In an attempt to crack down on the spreading of malicious computer viruses, experts from Cardiff University will be trawling through thousands of suspicious links that are spread across social media during this year’s European Football Championships.
The researchers, from the School of Computer Sciences & Informatics, will be deploying a trained computer, known as an ‘intelligent system’, to trawl through thousands of inconspicuous URLs that are tacked on to a vast array of tweets relating to the ‘Euro 2016’ tournament in France.
The team are using the event as a test bed to further refine their computer system and gather more information about the types of malicious viruses and software, collectively known as malware, that are being spread across Twitter.
It is hoped the information can be used to help law enforcement authorities develop a future warning system that can flag a malicious link to the computer user in real-time, which the researchers hope can also be rolled out in the form of an app to mobile users.
The European Football Championships have been specifically chosen to trial the detection systems due to the large volume of tweets that are sent during this time. According to data taken in 2014, the football World Cup that took place in Brazil was the most tweeted about event ever. In the same year, eight of the 10 most tweeted about events were sports related.
As such, sporting events are an ideal opportunity for cybercriminals to target the masses and spread malicious viruses through social media.
According to McAfee Labs, one of the world’s leading internet security companies, in the last quarter of 2015 more than 157 million attempts were made each day to entice their customers into connecting to risky URLs.
Security experts believe that attacks using social media will rise considerably over the next few years as cybercriminals look to by-pass security systems and spread malware as widely as possible.
The intelligent computer system developed by the researchers at Cardiff will be searching for ‘drive-by downloads’, a name given to malicious malware that is downloaded onto a computer after a user simply visits, or ‘drives by’, a website.
Links that take you to the specific harmful website can be placed into innocent or normal-looking content, such as an email, text message or a tweet that tells you to look at something interesting or beneficial on a certain website.
This type of malware can turn your computer into a “zombie computer” and add it to a global network of machines used to hide information or route further attacks.
The Cardiff-developed intelligent system will quickly trawl through every tweet related to Euro 2016 that contains a URL, and perform a number of background checks to test whether the link is malicious and, if so, the timing and severity of damage that it could cause an end user.
The system has already been tested around two major sporting events – the Cricket World Cup and the Superbowl – and can currently pinpoint the exact time malicious viruses or software attack a computer, within a 30 second window, with 89% accuracy.
Dr Pete Burnap, Director of the Social Data Science Lab in the School of Computer Science & Informatics at Cardiff University, and lead scientist on the research, said: “It is well known that people use online social networks such as Twitter to find information about an event. URLs are often shortened on social media due to character limitations in posts, so it’s incredibly difficult to know which are legitimate.
“Once infected the malware can turn your computer into a zombie computer and become part of a global network of machines used to hide information or route further attacks. At the moment many existing anti-virus solutions identify malware using known code signatures, which make it difficult to detect previously unseen attacks. Our system is making a decision using code behaviour, which is more difficult for cyber criminals to mask.
“We are trying to build systems that can help law enforcement authorities make decisions in a changing Cyber Security landscape. Social media adds a whole new dimension to network security risk. This work contributes to new insights into this and we hope to take this forward and develop a real-time system that can protect users as they search for information about real-world events using new forms of information sources.”
