A proxy-based real-time protection mechanism for social networking sites

In the past few years, social networking websites such as Facebook and Myspace become very popular. The usage rage of social networking websites even exceeds that of Google. Followed by the popularity is many potential networking threats. How to prevent and improve these threats to avoid their expansion has become a major challenge. This paper categorizes social networking websites into three main structures: The social network (SN), the network application service (NAS) and the communication interface (CI). Through literacy review, we explore the potential information security threats (1ST) that may lead by each layer. We then use security characteristics such as confidentiality, integrity and availability to cross-analyze these threats. The analytical results are presented by graphs and tables to demonstrate the distribution of current security threats for social networking websites. We propose a real-time website security protection mechanism based on the concept of proxy. The client side transmits information to the social networking website through proxy. The main function of the proxy is to detect and determine the security threats of the website. These threats include web-based malware, phishing websites and malicious connection. The idea is to integrate many commercial protection software and online security scanning services into a security module, simultaneously execute webpage security threat scan, then scan the information sent by the web server with the security module before sending to the client. If security threats were found in the web page, the system will add this web page to the blacklist and issue a warning to the client side to prevent attack. The functionality of proxy is to segregate the client and the networking threat. Using simultaneous scan of many protection software and online services can increase the recognition rate of security threats. Later one, as long as the client is to receive the webpage in the blacklist, a warning will be iss- - ued directly to the client side. Through this mechanism, we can lower the security risk of the clients using social networking websites.