Catalyst, Features

U.K. researchers work to combat social media malware

According to a ScienceDaily article, computer scientists are working to combat malware hidden in shortened URLs on Twitter. PHOTO ILLUSTRATION BY RACHEL MCLEAN/DAILY FREE PRESS CONTRIBUTOR
According to a ScienceDaily article, computer scientists are working to combat malware hidden in shortened URLs on Twitter. PHOTO ILLUSTRATION BY RACHEL MCLEAN/DAILY FREE PRESS CONTRIBUTOR

According to research conducted early last year by the Pew Research Center, 74 percent of adults engage in social networking. This percentage is projected to grow, and the evidence of that is visible, seeing as more and more people continue to join sites such as Facebook, Twitter and Instagram every day.

As the population makes itself more public, researchers specializing in computer science are more closely monitoring online user interactions. Pete Burnap, director of the Social Data Science Lab at Cardiff University, and Omer Rana, a computer science professor at Cardiff, have discovered that malware is likely to be present in shortened links often clicked on and used by a majority of the Internet population through services such as Google, Bitly and Ow.ly.

Link shortening is generally employed to reduce the number of characters contained in a message. The issue, however, is that users don’t always know what’s behind the short links, Rana said.

“Basically, these short links could redirect you to a script on somebody’s server or it can be some sort of executable file that starts sending you data back,” Rana said. “So there is a kind of attack that is very common in web-based interactions called a ‘drive-by download’ attack. When you visit a website, you’re actually getting the content you should be looking at, but behind the scenes there’s another process that is generated … that is trying to channel malware back to your machine.”

Given Twitter’s 140-character limit on posts, users frequently rely on link shortening, making Twitter the main platform for Burnap and Rana’s research. The team originally focused on trending topics such as sporting events and selections, seeing as the related tweets are seen more often and are therefore taken advantage of by malware spreaders.

“People could just retweet them [tweets related to trending topics] without actually looking at what’s behind the links that people are sending out,” Rana said. “You could potentially have malware that sits behind these links and people could leverage on the popularity of a particular music artist or social event in order to propagate malware.”

The team’s main goal was to identify the percentage of content that could potentially refer users to malware. In order to identify such links, Burnap said he and his team secured a sandbox environment — somewhat of a virtual machine — and visited a random sample of URLs collected around the Super Bowl and the Cricket World Cup.

“If the URL server conducted malicious activity [such as] process execution or registry file modification, we marked it as malicious,” Burnap said.

According to ScienceDaily, the team at Cardiff was able to identify cyber-attacks on Twitter within five seconds with up to 83 percent accuracy and within 30 seconds with up to 98 percent accuracy.

“The main challenge when building the system was to identify signals of malicious activity in the large amount of noise generated by benign machine activity,” Burnap said.

Adam Lerner, a current doctoral student in computer science at the University of Washington, said issues regarding network security, such as link shortening and user privacy in general, are an important area of research.

“Our daily lives are becoming connected to the Internet, which is the biggest network we’ve got,” Lerner said. “Phones, cars, thermostats, you name it. Whenever something’s connected to a network, that network becomes a potential avenue of attack. In the same vein, more and more important aspects of our lives, both private and public, are taking place on the Internet, via these networked technologies. The goal of network security research … is to protect people and the things we care about from malicious behavior.

On sites like Twitter, Burnap said users do not necessarily have a choice in regards to choosing whether or not shorten a link since the site encourages the practice.

“Users don’t have a choice as [link shortening] is enforced by Twitter,” Burnap said. “This is why we need such a real-time malware detection system.”

7 Comments

  1. If you are not of medium sized and weight then these tables should be used
    as a general referral point only, because they overestimate the calorie expenditure of smaller people and underestimate the
    calorie expenditure for people bigger than average person. Always look for activities you can do that are enjoyable and that allow you to work at your own pace.
    However, be very sure that the amount of calories you eat per
    day is not less than the number of calories you need, as you found in Step
    1.

  2. Thanks for some other fantastic post. The place else
    may anyone get that type of info in such a perfect manner of writing?
    I’ve a presentation next week, and I’m on the search for such info.

  3. Pretty nice post. I just stumbled upon your weblog and wished to mention that I have truly enjoyed browsing your blog posts.
    In any case I’ll be subscribing for your rss
    feed and I am hoping you write once more very soon!

  4. Good info. Lucky me I found your site by chance (stumbleupon).
    I’ve saved as a favorite for later!

  5. Fine way of describing, and pleasant piece of writing to take facts regarding
    my presentation topic, which i am going to convey in school.

  6. A person necessarily help to make seriuously articles I’d state.
    That is the fjrst time I frequented your website page and thus far?

    I surprised with the analysis you made to make this particular submit extraordinary.
    Wonderful activity!

  7. It’s perfect time to make a few plans for tthe long run and it is time to be happy.
    I have learn this put up and if I could I wish to counsel you some faascinating issuues or
    advice. Maybe you could write next articles relating to this article.

    I desire tto learn more things approximately it!