by Yaniv Altshuler
Published in IEEE Journal of Intelligent Systems
In this paper we discuss the threat of malware targeted at extracting information about the relationships in a... more
In this paper we discuss the threat of malware targeted at extracting information about the relationships in a real-world social network as well as characteristic information about the individuals in the network, which we dub \emph{Stealing Reality}. We explain why \emph{Stealing Reality} attacks differ from traditional types of attacks against individuals' privacy, and discuss why their impact is significantly more dangerous than other attacks such as identity theft. We then analyze this new attack and show what an optimal attack strategy would look like. Surprisingly, it differs significantly from many conventional network attacks, as it involves extremely slow spreading patterns. We point out that besides yielding the best outcome for the attackers, such an attack may also deceive existing monitoring tools, due to its low traffic volumes and the fact that it imitates natural end-user communication patterns.
Download (.pdf)