Skip to main content

Detecting Malicious Facebook Applications Detecting Malicious Facebook Applications

                              Detecting Malicious Facebook  Applications Detecting
                               Malicious Facebook  Applications

Abstract:
With 20 million installs a day , third-party apps are a major reason for the popularity and addictiveness of Facebook. Unfortunately, hackers have realized the potential of using apps for spreading malware and spam. The problem is already significant, as we find that at least 13% of apps in our dataset are malicious. So far, the research community has focused on detecting malicious posts and campaigns. In this paper, we ask the question: given a Facebook application, can we determine if it is malicious? Our key contribution is in developing FRAppE—Facebook’s Rigorous Application Evaluator— arguably the first tool focused on detecting malicious apps on Facebook.  To develop FRAppE, we use information gathered by observing the posting behavior of 111K Facebook apps seen across 2.2 million users on Facebook. First, we identify a set of features that help us distinguish malicious apps from benign ones. For example, we find that malicious apps often share names with other apps, and they typically request fewer  permissions than benign apps. Second, leveraging these distinguishing features, we show that FRAppE can detect malicious apps with 99.5% accuracy, with no false positives and a low false negative rate (4.1%). Finally, we explore the ecosystem of malicious Facebook apps and identify mechanisms that these apps use to propagate. Interestingly, we find that many apps collude and support each other; in our dataset, we find 1,584 apps enabling the viral propagation of 3,723 other apps through their posts. Long-term, we see FRAppE as a step towards creating an independent watchdog for app assessment and ranking, so as to warn Facebook users before installing apps.

Existing System:
Hackers have started taking advantage of the popularity of this third-party apps platform and deploying malicious applications. Malicious apps can provide a lucrative business for hackers, given the popularity of OSNs, with Facebook leading the way with 900M active users . There are many ways that hackers can benefit from a malicious app:
DisAdvantages:

(a) the app can reach large numbers of users and their friends to spread spam,
(b) the app can obtain users’ personal information such as email address, home town, and gender, and
(c) the app can “re-produce" by making other malicious apps popular.

Proposed System:

In this work, we develop FRAppE, a suite of efficient classification techniques for identifying whether an app is malicious or not. To build FRAppE, we use data from My Page Keeper, a security app in Facebook  that monitors the Facebook profiles of 2.2 million users. We analyze 111K apps that made 91 million posts over nine months. This is arguably the first comprehensive study focusing on malicious Facebook apps that focuses on quantifying, profiling, and understanding malicious apps, and synthesizes this information into an effective detection approach.

Architecture Diagram:

            


Implementation Modules:

1.Malicious and benign app profiles significantly differ
      2.The emergence of AppNets: apps collude at massive scale
                        3. Malicious hackers impersonate applications.
4.FRAppE can detect malicious apps with 99% accuracy

Malicious  and benign app profiles significantly differ:     

We systematically profile apps and show that malicious app profiles are significantly different than those of benign apps. A striking observation is the “laziness" of hackers; many malicious apps have the same name, as 8% of unique names of malicious apps are each used by more than 10 different apps (as defined by their app IDs). Overall, we profile apps based on two classes of features: (a) those that can be obtained on-demand given an application’s identifier (e.g., the permissions required by the app and the posts in the application’s profile page), and (b) others that require a cross-user view to aggregate information across time and across apps (e.g., the posting behavior of the app and the similarity of its name to other apps).      

The emergence of AppNets: apps collude at massive scale:

We conduct a forensics investigation on the malicious app ecosystem to identify and quantify the techniques used to promote malicious apps. The most interesting result is that apps collude and collaborate at a massive scale. Apps promote other apps via posts that point to the “promoted" apps. If we describe the collusion relationship of promoting-promoted apps as a graph, we find
1,584 promoter apps that promote 3,723  other apps. Furthermore, these apps form large and highly-dense connected components, Furthermore, hackers use fast-changing indirection: applications posts have URLs that point to a website, and the website dynamically redirects to many different apps; we find 103 such URLs that point to 4,676 different malicious apps over the course of a month. These observed behaviors indicate well-organized crime: one hacker controls many malicious apps, which we will call an AppNet, since they seem a parallel concept to botnets.

Malicious hackers impersonate applications:

We were surprised to find popular good apps, such as ‘FarmVille’ and ‘Facebook for iPhone’, posting malicious posts. On further investigation, we found a lax authentication rule in Facebook that enabled hackers to make malicious posts appear as though they came from these apps.

FRAppE can detect malicious apps with 99% accuracy:

We develop FRAppE (Facebook’s Rigorous Application Evaluator) to identify malicious apps either using only features that can be obtained on-demand or using both on-demand and aggregation based app information. FRAppE  Lite, which only uses information available on-demand, can identify malicious apps with 99.0% accuracy, with low false positives (0.1%) and false negatives(4.4%). By adding aggregation-based information, FRAppE  can detect malicious apps with 99.5% accuracy, with no false positives and lower false negatives (4.1%).

System Configuration:


HARDWARE REQUIREMENTS:
  • Hardware                            -     Pentium
  • Speed                                   -     1.1 GHz
  • RAM                                     -    1GB
  • Hard Disk                            -    20 GB
  • Floppy Drive                       -    1.44 MB
  • Key Board                           -    Standard Windows Keyboard
  • Mouse                                 -    Two or Three Button Mouse
  • Monitor                              -    SVGA


SOFTWARE  REQUIREMENTS:
  •           Operating System                                       : Windows
  •           Technology                                  : Java and J2EE
  •           Web Technologies                        : Html, JavaScript, CSS
  •            Web Server                                  : Tomcat
  •            Database                                                    : My SQL
  •            Java Version                                  : J2SDK1.5                 
  •  
  •  



                                                


Comments

Post a Comment

Popular posts from this blog

Jio

Reliance Jio planning its own  cryptocurrency called JioCoin  elder son Akash Ambani leading the JioCoin project, Reliance Jio plans to build a 50-member team of young professionals to work on blockchain technology, which can also be used to develop applications such as smart contracts and supply chain management logistics
Post a Comment
Read more

PUNCHING MACHINE

ACCIDENT AVOIDING SYSTEM FOR PUNCHING MACHINE SYNOPSIS The aim of our project is to take a system-wide approach to preventing the machine accident. The system includes not just the machine and the operator; but rather, it includes everything from the initial design of the machine to the training of everyone that is responsible for any aspect of it, to the documentation of all changes, to regular safety audits and a finally a corporate culture of safety-first. Design is the part of a machine's life where the greatest impact can be made in relation to avoiding accidents. The designer should ensure that the machine is safe to set up and operate, safe to install, safe to maintain, safe to repair, and safe to decommission. Although safe operation is usually at the forefront of a designer's mind, safe maintenance and repair should also be a high priority. Around 50% of fatal accidents involving industrial equipment are associated with maintenance activities, and design...
Post a Comment
Read more