Secure and Efficient Framework for Multi-Level Authenticaton in Social Networks

International Journal of Computer Trends and Technology (IJCTT)          
© 2015 by IJCTT Journal
Volume-25 Number-2
Year of Publication : 2015
Authors : D.Yamuna, Prof.M.Giri


D.Yamuna, Prof.M.Giri "Secure and Efficient Framework for Multi-Level Authenticaton in Social Networks". International Journal of Computer Trends and Technology (IJCTT) V25(2):91-95, July 2015. ISSN:2231-2803. Published by Seventh Sense Research Group.

Abstract -
Internet provides different types of services to the users. Electronic mail, chat, photo sharing and social network services are provided by the Internet community. Most of the Internet services perform the user authentication using passwords. Password forgets and password changed by attackers requires user verification with security questions and alternate e-mail account support. Backup authentication mechanisms such as security questions and alternate email addresses are insecure or unreliable or bothFriends based verification is one of the backup authentication mechanism. A user in this system is associated with a few trustees that were selected from the user’s friends. When the user wants to regain access to the account, the service provider sends different verification codes to the user’s trustees. The user must obtain at least k verification codes from the trustees before being directed to reset his or her password. Forest fire attacks are applied on the trustee based social authentication scheme. In forest fire attacks an attacker initially obtains a small number of compromised users and then the attacker iteratively attacks the rest of users by exploiting trusteebased social authentications. A probabilistic model is constructed to formalize the threats of forest fire attacks and their costs for attackers. Various defense strategies are used to verify the forest fire attacks. The framework is applied to extensively evaluate various concrete attack and defense strategies using three real -world social network datasets. The forest fire attack handling mechanism is enhanced with time bounded verification strategies. Two level trustee based verification model can be introduced to improve the social authentication process. Multiple service based authentication can be used in the attack defending process.

[1] L. A. Adamic and E. Adar, “Friends and neighbors on the web,”SocialNetw., vol. 25, no. 3, pp. 211–230, 2003.
[2] (2013, May). BadRank [Online]. Available:
[3] J. Bonneau and S. Preibusch, “The password thicket: Technical andmarket failures in human authentication on the web,” inProc. 9thWorkshop Econ. Inform. Security (WEIS), 2010.
[4] J. Brainard, A. Juels, R. Rivest, M. Szydlo, and M. Yung, “Fourth-factorauthentication: Somebody you know,” inProc. 13th ACM Conf. Comput.Commun.Security (CCS), 2006.
[5] J. Podd, J. Bunnell, and R. Henderson, “Cost-effective computer security: Cognitive and associative passwords,” inProc. 6th Australian Conf.Comput.-Human Interact., 1996 .
[6] D. Easley and J. Kleinberg,Networks, Crowds, and Markets: ReasoningAbout a Highly Connected World. Cambridge, U.K.: Cambridge Univ.Press, 2010.
[7] (2013, May). Facebook’s Trusted Contacts [Online].
[8] (2011, Oct.). Facebook’s Trusted Friends [Online].
[9] H. Gao, J. Hu, C. Wilson, Z. Li, Y. Chen, and B. Zhao, “Detecting andcharacterizing social spam campaigns,” inProc. Internet Meas. Conf.(IMC), 2010.
[10] E. Gilbert and K. Karahalios, “Predicting tie strength with social media,”in Proc. SIGCHI Conf. Human Factors Comput. Syst., 2009.
[11] N. Z. Gong et al., “Evolution of social-attribute networks: Measurements, modeling, and implications using Google+,” inProc. ACM Conf.Internet Meas. Conf. (IMC), 2012.
[12] P. Jaccard, “Étude comparative de la distribution floraledansune portiondes Alpes et des Jura,”Bulletin Soc. Vaudoise Sci. Naturelles, vol. 37,no. 1, pp. 547–579, 1901.
[13] D. Kempe, J. Kleinberg, and E. Tardos, “Maximizing the spread ofinfluence through a social network,” in Proc. 9th ACM SIGKDD Int.Conf. Knowl.Discovery Data Mining (KDD), 2003.
[14] H. Kim, J. Tang, and R. Anderson, “Social authentication: Harder thanit looks,” in Proc. Financial Cryptography (FC), 2012.
[15] H. Kwak, C. Lee, H. Park, and S. Moon, “What is Twitter, a socialnetwork or a news media?” inProc. 19th Int. Conf. World Wide Web(WWW), 2010.

Multilevel Trustees, Forest Fire Attacks, Stealth Hacking