Analysis of Malicious URLs on Social Networking Services and Protection

Abstract

Cyber attack is one of the most serious threats facing many organizations in the Internet era. In addition to hardening computer and network systems, it is important to surely deliver security information to end users. This paper presents the results of analysis on malicious messages and URLs sent on a social networking service; Twitter. We also present a method and system for safe-browsing of URL links. URLs, and sometimes shortened URLs, on SNS may be utilized for malicious activities to redirect users to unexpected resources, e.g. phishing and malware, by obscuring the final destinations. The analysis results show that about 20% of messages contain at least one URL, 0.1% of messages contain malicious URLs. The users sent such messages and messages themselves have short lifetime on Twitter. That is, they are removed soon after malicious activities; 99% of them are disappeared within one month. The proposed system enables users to know how safe a particular Web resource might be before users dereference it. Our system retrieves and delivers safety information of the URLs on user's demand by a simple operation.