malicious applications in facebook

Prem Kumar .R ,Avinash .M,Sri Gokul Krishnan.R,D.Lavanya

Published in International Journal of Advanced Research in Computer Science Engineering and Information Technology

ISSN: 2321-3337          Impact Factor:1.521         Volume:6         Issue:3         Year: 21 March,2017         Pages:1220-1228

International Journal of Advanced Research in Computer Science Engineering and Information Technology

Abstract

With 20 million installs a day, third-party apps area major reason for the popularity and addictiveness of Facebook. Unfortunately, hackers have realized the potential of using apps for spreading malware and spam. The problem is already significant, as we find that at least 13% of apps in our dataset are malicious .So far, the research community has focused on detecting malicious posts and campaigns. In this paper, we ask the question: Given a Facebook application, can we determine if it is malicious? Our key contribution is in developing FRAppE— Facebook s Rigorous Application Evaluator—arguably the first tool focused on detecting malicious apps on Facebook. To develop FRAppE, we use information gathered by observing the posting behavior of 111K Facebook apps seen across 2.2 million users on Facebook. First, we identify a set of features that help us distinguish malicious apps from benign ones. For example, we find that malicious apps often share names with other apps, and they typically request less permission than be nign apps. Second, leveraging these distinguishing features, we show that FRAppE can detect malicious apps with 99.5% accuracy, with no false positives and a high true positive rate (95.9%).Finally, we explore the ecosystem of malicious Facebook apps and identify mechanisms that these apps use to propagate. Interestingly, we find that many apps collude and support each other; in our dataset, we find 1584 apps enabling the viral

Kewords

Facebook apps, malicious, online social networks, spam

Reference

• C.Pring, “100 social media statistics for 2012,” 2012 [Online]. Available:http://thesocialskinny.com/100-social-media-statistics-for-2012/ • Facebook, Palo Alto, CA, USA, “Facebook Open graph API,” [Online].Available: http://developers.facebook.com/docs/reference/api/ • “Wiki: Facebook platform,” 2014 [Online]. Available: http://en.wikipedia.org/wiki/Facebook Platform • “Pr0file stalker: Rogue Facebook application,” 2012 [Online]. Available:https://apps.facebook.com/mypagekeeper/?status=scam_report-_fb_survey_scam_pr0file_viewer_2012_4_4 • “Which cartoon character are you—Facebook surveyscam,” 2012 [Online]. Available: • G. Cluley, “The Pink Facebook rogue application and survey scam,”2012 [Online]. Available: http://nakedsecurity.sophos.com/2012/02/27/pink-facebook-survey-scam • D. Goldman, “Facebook tops 900 million users,” 2012 [Online].Available: http://money.cnn.com/2012/04/23/technology/facebookq1/index.htm • R. Naraine, “Hackers selling $25 toolkit to create malicious Facebookapps,” 2011 [Online]. Available: http://zd.net/g28HxI • HackTrix, “Stay away from malicious Facebook apps,” 2013 [Online].Available: http://bit.ly/b6gWn5 • M. S. Rahman, T.-K. Huang, H. V. Madhyastha, and M. Faloutsos,“Efficient and scalable socware detection in online social networks,”in Proc. USENIX Security, 2012, p. 32.