Panjab University

Potential Vulnerabilities
Methods used to obtain Critical Information:
Unprotected communications

Sharing too much with strangers HUMINT Observations Technology Trash Media Email Web pages Social Networking Sites

Illegal methods are OK with adversaries!!!

Social Networking
Social Networking Sites (SNS) allow people to network, interact and collaborate to share information, data and ideas without geographic boundaries.

Why use a SNS ?

Personally Entertaining Maintain Relationships Network Centralized information Professionally Marketing/recruiting Public Relations Connect with customers Solicit ideas and feedback

technology is essential..
All the policies and processes in the world wont effectively protect an organization without the right technology in place. To that end, the organization must use security solutions that scan traffic for malware, data leakage, and other suspicious activity. And it must actively monitor the environment.

Network Security in social networking

What kinds of access controls (Internet, wide area network

connections, etc.) are in place? Are there authentication procedures? What authentication protocols are used for local area networks, wide area networks and dialup servers? Who has the responsibility for security administration? What type of network media, for example, cables, switches, and routers, are used? What type of security do they have? Is security implemented on file and print servers? Does your organization make use of encryption and cryptography for use over the Internet, Virtual Private Networks (VPNs), e-mail systems, and remote access? Does the organization conform to networking standards?

The Danger:
Bad guys use it, too:

Stalkers Thieves Terrorist Hackers Phishers/Scammers Enemy organizations Pedophiles And the list goes on

The Bad and T he Ugly

Personal information could get in the wrong hands. Phishing scams, viruses and spyware may spread through social networks. Once youve posted something, others can copy it or it may exist in cache, so that even if you delete it, it may still exist and is out of your control. Anti-social? If you spend all your time on the computer.

DOs & DOnts Of

SOCIAL NETWORKING

DOs
Remember Computer Security
Do not be an easy target for computer crimes
Hacking Theft Planted code

vs. Antivirus software Firewalls Strong Passwords Permission Settings

DOs
Verify All Friend Requests Social engineering and conning starts with a friend request

Adversaries can get the data from: Free people search engines Other SNSs Your posts/profile Your friends posts/profile

Verify Requests Before Approving!

Adversary

DOs
Utilize All Available Privacy Settings
Customize available settings to be as secure as possible
Everyone may be accessed by anyone with access to the internet
How many security settings are available on Facebook?

DOs
Verify Links & Files Before Executing
Would you follow a link in e-mail? Would you download and run an attachment? Then why do you do these things on SNSs?
Phishing scams Malicious coding Viruses Scareware

Verify before executing!

DOnts
Dont Use the Same Passwords
Hackers count on users using the same passwords for multiple accounts Password1 is not a strong password

DOnts
Dont Depend on SNSs Security Settings
But its set to private right?
Hackers Incorrect or incomplete settings Sale of data Upgrades/site changes Risks inherent in sharing information USE AT YOUR OWN RISK. We do not guarantee that

only authorized persons will view your information.

Dont Trust Add-Ons or Applications

Plugins, Games, Applications
Third Party Software Applications designed to collect data Malicious code

DOnts

Separate terms of use & privacy

We are not responsible for party circumvention privacy settings measures.

third of any or security

DOnts
Dont: Grant the Same Access to Everyone
Dont treat all Friends equally Control & customize individual access Do create groups
Poker club Family

Set permissions for everything:

Your status Photos Postings

DOnts
Dont: Discuss Details
Never post anything you

would not tell directly to the enemy Never post private or personal information- no matter how secure you think your settings are Assume the information you share will be made public

Details make you vulnerable

A User-Server-Agent Model
USER
View Audition Log

SERVER

INDEPENDENT INVESTIGATOR (AGENT)

A User-Server-Agent Model
Server audits users activities Log in time, duration, IP addresses, access information Users can view activities
Audits all access information

related to their own accounts

Agents can view all activities

SERVER Provides log upon request

of specified accounts

A User-Server-Agent Model
Accepts Investigation Requests Step I Provides Results to User

Step III Step II

Analyze Information On server

INDEPENDENT INVESTGATOR (AGENT)

A User-Server-Agent Model
What a user sees
Kevins visit Bellas visit Saras visit Mikes visit Daves visit . . .

What an agent sees

Kevin visits Sara Kevin visits Mike Kevin visits Dave Kevin visits Alice
INDEPENDENT INVESTIGATOR (AGENT) . . .

USER

A User-Server-Agent Model
Agent receives decrypted request from user
Alice sends request for concern about Kevins activities Agent will see 03tn90a and 01ad53h in stead of Alice and

Kevin, in the request

Agent connects to server, asks for information on

account 01ad53h After decryption server recognizes account name is Kevin

A User-Server-Agent Model
What action can an agent perform?
Use combined policies to detect unusual activities: IP address,

multiple profiles access in a short term, inactive socializing activities.

How can an agent help a user?

Simplest: suggest revoking friend label of malicious users Suggest server take action on malicious accounts Report to authorities when necessary