Home
News
People
Projects
Publications
Workshops
Seminar
Software
Conferences
Funding
Collaborations
Resources
Directions

 

Webmaster

Security Risks of Freedom on Social Networking Websites

Project Description

Many Web 2.0-based social networking sites permit their users to post comments containing a variety of HTML tags on other users' profiles. In this paper, we show that allowing arbitrary users to post multimedia HTML content on other users' social network profiles is an attack vector. Specifically, we demonstrate three attacks---the Social-DDoS attack, the Social-C&C attack, and the Browser-choking attack---each of which allows an arbitrary Web user to jeopardize the security of other Web users. .

[Top]

Publications

[Top]

People

Faculty

Vinod Ganapathy

Graduate Students

Blase E. Ur
Crystal Maung

[Top]

Last Modified Feb, 2009