欢迎访问中国科学院大学学报,今天是

中国科学院大学学报 ›› 2014, Vol. 31 ›› Issue (4): 548-554.DOI: 10.7523/j.issn.2095-6134.2014.04.016

• 计算机科学 • 上一篇    下一篇

一种针对在线社交网络的自动化僵尸账号攻击方案

熊凯1, 张玉清1,2, 吕少卿1   

  1. 1. 西安电子科技大学综合业务网理论与关键技术国家重点实验室, 西安 710071;
    2. 中国科学院大学国家计算机网络入侵防范中心, 北京 100049
  • 收稿日期:2013-02-01 修回日期:2013-07-31 发布日期:2014-07-15
  • 通讯作者: 张玉清,E-mail:zhangyq@nipc.org.cn
  • 基金资助:

    国家自然科学基金(61272481)资助

Automatic Sybil attack method for online social network

XIONG Kai1, ZHANG Yuqing1,2, LÜ Shaiqing1   

  1. 1. State Key Laboratory of Integrated Services Networks, XiDian University, Xi'an 710071, China;
    2. National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing 100049, China
  • Received:2013-02-01 Revised:2013-07-31 Published:2014-07-15

摘要:

分析僵尸账号对社交网络的主要威胁及社交网络对僵尸账号的检测机制,针对现有检测机制的不足设计规避检测的策略.使用该策略设计并实现一款利用僵尸账号对社交网络进行攻击的自动化工具.使用该工具对国内外最大的2个社交网站进行攻击测试.实验结果证明了策略与工具的有效性,并证明了社交网络针对僵尸账号的检测机制仍存在不足.

关键词: 社交网络, 僵尸账号, 隐私, Sybil attack

Abstract:

The Sybil attack has become a serious threat to the online social networks(OSN). We analyze the main threats of Sybil accounts to the OSN and the methods for detecting them. We find out that all the detection methods have their weaknesses. Based on those we propose a set of strategies to avoid the OSN's detection and accomplish a tool called OSNBP, which uses strategies to infiltrate into the OSN. After we used this tool in infiltration tests into the two largest social networks, Facebook.com and RenRen.com, we conclude that our infiltration strategies are effective and the existing methods of detecting Sybil accounts are imperfect.

Key words: ocial networks, Sybil account, privacy, Sybil attack

中图分类号: