Computer scientists from Cardiff University have created an intelligent system to identify malicious links disguised in shortened URLs on Twitter.
The system could identify potential cyber-attacks with up to 83 percent accuracy within five seconds and with up to 98 percent accuracy within 30 seconds when a user clicked on a URL posted on Twitter and malware began to infect the device.
"We are trying to build systems that can help law enforcement authorities make decisions in a changing cyber security landscape," said principal investigator on the project, professor Omer Rana. As people are increasingly using social networks such as Twitter to find information about events, the high volume of traffic around large-scale events creates a perfect environment for cyber-criminals to launch surreptitious attacks.
The scientists collected tweets containing URLs during the 2015 Superbowl and cricket world cup finals, and monitored interactions between a website and a user's device to recognise the features of a malicious attack. "Attackers can hide links to malicious servers in a post masquerading as an attractive or informative piece of information about the event," said lead scientist Pete Burnap.
URLs are always shortened on Twitter due to character limitations in posts, so it is incredibly difficult to know which are legitimate, Burnap said. Once infected the malware can turn your computer into a zombie computer and become part of a global network of machines used to hide information or route further attacks. "In a 2013 report from Microsoft these 'drive-by downloads' were identified as one of the most active and commercial risks to cyber security," Burnap said.