Abstract
Social engineering is a serious security threat to Online Social Networks (OSNs). Identity theft, impersonation, phishing, and deception are some of the social engineering-based attacks that exploit vulnerabilities of interpersonal relationships of online users. As a result, relationships in OSNs need to be thoroughly examined. In this vein, we propose a relationship categorization model to evaluate relationship strength based on graph-theoretic properties and social network analysis (SNA) methods. For example, in Facebook, users may be categorized into close-neighbors, distant-neighbors, celebrities (influential by admiration), authority (influential by power), and loners. Close-neighbors category will help identify a set of trustworthy actors while an actor of distant-neighbors category should not be trusted as much as the former. A celebrity category actor should be more accountable, while a loner category actor will probably be less accountable. This type of categorization will help users engage in proper cybersecurity behaviors to avoid social engineering-based attacks.
“Not All FRIENDs are Equal”: Friendship Classification for Defending against Social Engineering Attacks
Social engineering is a serious security threat to Online Social Networks (OSNs). Identity theft, impersonation, phishing, and deception are some of the social engineering-based attacks that exploit vulnerabilities of interpersonal relationships of online users. As a result, relationships in OSNs need to be thoroughly examined. In this vein, we propose a relationship categorization model to evaluate relationship strength based on graph-theoretic properties and social network analysis (SNA) methods. For example, in Facebook, users may be categorized into close-neighbors, distant-neighbors, celebrities (influential by admiration), authority (influential by power), and loners. Close-neighbors category will help identify a set of trustworthy actors while an actor of distant-neighbors category should not be trusted as much as the former. A celebrity category actor should be more accountable, while a loner category actor will probably be less accountable. This type of categorization will help users engage in proper cybersecurity behaviors to avoid social engineering-based attacks.