Document type
Conference papers
Document subtype
Full paper
Title
Characterizing Social Insider Attacks on Facebook
Participants in the publication
Wali Ahmed Usmani (Author)
Diogo Marques (Author)
Ivan Beschastnikh (Author)
Konstantin Beznosov (Author)
Tiago Guerreiro (Author)
Dep. Informática
LASIGE
Luís Carriço (Author)
Dep. Informática
LASIGE
Summary
Facebook accounts are secured against unauthorized access through passwords and device-level security. Those defenses, however, may not be sufficient to prevent social insider attacks, where attackers know their victims, and gain access to a victim's account by interacting directly with their device. To characterize these attacks, we ran two MTurk studies. In the first (n = 1,308), using the list experiment method, we estimated that 24% of participants had perpetrated social insider attacks and that 21% had been victims (and knew about it). In the second study (n = 45), participants wrote stories detailing personal experiences with such attacks. Using thematic analysis, we typified attacks around five motivations (fun, curiosity, jealousy, animosity, and utility), and explored dimensions associated with each type. Our combined findings indicate that social insider attacks are common, often have serious emotional consequences, and have no simple mitigation.
Event
Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems - CHI '17
Publication Identifiers
ISBN - 9781450346559
Address
Denver, Colorado, USA
Publisher
ACM Press
Starting page
3810
Last page
3820
Document Identifiers
URL -
http://dx.doi.org/10.1145/3025453.3025901
DOI -
https://doi.org/10.1145/3025453.3025901
Rankings
CORE A* (2014-17) -
Google Metrics (2019) - 86