Title :
Vulnerabilities in social networking sites
Author_Institution :
Amarnath & Shashi Khosla Sch. of IT, Indian Inst. of Technol., Delhi, New Delhi, India
Abstract :
In this paper, we show that social networking web sites are vulnerable to be used as a bot. This transforms a social network into an antisocial network which can be used for network attacks. Remote code execution, manipulating victim´s browsers through legitimate web control functionality such as image-loading HTML tags, JavaScript instructions, and Java applets are few examples of how an adversary can hack into another user´s session. Apart from controlling social network users and driving them to launch attacks against third parties, an adversary can also harm the users themselves. In this report we explore these properties, develop real exploits, and analyze their impact. We will explore other possible misuses of online Social Network web sites.
Keywords :
online front-ends; program compilers; security of data; social networking (online); Web control functionality legitimation; antisocial network; network attacks; online social networking Web sites vulnerabilities; remote code execution; social network user control; third parties; victim browsers manipulation; Facebook attacks; online social networks; web application vulnerability;
Conference_Titel :
Parallel Distributed and Grid Computing (PDGC), 2012 2nd IEEE International Conference on
Conference_Location :
Solan
Print_ISBN :
978-1-4673-2922-4
DOI :
10.1109/PDGC.2012.6449865
