{"title":"Cross-domain vulnerabilities over social networks","authors":"Catherine Bernard, Hervé Debar, Salim Benayoune","doi":"10.1109/CASoN.2012.6412370","DOIUrl":null,"url":null,"abstract":"Recent years have seen a tremendous growth of social networks such as Facebook and Twitter. At the same time, the share of video traffic in the Internet has also significantly increased, and the two functions are getting closer to one another. YouTube, the most famous video sharing site, allows people to comment on videos with other people while Facebook and Twitter are important vectors into sharing videos. Both video channels and social networks are increasingly vulnerable attack targets. For example, social networks are also considerable spam and phishing vectors, and Adobe Flash as the premier video streaming application is associated with numerous software vulnerabilities. This is a good way for attackers to compromise sites with embedded Flash objects. In this paper, we present the technical background of the cross-domain mechanisms and the security implications. Several recent studies have demonstrated the weakness of the cross-domain policy, leading to session hijacking or the leakage of sensitive information. Current solutions to detect these vulnerabilities use a client-side approach. The purpose of our work is to present a new approach based on network flows analysis to detect malicious behavior.","PeriodicalId":431370,"journal":{"name":"2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CASoN.2012.6412370","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5
Abstract
Recent years have seen a tremendous growth of social networks such as Facebook and Twitter. At the same time, the share of video traffic in the Internet has also significantly increased, and the two functions are getting closer to one another. YouTube, the most famous video sharing site, allows people to comment on videos with other people while Facebook and Twitter are important vectors into sharing videos. Both video channels and social networks are increasingly vulnerable attack targets. For example, social networks are also considerable spam and phishing vectors, and Adobe Flash as the premier video streaming application is associated with numerous software vulnerabilities. This is a good way for attackers to compromise sites with embedded Flash objects. In this paper, we present the technical background of the cross-domain mechanisms and the security implications. Several recent studies have demonstrated the weakness of the cross-domain policy, leading to session hijacking or the leakage of sensitive information. Current solutions to detect these vulnerabilities use a client-side approach. The purpose of our work is to present a new approach based on network flows analysis to detect malicious behavior.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
