International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Open Access Journal

ISSN : 2394-2320 (Online)

International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Monthly Journal for Computer Science and Engineering

Open Access Journal

International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Monthly Journal for Computer Science and Engineering

ISSN : 2394-2320 (Online)

Call For Paper : Vol 11, Issue 03, March 2024

Detecting Malicious Apps on OSN Face-book Wall

Author : Ashutosh Lande ¹ Akshay Patil ² Pankaj Bondre ³ Akshata Phawde ⁴ Pradip Laturkar ⁵

Date of Publication :7th April 2016

Abstract: In Online Social Networking (OSN), unfortunately, hackers have realized the potential of using apps for spreading malware and spam which are harmful to Face-book users. The problem is already significant, as we find that at least 13% of apps in our dataset are malicious. So far, the research community has focused on detecting malicious posts and campaigns. In this project, we ask the question to the Face-book user that, given a Face-book application, can you determine whether that application is malicious? Of course that user couldn’t identify that. So, our key contribution is in developing “FRAppE—Face-book’s Rigorous Application Evaluator”, arguably the first tool focused on detecting malicious apps on Facebook. To develop FRAppE, we use information gathered by observing the posting behavior of 111K Face-book apps seen across 2.2 million users on Face-book. First, we identify a set of features that help us distinguish between malicious apps and benign apps. For example, we find that malicious apps often share names with other apps, and they typically request little permission than benign apps. Second, leveraging these distinguishing features, we show that FRAppE can detect malicious apps with 99.5% accuracy, with no false positives and a low false negative rate (4.1%). Finally, we explore the ecosystem of malicious Face-book apps and identify mechanisms that these apps use to propagate. Interestingly, we find that many apps collude and support each other; in our dataset, we find 1,584 apps enabling the viral propagation of 3,723 other apps through their posts. Long-term, we see FRAppE as a step towards creating an independent watchdog for app assessment and ranking, so as to warn Face-book users before installing apps.

Reference :

1. H. Gao, J. Hu, C. Wilson, Z. Li, Y. Chen, and B. Y. Zhao. Detecting and characterizing social spam campaigns. In IMC, 2010
2. P. Chia, Y. Yamamoto, and N. Asokan. Is this app safe? A large scale study on application permissions and risk signals.In WWW, 2012.
3. C.-C. Chang and C.-J. Lin. LIBSVM: A library for support vector machines. ACM Transactions on Intelligent Systems and Technology, 2, 2011.
4. A. Besmer, H. R. Lipford, M. Shehab, and G. Cheek. Social applications: exploring a more secure framework. In SOUPS,2009.
5. C. Pring, “100 social media statistics for 2012,” 2012 [Online]. Available: http://thesocialskinny.com/100- social-media-statistics-for-2012/
6. Facebook, Palo Alto, CA, USA, “Facebook Opengraph API,” [Online]. Available: http://developers.facebook.com/docs/reference/api/
7. “Wiki: Facebook platform,” 2014 [Online]. Available: http://en. wikipedia.org/wiki/Facebook_Platform
8. “Pr0file stalker: Rogue Facebook application,” 2012 [Online]. Available: https://apps.facebook.com/mypagekeeper/?status=scam_r eport- _fb_survey_scam_pr0file_viewer_2012_4_4
9. “Whiich cartoon character are you—Facebook survey scam,” 2012 [Online]. Available: https://apps.facebook.com/mypagekeeper/?status=scam_r eport_fb_survey_scam_whiich_cartoon_character_are_yo u_2012_03_30
10. G. Cluley, “The Pink Facebook rogue application and survey scam,” 2012 [Online]. Available: http://nakedsecurity.sophos.com/2012/02/ 27/pinkfacebook-survey-scam/
11. D. Goldman, “Facebook tops 900 million users,” 2012 [Online]. Available: http://money.cnn.com/2012/04/23/technology/facebookq1 / index.htm
12. R. Naraine, “Hackers selling $25 toolkit to create malicious Facebook apps,” 2011 [Online]. Available: http://zd.net/g28HxI
13. HackTrix, “Stay away from malicious Facebook apps,” 2013 [Online]. Available: http://bit.ly/b6gWn5
14. M. S. Rahman, T.-K. Huang, H. V. Madhyastha, and M. Faloutsos, “Efficient and scalable socware detection in online social networks,” in Proc. USENIX Security, 2012, p. 32.
15. H. Gao et al., “Detecting and characterizing social spam campaigns,” in Proc. IMC, 2010, pp. 35–47.
16. H. Gao, Y. Chen, K. Lee, D. Palsetia, and A. Choudhary, “Towards online spam filtering I social networks,” in Proc. NDSS, 2012.
1. H. Gao, J. Hu, C. Wilson, Z. Li, Y. Chen, and B. Y. Zhao. Detecting and characterizing social spam campaigns. In IMC, 2010.
2. P. Chia, Y. Yamamoto, and N. Asokan. Is this app safe? A large scale study on application permissions and risk signals.In WWW, 2012.
3. C.-C. Chang and C.-J. Lin. LIBSVM: A library for support vector machines. ACM Transactions on Intelligent Systems and Technology, 2, 2011.
4. A. Besmer, H. R. Lipford, M. Shehab, and G. Cheek. Social applications: exploring a more secure framework. In SOUPS,2009.
5. C. Pring, “100 social media statistics for 2012,” 2012 [Online]. Available: http://thesocialskinny.com/100- social-media-statistics-for-2012/
6. Facebook, Palo Alto, CA, USA, “Facebook Opengraph API,” [Online]. Available: http://developers.facebook.com/docs/reference/api/
7. “Wiki: Facebook platform,” 2014 [Online]. Available: http://en. wikipedia.org/wiki/Facebook_Platform
8. “Pr0file stalker: Rogue Facebook application,” 2012 [Online]. Available: https://apps.facebook.com/mypagekeeper/?status=scam_r eport- _fb_survey_scam_pr0file_viewer_2012_4_4
9. “Whiich cartoon character are you—Facebook survey scam,” 2012 [Online]. Available: https://apps.facebook.com/mypagekeeper/?status=scam_r eport_fb_survey_scam_whiich_cartoon_character_are_yo u_2012_03_30
10. G. Cluley, “The Pink Facebook rogue application and survey scam,” 2012 [Online]. Available: http://nakedsecurity.sophos.com/2012/02/ 27/pinkfacebook-survey-scam/
11. D. Goldman, “Facebook tops 900 million users,” 2012 [Online]. Available: http://money.cnn.com/2012/04/23/technology/facebookq1 / index.htm
12. R. Naraine, “Hackers selling $25 toolkit to create malicious Facebook apps,” 2011 [Online]. Available: http://zd.net/g28HxI
13. HackTrix, “Stay away from malicious Facebook apps,” 2013 [Online]. Available: http://bit.ly/b6gWn5
14. M. S. Rahman, T.-K. Huang, H. V. Madhyastha, and M. Faloutsos, “Efficient and scalable socware detection in online social networks,” in Proc. USENIX Security, 2012, p. 32.
15. H. Gao et al., “Detecting and characterizing social spam campaigns,” in Proc. IMC, 2010, pp. 35–47.
16. H. Gao, Y. Chen, K. Lee, D. Palsetia, and A. Choudhary, “Towards online spam filtering I social networks,” in Proc. NDSS, 2012.

Recent Article

● Efficient Cluster based Communication with Plausibility Checks in VANET

● Survey of various Query Mapping Techniques from SQL to No SQL

● A Secure and Authentication Based Mechanism in Zone Routing Protocol

● Preparation of Plan and Analysis of a Multistoried Medical College

● Detecting Malicious Apps on OSN Face-book Wall

● A Design of Approximation Algorithm for Efficient DNA Mapping using Hadoop with GPU Acceleration

● “Context-Based Diversification for Keyword Queries over XML Data”

● Automatic Parking Reservation Application for Smartphone Using IR Sensors

● “A review study on secure web application development using PHP with Laravel Framework”

● Confidential Image Sharing Using Visual Secret Sharing Scheme

● Quadruped-Walker

● Recommenders System for Effective ICT Based Learning

● Resolve the Classification Problem over Encrypted data Using K-Nearest Neighbour

● Disease Inference System based on Health-Related Question Answer system

● Implementation Of Efficient Privacy Preserving Classification Techniques With Outsource Data

● Privacy Preserving Association Rules Mining In Horizontally Distributed Databases

● Crop Field Analyzer

● A Secure Parallel Network File System using Protocols

● New Approach for Parallel Graph Computation Using Partition Aware Engine

● Web Crawler: A Crawler for Efficiently Retrieving Relevant Data

● User Authentication using Digital Signature and Biometric Factor

● Security in Searching Shared and Encrypted Data in Multi Party Environment

● Enhancing Scalable Reverse Dictionary Using Text Rank

● Strengthening Authentication System Using Mindmetrics

● Stock Market Prediction and Analysis using Hadoop

● Fuzzy Authorization on Cloud Computing By Using Merging Technique

● Dual Cryptography Based Data Security in Cloud Computing

● A New Differential Evolutionary Algorithm

● An Alternative Approach to Resolve Load Balancing Problems in Cloud Computing

● Time to Change the World around You “Intellectual Controller

● Table Complexity Measurement of Database Systems

● Augmentation of Apriori Algorithm

● 3D Brain Tumor Detection

● Automatic Detection of Leukemia Using Blood Smear Sample

● Active Feature Description in Animals Footprint Identification

● Effective Interoperability between IPV6 Networks through Tunneling and Dual Stack Mechanism

● Iot – Based Information System for Emergency Medical Services

● Information Security by Embedding Of QR Code into Color Image

● Data Hiding in Encrypted H.264/AVC Video Streams by Code word Substitution

● Improved Performance Of Web Based Database Management For Telemedicine By Using Three Fold Approach Of Data Fragmentation,Websites Data Clustering And Data Allocation

● Collaborative Data Publishing Using Privacy Preserving Technique

● Cloud Gaming: A Green Future

● Optimizing SDN Performance for Small Networks by Enhancing Open Flow

● Secure Query Processing Over Encrypted Data via Location Based Service Provider

● An Efficient Cost-A ware Secure Routing (CASER) Protocol for Wireless Sensor Network

● Trustworthy URI: Enhancing the Data’s On the Web Reliable and Immutable

● Machine Learning Methods for Medical Diagnosis VIA Web Application

● Social Recommendation with Cross-Domain Transferable Knowledge

● Improving Security and QOS in Device-To-Device Communication Using Elliptic Curve DIFFIE Hellman Algorithm

● Cost-Effective Authentic and Anonymous Data Sharing with Forward Security

● Analysis of Request over Possible Clouds without Merged Duplicates

● Reservation Based Smart Parking System

● Webcam Based Remote Authentication via Biometrics over Insecure Channels Using Steganography

● Effect of Looping On the Lifetime Of A Multi-Sink Wireless Sensor Network Deployed For Healthcare Monitoring System

● Flow Mobility Modeling In VANETS