Monday, 19 October 2015


With 20 million installs a day, third-party apps are a major reason for the popularity and addictiveness of Facebook. Unfortunately, hackers have realized the potential of using apps for spreading malware and spam. The problem is already significant, as we find that at least 13% of apps in our dataset are malicious. So far, the research community has focused on detecting malicious posts and campaigns. In this paper, we ask the question: Given a Face book application, can we determine if it is malicious? Our key contribution is in developing FRAppE—Face book’s Rigorous Application Evaluator—arguably the first tool focused on detecting malicious apps on Face book. To develop FRAppE, we use information gathered by observing the posting behavior of 111K Face book apps seen across 2.2 million users on Face book. First, we identify a set of features that help us distinguish malicious apps from benign ones. For example, we find that malicious apps often share names with other apps, and they typically request fewer permissions than benign apps. Second, leveraging these distinguishing features, we show that FRAppE can detect malicious apps with 99.5% accuracy, with no false positives and a high true positive rate (95.9%). Finally, we explore the ecosystem of malicious Face book apps and identify mechanisms that these apps use to propagate. Interestingly, we find that many apps collude and support each other; in our dataset, we find 1584 apps enabling the viral propagation of 3723 other apps through their posts. Long term, we see FRAppE as a step toward creating an independent watchdog for app assessment and ranking, so as to warn Face book users before installing apps
FRAppE (Face book’s Rigorous Application Evaluator) tool focused on detecting malicious apps on Face book.
The research community has focused on detecting malicious posts and campaigns
The driving motivation for detecting malicious apps stems from the suspicion that a significant fraction of malicious posts on Face book are posted by apps. We find that 53% of malicious posts flagged by MyPageKeeper were posted by malicious apps. We see that 60% of malicious apps were able to accumulate over 100K clicks each, with 20% receiving more than 1M clicks each. The application with the highest number of clicks in this experiment—the “What is the sexiest thing about you?” app—received 1 742 359 clicks. Although it would be interesting to find the click-through rate per user and per post, we do not have data for the number of users who saw these links. We can query’s API only for the number of clicks received by a link
  1.  60% of malicious apps get at least a hundred thousand clicks on the URLs they post
  2.  40% of malicious apps have a median of at least 1000 monthly active users

In this paper, we develop FRAppE, a suite of efficient classification techniques for identifying whether an app is malicious or not. To build FRAppE, we use data from My Page- Keeper, a security app in Face book that monitors the Face book profiles of 2.2 million users. We analyze 111K apps that made 91 million posts over 9 months. This is arguably the first comprehensive study focusing on malicious Face book apps that focuses on quantifying, profiling, and understanding malicious apps and synthesizes this information into an effective detection approach.

  1. 13% of observed apps are malicious
  2.  Malicious hackers impersonate applications.
  3. FRAppE can detect malicious apps with 99% accuracy.




·                 Processor               -   Pentium –III

·                Speed                -    1.1 Ghz
·                RAM                 -    256 MB(min)
·                Hard Disk         -   20 GB
·                Floppy Drive    -    1.44 MB
·                Key Board                 -    Standard Windows Keyboard
·                Mouse               -    Two or Three Button Mouse
·                Monitor             -    SVGA


·                Operating System              : Windows  7                                       
·                Front End                  : JSP AND SERVLET
·                Database                  : MYSQL
·                Tool                           :NETBEANS

Rahman, S.Huang, T.-K. ; Madhyastha, H.V. Faloutsos, M. “Detecting Malicious Facebook Applications” IEEE/ACM Transactions on Networking Volume PP,  Issue 99 JANUARY 2015.

No comments:

Post a Comment