SRI REVANA SIDDESHWARA INSTITUTE OF TECHNOLOGY

Chokkanahalli, Chikkajala, International Airport RoadBangalore – 562157

Department Of Computer Science & Engineering

PROJECT PHASE -3 PRESENTATION

1

FRAPPE: SCANNING FACEBOOK APPLICATIONS FOR SPYWARES AND BACK DOORS Guided By:

Prof. Arpitha T. R

Prepared By:Abhishek Gupta (1RC12CS001)Meghashree S. P (1RC12CS018)Pavithra S (1RC12CS023)Shruthi S (1RC12CS036)

THE DIARY Introduction

Abstract

Existing System

Proposed System

System Architecture

Requirements

Module

Use Case Diagram

Activity Diagram

Sequence Diagram

Snapshots

Conclusion

References

SRSIT CSE

INTRODUCTION

Online Social Networks(OSNs) enable and encourage third party applications to enhance the user experience on these platforms.

Facebook provides developers an API that facilitates app integration into the user-experience.

There are 500k apps available on Facebook and it has average of 20 million installs per day.

Due to the popularity of the apps in Facebook, Hackers are taking advantage to spread spam.

FRAppE is a tool used to detect malicious apps with 99% accuracy.

SRSIT CSE

ABSTRACT

Developing an tool called FRAppE, an accurate classifier for detecting malicious Facebook applications.

Most interestingly, we highlighted the emergence of app-nets large groups of tightly connected applications that promote each other.

Continue to dig deeper into this ecosystem of malicious apps on Facebook, and we hope that Facebook will benefit from our recommendations for reducing the menace of hackers on their platforms.

SRSIT CSE

EXISTING SYSTEM Most research's are related on detecting spam posts and malware. Identifying spam campaigns. A honey-pot-based approach to detect spam accounts on OSNs. Personal information or surveys can be sold to third parties to eventually

profit the hackers.

SRSIT CSE

DISADVANTAGES OF EXISTING SYSTEM

Malicious apps are out of control on Facebook and indicates that they do not operate in isolation.

Find that malicious apps collude at scale many malicious apps share the same name, several of them redirect to the same domain upon installation.

Observed behaviors indicate well-organized crime, with a few prolific hacker groups controlling many malicious apps.

SRSIT CSE

PROPOSED SYSTEM Develop efficient techniques for online spam filtering on OSNs such as

Facebook. A third-party application for spam detection on Facebook mechanisms for

detection of spam URLs on Facebook. Rather than classifying individual URLs or post as spam. We focus on

identifying malicious applications that are the main source of spam on Facebook.

Also similarly developed application converging the techniques to identify accounts of spammers on Facebook.

SRSIT CSE

ADVANTAGES OF PROPOSED SYSTEM

It focuses on quantifying, profiling & understanding malicious apps. User information's are secured and safe. Avoiding use of different client IDs in app installation. FRAppE can detect malicious apps with 99% accuracy.

SRSIT CSE

SYSTEM ARCHITECTURE

SRSIT CSE

SYSTEM MODEL

SRSIT CSE

HARDWARE REQUIREMENTS

System : Pentium IV 2.4 GHz. Hard Disk : 40 GB. Floppy Drive : 1.44 Mb. Monitor : 15 VGA Colour. Mouse : Logitech. Ram : 512 Mb.

SRSIT CSE

SOFTWARE REQUIREMENTS

Operating system : Windows XP/7. Coding Language : JAVA/J2EE IDE : Net beans 7.4 Database : MYSQL

SRSIT CSE

14

MODULES

Data collection Feature extraction Training Classification & Detection

SRSIT CSE

15

DATA COLLECTION

The data collection component has two subcomponents:

The collection of facebook apps with URLs Crawling for URL redirections

The crawling thread appends these retrieved URL and IP chains to the tweet information and pushes it into a queue.

SRSIT CSE

16

FEATURE EXTRACTION

The feature extraction component has three subcomponents: Grouping of identical domains Finding entry point URLs Extracting feature vectors

To classify a post, MyPageKeeper evaluates every embedded URL in the post

SRSIT CSE

17

TRAINING

The training component has two subcomponents: Retrieval of account statuses Training of the classifier

To label the training vectors, we use the account status; URLs from suspended accounts are considered malicious whereas URLs from active accounts are considered benign.

We periodically update our classifier using labeled training vectors.

SRSIT CSE

18

USE CASE DIAGRAMSRSIT CSE

19

ACTIVITY DIAGRAMSRSIT CSE

20

SEQUENCE DIAGRAMSRSIT CSE

21

SRSIT CSE

SNAPSHOTS

22

SRSIT CSE

23

SRSIT CSE

24

SRSIT CSE

25

SRSIT CSE

26

SRSIT CSE

27

CONCLUSION

Applications present convenient means for hackers to spread malicious content on Facebook.

little is understood about the characteristics of malicious apps and how they operate.

we showed that malicious apps differ significantly from benign apps with respect to several features

we developed FRAppE, an accurate classifier for detecting malicious Facebook applications

SRSIT CSE

REFERENCES [1] C. Pring, “100 social media statistics for 2012,” 2012 [Online]. Available:

http://thesocialskinny.com/100-social-media-statistics-for-2012/ [2] Facebook, Palo Alto, CA, USA, “Facebook Open graph API,” [Online]

Available:http://developers.facebook.com/docs/reference/api/ [3] “Wiki: Facebook platform,” 2014 [Online]. Available: http://en.

wikipedia.org/wiki/ Facebook Platform [4] “Profile stalker: Rogue Facebook application,” 2012 [Online]. Available:

https://apps.facebook.com/mypagekeeper/?status=scam_report- _fb_survey_scam_pr0file_viewer_2012_4_4 .

SRSIT CSE

29

THANK YOU..!!

Queries..??