Who's really in your top 8: network security in the age of social networking

Proceedings of the 35th annual ACM SIGUCCS fall conference Pub Date : 2007-10-07 DOI:10.1145/1294046.1294077

R. Gibson

{"title":"Who's really in your top 8: network security in the age of social networking","authors":"R. Gibson","doi":"10.1145/1294046.1294077","DOIUrl":null,"url":null,"abstract":"Social engineering has been around for a long time, even at the college level. From the days when someone stood around a dormitory door waiting for someone else to open it, pretending to have forgotten his or her key, to today where virtually every college student has at least one online entity. Instant Messaging programs and Social Networking websites such as MySpace, Facebook, Ruckus, Friendster, LinkedIn, SecondLife, and even YouTube, encourage students to create online versions of themselves in an effort to share information and meet new people. While in theory this process may sound harmless, students are not only unwittingly allowing themselves to be targets of identity thieves, but they are also posing major security threats to university and college networks. In a recent class demonstration, it was shown how a simple homemade application can be launched unknowingly through Internet Explorer (IE) using Web2.0 to disable IE, even with security settings at a high level. If a simple homemade application can disable IE without the knowledge of the user, imagine what is being distributed through MySpace bulletins and comments. I intend to conduct interviews with security experts and surveys of college students, to show students they unknowingly open themselves, and their campus networks, to malicious attacks. With the proper security solutions in place at the network layer, along with much needed user education, the dangers posed by social engineering can be minimized.","PeriodicalId":277737,"journal":{"name":"Proceedings of the 35th annual ACM SIGUCCS fall conference","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-10-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 35th annual ACM SIGUCCS fall conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1294046.1294077","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 18

Abstract

Social engineering has been around for a long time, even at the college level. From the days when someone stood around a dormitory door waiting for someone else to open it, pretending to have forgotten his or her key, to today where virtually every college student has at least one online entity. Instant Messaging programs and Social Networking websites such as MySpace, Facebook, Ruckus, Friendster, LinkedIn, SecondLife, and even YouTube, encourage students to create online versions of themselves in an effort to share information and meet new people. While in theory this process may sound harmless, students are not only unwittingly allowing themselves to be targets of identity thieves, but they are also posing major security threats to university and college networks. In a recent class demonstration, it was shown how a simple homemade application can be launched unknowingly through Internet Explorer (IE) using Web2.0 to disable IE, even with security settings at a high level. If a simple homemade application can disable IE without the knowledge of the user, imagine what is being distributed through MySpace bulletins and comments. I intend to conduct interviews with security experts and surveys of college students, to show students they unknowingly open themselves, and their campus networks, to malicious attacks. With the proper security solutions in place at the network layer, along with much needed user education, the dangers posed by social engineering can be minimized.

查看原文本刊更多论文

在社交网络时代，谁才是你最关心的8大网络安全问题

社会工程已经存在很长时间了，甚至在大学阶段也是如此。从以前有人站在宿舍门口等别人开门，假装忘记带钥匙，到现在几乎每个大学生都至少有一个网上实体。即时通讯程序和社交网站，如MySpace、Facebook、Ruckus、Friendster、LinkedIn、SecondLife，甚至YouTube，都鼓励学生创建自己的在线版本，以努力分享信息和结识新朋友。虽然从理论上讲，这个过程听起来无害，但学生们不仅在不知不觉中让自己成为身份窃贼的目标，而且还对大学和学院的网络构成了重大的安全威胁。在最近的一次课堂演示中，演示了如何使用Web2.0禁用IE，在不知情的情况下通过Internet Explorer (IE)启动一个简单的自制应用程序，即使安全设置很高。如果一个简单的自制应用程序可以在用户不知情的情况下禁用IE，想象一下通过MySpace公告和评论传播的是什么。我打算对安全专家进行采访，并对大学生进行调查，让学生们知道，他们在不知不觉中让自己和校园网络受到恶意攻击。通过在网络层提供适当的安全解决方案，以及急需的用户教育，可以将社会工程带来的危险降至最低。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 35th annual ACM SIGUCCS fall conference

自引率

0.00%

发文量