Home

News

People

Projects

Publications

Workshops

Seminar

Software

Conferences

Funding

Collaborations

Resources

Directions

 

Webmaster

Security Risks of Freedom on Social Networking Websites

Description

Publications

People

Project Description

Many Web 2.0-based social networking sites permit their users to post comments containing a variety of HTML tags on other users' profiles. In this paper, we show that allowing arbitrary users to post multimedia HTML content on other users' social network profiles is an attack vector. Specifically, we demonstrate three attacks---the Social-DDoS attack, the Social-C&C attack, and the Browser-choking attack---each of which allows an arbitrary Web user to jeopardize the security of other Web users. .

[Top]

Publications

• Evaluating the Security Risks of Freedom on Social Networking Websites Blase E. Ur, Crystal Maung, Vinod Ganapathy. Rutgers University, Department of Computer Science Technical Report 646; Piscataway, New Jersey, January 2009.

[Top]

People

Faculty

Vinod Ganapathy

Graduate Students

Blase E. Ur Crystal Maung

[Top]

Last Modified Feb, 2009