Deep Learning Based Attack On Social Authentication System

2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC) Pub Date : 2019-03-15 DOI:10.1109/ITNEC.2019.8729194

Wei Zhou, Xiao-Fang Yuan, Wenjun Chai, Hui Ma

{"title":"Deep Learning Based Attack On Social Authentication System","authors":"Wei Zhou, Xiao-Fang Yuan, Wenjun Chai, Hui Ma","doi":"10.1109/ITNEC.2019.8729194","DOIUrl":null,"url":null,"abstract":"As the rapid development of the Internet, social networks sites, such as Twitter and Facebook, are become more and more popular. These sites require users to provide various kinds of personal data to personalize their services. However, unintentionally disclosed personal information utilized by hackers may pose many security problems. In this paper, we present a deep learning based attack on the social authentication in the Facebook site. Social authentication, known as the fourth-factor authentication, utilizes social interaction information to achieve the identification of users. In the process of account recovery and remote login, the social authentication which requires users to identify names of friends displayed in photos is used as a part of the authentication module. After collecting public information of friends’ photos through web crawler, the attach system uses deep learning networks based on face_recognition library and convolutional neural network (CNN for short) to train the model. The attack is achieved through the successful identification of friends’ names using the trained deep learning model.","PeriodicalId":202966,"journal":{"name":"2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-03-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITNEC.2019.8729194","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

As the rapid development of the Internet, social networks sites, such as Twitter and Facebook, are become more and more popular. These sites require users to provide various kinds of personal data to personalize their services. However, unintentionally disclosed personal information utilized by hackers may pose many security problems. In this paper, we present a deep learning based attack on the social authentication in the Facebook site. Social authentication, known as the fourth-factor authentication, utilizes social interaction information to achieve the identification of users. In the process of account recovery and remote login, the social authentication which requires users to identify names of friends displayed in photos is used as a part of the authentication module. After collecting public information of friends’ photos through web crawler, the attach system uses deep learning networks based on face_recognition library and convolutional neural network (CNN for short) to train the model. The attack is achieved through the successful identification of friends’ names using the trained deep learning model.

查看原文本刊更多论文

基于深度学习的社会认证系统攻击

随着互联网的快速发展，社交网站，如Twitter和Facebook，变得越来越受欢迎。这些网站要求用户提供各种个人数据，以使其服务个性化。然而，黑客利用无意中泄露的个人信息可能会带来许多安全问题。在本文中，我们提出了一种基于深度学习的针对Facebook网站社交认证的攻击。社会认证利用社会交互信息来实现对用户的身份识别，被称为第四因素认证。在账号恢复和远程登录的过程中，需要用户识别照片中显示的好友姓名的社交认证作为认证模块的一部分。attach系统通过网络爬虫收集朋友照片的公开信息后，使用基于face_recognition库的深度学习网络和卷积神经网络(简称CNN)来训练模型。攻击是通过使用训练好的深度学习模型成功识别朋友的名字来实现的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)

自引率

0.00%

发文量