on analysis of their interaction. We built a mathematical model, which uses: supervised machine learning algorithm Random Forest, experimentally determined importance of communication parameters and coefficients for every interaction parameter based on answers of research conducted through a survey. Taking user opinion into consideration while designing a model for calculation of friendship intensity is a novel approach in opposition to previous researches from literature. Accuracy of the proposed model was verified on the example of determining a better friend in the offered pair.
Article
Full-text available
Understanding factors associated with tie strength in social networks is essential in a wide variety of settings. With the internet and cellular phones providing additional avenues of communication, measuring and inferring tie strength has become much more complex. We introduce the social bow tie framework, which consists of a focal tie and all actors connected to either or both of the two focal nodes on either side of the focal tie. We also define several intuitive and interpretable metrics that quantify properties of the bow tie which enable us to investigate associations between the strength of the "central" tie and properties of the bow tie. We combine the bow tie framework with machine learning to investigate what aspects of the bow tie are most predictive of tie strength in two very different types of social networks, a collection of medium-sized social networks from 75 rural villages in India and a nationwide call network of European mobile phone users. Our results show that tie strength depends not only on the properties of shared friends, but also on non-shared friends, those observable to only one person in the tie, hence introducing a fundamental asymmetry to social interaction.
Article
Full-text available
The process of social engineering targets people rather than IT infrastructure. Attackers use deceptive ploys to create compelling behavioural and cosmetic hooks, which in turn lead a target to disclose sensitive information or to interact with a malicious payload. The creation of such hooks requires background information on targets. Individuals are increasingly releasing information about themselves online, particularly on social networks. Though existing research has demonstrated the social engineering risks posed by such open source intelligence, this has been accomplished either through resource-intensive manual analysis or via interactive information harvesting techniques. As manual analysis of large-scale online information is impractical, and interactive methods risk alerting the target, alternatives are desirable. In this paper, we demonstrate that key information pertinent to social engineering attacks on organisations can be passively harvested on a large-scale in an automated fashion. We address two key problems. We demonstrate that it is possible to automatically identify employees of an organisation using only information which is visible to a remote attacker as a member of the public. Secondly, we show that, once identified, employee profiles can be linked across multiple online social networks to harvest additional information pertinent to successful social engineering attacks. We further demonstrate our approach through analysis of the social engineering attack surface of real critical infrastructure organisations. Based on our analysis we propose a set of countermeasures including an automated social engineering vulnerability scanner that organisations can use to analyse their exposure to potential social engineering attacks arising from open source intelligence.
Article
Full-text available
Purpose The purpose of this paper is to focus on understanding the factors which affect the social interaction in the case of Facebook. Many authors point out the great potential of these networks for social interaction and as conduits of information. However, studies show that the topology of the network is disconnected, consisting of small sub-networks that make Facebook unsuitable for disseminating information. This situation has created the need to introduce exogenous factors, aimed at boosting and providing cohesion to the network structure. In this context, the authors test the following question: how exogenous and endogenous factors contribute to encouraging social interaction on Facebook. Design/methodology/approach For the analysis of social interaction on Facebook, a population consisting of all the followers of the walls of ten corporate social networks was used. From the total 269,424 users analyzed, a stratified sample of 132 followers was obtained and networks were built for each of them. The authors then proceeded to search for each follower’s friends and friends of friends to build the social network up to the fourth level, obtaining a total of 132 subnets with 1,628,074 links between them. To determine the impact of both exogenous and endogenous factors in the interaction of the network the authors performed a causal analysis. Findings The results obtained from this study provide empirical evidence on the adequacy of companies’ dynamization measures used and how exogenous and endogenous factors influence the social interaction on Facebook. Thus, the results show that exogenous factors, such as the activity of the community manager and the digital marketing investment in the network, do not have a significant effect on the interaction. On the other hand, endogenous factors, such as network density and clustering, have a positive effect on the trigger of social interaction between the followers. Therefore, companies must consider the importance of the structural factors that characterize network followers, such as density or clustering coefficient, to be able to interpret and optimize them to obtain higher levels of social interaction. Originality/value This is one of a few papers that examine interactions in social network sites (SNS), particularly in corporate network sites in Facebook. The results expose the importance for organizations to have reliable information on the patterns of interaction to properly manage the resources allocated for this purpose in SNS.
Article
Introduction: Social engineering attacks can be divided into two types: direct (one-way) and multi-pass ones, passing through a chain of users. Normally, there are several propagation paths for a multi-pass social engineering attack between two users. Estimates of the probabilities of an attack to spread along different trajectories will differ. Purpose: Identification of the most critical (most probable) trajectory for a multi-pass social engineering attack between two users. Methods: Methods of searching, matching and algorithm analysis are used to identify the most critical trajectory of attack propagation. They apply the information about the intensity of the interaction between employees in companies based on data extracted from social networks. These algorithms are reduced, using a number of transformations of the original data, to the algorithms of finding the shortest path in a graph. The estimates of a multi-path social engineering attack success probability are calculated with the methods of constructing an estimate of a complex event probability. Results: We have proposed an approach to identifying the most critical trajectories, whose estimate of the attack success probability is the highest. In the simplest case, the problem can be reduced to finding a path in the graph with the maximum product of the weights of all the edges involved. The resource intensity of the algorithm when searching for the most critical trajectory on a complete graph with a large number of vertices can be reduced with a specially developed technique. A brief overview of the methods and algorithms providing automated search for the most critical propagation path of a social engineering attack showed that in a general case it can be reduced, with some transformations, to the problem of finding the most critical trajectory using the configuration of Dijkstra and Bellman — Ford algorithms. The chosen algorithm was adapted for the specified context, and an approach was proposed to thin out the graph when searching for the most critical trajectory. The presented methods and algorithms are implemented in software code. Numerical experiments were performed to verify the calculation results. Practical relevance: The developed software based on the method and algorithm proposed in this article complements the functionality of the previous versions of software prototypes for analyzing the protection of information system users against social engineering attacks. It allows you to take into account a wider range of factors affecting the assessment of social engineering attack success probability.
Chapter
Measurement and expert estimates are never absolutely accurate. Thus, when we know the result M(u) of measurement or expert estimate, the actual value A(u) of the corresponding quantity may be somewhat different from M(u). In practical applications, it is desirable to know how different it can be, i.e., what are the bounds \(f(M(u))\le A(u)\le g(M(u))\). Ideally, we would like to know the tightest bounds, i.e., the largest possible values f(x) and the smallest possible values g(x). In this paper, we analyze for which (partially ordered) sets of values such tightest bounds always exist: it turns out that they always exist only for complete lattices.
Article
Releasing social network data could seriously breach user privacy. User profile and friendship relations are inherently private. Unfortunately, it is possible to predict sensitive information carried in released data latently by utilizing data mining techniques. Therefore, sanitizing network data prior to release is necessary. In this paper, we explore how to launch an inference attack exploiting social networks with a mixture of non-sensitive attributes and social relationships. We map this issue to a collective classification problem and propose a collective inference model. In our model, an attacker utilizes user profile and social relationships in a collective manner to predict sensitive information of related victims in a released social network dataset. To protect against such attacks, we propose a data sanitization method collectively manipulating user profile and friendship relations. The key novel idea lies that besides sanitizing friendship relations, the proposed method can take advantages of various data-manipulating methods. We show that we can easily reduce adversary’s prediction accuracy on sensitive information, while resulting in less accuracy decrease on non-sensitive information towards three social network datasets. To the best of our knowledge, this is the first work that employs collective methods involving various data-manipulating methods and social relationships to protect against inference attacks in social networks.
Article
In accordance with the requirements of the international Guide to the Expression of Uncertainty in Measurement, a new Bayes model has been developed for estimating the mathematical expectation and variance of a random quantity modeling the uncertainty of the result of a measurement of a discrete indicator. The model makes it possible to utilize nonnumerical, inaccurate, and incomplete information concerning the probability distribution of this random quantity.
Article
A new method of alternatives’ probabilities estimation under deficiency of expert numeric information (obtained from different sources) is proposed. The method is based on the Bayesian model of uncertainty randomization. Additional non-numeric, non-exact, and non-complete expert knowledge (NNN-knowledge, NNN-information) is used for final estimation of the alternatives’ probabilities. An illustrative example demonstrates the proposed method application to forecasting of oil shares price with the use of NNN-information obtained from different experts (investment firms).
Social engineering attacks: social networks and user security estimates
  • M V Abramov
  • T V Tulupyeva
  • A L Tulupyev
Context collapse and privacy management: diversity in facebook friends increases online news reading and sharing
  • M A Beam
  • J T Child
  • M J Hutchens
  • J D Hmielowski
  • MA Beam