In the past six years, tremendous growth in the size and popularity of social networking has fundamentally changed the way we use the Internet. As social aspects to the Internet continue to expand in both quantity and scope, security of the users of social networking sites and the data generated by them will ultimately become an unavoidable concern. This is a realization that malicious users have already had, as viruses, spyware, and phishing scams continue to propagate through social networks at an alarming rate. It is now becoming increasingly critical that the average user also understands this potential for the exploitation of trust among the social networking community. Yet, the security industry has been slow to respond in the act of providing adequate tools for protecting the user. This thesis describes the development of a proof-of-concept application that uses social networking data to aid in the detection of malicious web content as it propagates through the user's network. While this methodology certainly has its limitations, including user impersonation and false positive rates, the results of testing this application against known phishing and malware sites with real-world user profiles have shown surprisingly positive results.

Library of Congress Subject Headings

Online social networks--Security measures; Internet--Security measures; Internet--Social aspects; Phishing--Prevention; Malware (Computer software)

Publication Date


Document Type



Pan, Yin

Advisor/Committee Member

Yuan, Bo

Advisor/Committee Member

Stackpole, Bill


Note: imported from RIT’s Digital Media Library running on DSpace to RIT Scholar Works in December 2013.


RIT – Main Campus