Attacking Strategies and Temporal Analysis Involving Facebook Discussion Groups

TL;DR

This paper presents a novel approach to analyzing attacker strategies in Facebook discussion groups, predicting malicious URL spread with over 90% accuracy within 10 minutes, aiding in security management.

Contribution

It introduces a new method combining static and dynamic features to predict targeted attacks in social network discussion threads.

Findings

Achieved over 90% accuracy in attack prediction.

Effective within a 10-minute detection window.

Enhanced understanding of attacker footprints and strategies.

Abstract

Online social network (OSN) discussion groups are exerting significant effects on political dialogue. In the absence of access control mechanisms, any user can contribute to any OSN thread. Individuals can exploit this characteristic to execute targeted attacks, which increases the potential for subsequent malicious behaviors such as phishing and malware distribution. These kinds of actions will also disrupt bridges among the media, politicians, and their constituencies. For the concern of Security Management, blending malicious cyberattacks with online social interactions has introduced a brand new challenge. In this paper we describe our proposal for a novel approach to studying and understanding the strategies that attackers use to spread malicious URLs across Facebook discussion groups. We define and analyze problems tied to predicting the potential for attacks focused on threads created by news media organizations. We use a mix of macro static features and the micro dynamic evolution of posts and threads to identify likely targets with greater than 90% accuracy. One of our secondary goals is to make such predictions within a short (10 minute) time frame. It is our hope that the data and analyses presented in this paper will support a better understanding of attacker strategies and footprints, thereby developing new system management methodologies in handing cyber attacks on social networks.