Online Social Networks (OSNs) are generally based on real social relations. Hence, malware writers are taking advantage of this fact to propagate their viral code into OSNs. In recent years, major OSNs, such as Facebook, were extensively under malware attacks. These attacks commonly lead to hundreds of thousands of compromised accounts that may bear personal and even confidential information. In this paper, different types of malware in OSNs are discussed. Then, this paper investigates the attacking vector of the Trojan type malware in OSNs. First, the clustering coefficient which is one of the main OSN graph characteristics is examined through simulation. It is shown that the clustering coefficient has a linear effect on the speed of Trojans. Second, the effect of user behavior is studied using different user reactions to malicious posts. Through simulations, we show that, if Trojans try to deceive users by choosing interesting topics, the speed of propagation will be increased exponentially. This effect raises the significance of giving security knowledge to avoid designated social engineered posts. Finally, we suggest adjustment to the current model for malware propagation in scale-free networks to consider the effect of clustering coefficient and the user behaviors.

Additional Metadata
Keywords ClickJacking, Malware modeling, OSN, Trojan
Persistent URL
Conference 2012 5th International Conference on New Technologies, Mobility and Security, NTMS 2012
Faghani, M.R. (Mohammad R.), Matrawy, A, & Lung, C.H. (2012). A study of Trojan propagation in online social networks. Presented at the 2012 5th International Conference on New Technologies, Mobility and Security, NTMS 2012. doi:10.1109/NTMS.2012.6208767