TY - GEN
T1 - Homing Socialbots
T2 - 2013 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, ASONAM 2013
AU - Elyashar, Aviad
AU - Fire, Michael
AU - Kagan, Dima
AU - Elovici, Yuval
PY - 2013/1/1
Y1 - 2013/1/1
N2 - One dimension on the Internet, which has gained great popularity in recent years are the online social networks (OSNs). Users all over the globe write, share, and publish personal information about themselves, their friends, and their workplace. In this study we present a method for infiltrating specific users in targeted organizations by using organizational social networks topologies and Socialbots. The targeted organizations, which have been chosen by us, were technologyoriented organizations. Employees from this kind of organization should be more aware of the dangers of exposing private information. An infiltration is defined as accepting a Socialbot's friend request. Upon accepting a Socialbot's friend request, users unknowingly expose information about themselves and their workplace. To infiltrate this we had to use our Socialbots in a sophisticated manner. First, we had to gather information and recognize Facebook users who work in targeted organizations. Afterwards, we chose ten Facebook users from every targeted organization randomly. These ten users were chosen to be the specific users from targeted organizations of which we would like to infiltrate. The Socialbots sent friend requests to all specific users' mutual friends who worked or work in the same targeted organization. The rationale behind this idea was to gain as many mutual friends as possible and through this act increase the probability that our friend requests will be accepted by the targeted users. We tested the proposed method on targeted users from two different organizations. Our method was able to gain a successful percentage of 50% and 70% respectively. The results demonstrate how easily adversaries can infiltrate users they do not know and get full access to personal and valuable information. These results are more surprising when we emphasize the fact that we chose oriented users who should be more aware to the dangers of information leakage for this study on purpose. Moreover, the results indicate once again that users who are interested in protecting themselves should not disclose information in OSNs and should be cautious of accepting friendship requests from unknown persons.
AB - One dimension on the Internet, which has gained great popularity in recent years are the online social networks (OSNs). Users all over the globe write, share, and publish personal information about themselves, their friends, and their workplace. In this study we present a method for infiltrating specific users in targeted organizations by using organizational social networks topologies and Socialbots. The targeted organizations, which have been chosen by us, were technologyoriented organizations. Employees from this kind of organization should be more aware of the dangers of exposing private information. An infiltration is defined as accepting a Socialbot's friend request. Upon accepting a Socialbot's friend request, users unknowingly expose information about themselves and their workplace. To infiltrate this we had to use our Socialbots in a sophisticated manner. First, we had to gather information and recognize Facebook users who work in targeted organizations. Afterwards, we chose ten Facebook users from every targeted organization randomly. These ten users were chosen to be the specific users from targeted organizations of which we would like to infiltrate. The Socialbots sent friend requests to all specific users' mutual friends who worked or work in the same targeted organization. The rationale behind this idea was to gain as many mutual friends as possible and through this act increase the probability that our friend requests will be accepted by the targeted users. We tested the proposed method on targeted users from two different organizations. Our method was able to gain a successful percentage of 50% and 70% respectively. The results demonstrate how easily adversaries can infiltrate users they do not know and get full access to personal and valuable information. These results are more surprising when we emphasize the fact that we chose oriented users who should be more aware to the dangers of information leakage for this study on purpose. Moreover, the results indicate once again that users who are interested in protecting themselves should not disclose information in OSNs and should be cautious of accepting friendship requests from unknown persons.
UR - http://www.scopus.com/inward/record.url?scp=84893302164&partnerID=8YFLogxK
U2 - https://doi.org/10.1145/2492517.2500225
DO - https://doi.org/10.1145/2492517.2500225
M3 - Conference contribution
SN - 9781450322409
T3 - Proceedings of the 2013 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, ASONAM 2013
SP - 1358
EP - 1365
BT - Proceedings of the 2013 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, ASONAM 2013
Y2 - 25 August 2013 through 28 August 2013
ER -