Virtual Forensics Lab

Background

Social network sites are becoming increasingly popular, and have attracted millions of users, many of whom have integrated these sites into their daily practice. Some sites cater to diverse audiences, while others attract people based on common language or shared racial, sexual, religious, or nationality-based identities. These sites also vary by how they portray themselves by posting new information and using communication tools, such as mobile connectivity, blogging, and photo/video-sharing, live text chat, comparing people, etc.

There are many security issues with the social network sites. Users have the right to post information as they like, but is the information they are putting up secure? How easy is it for others to access and change the information on their sites?

There are other security issues that may not be of interest in this project. There is the inappropriate and often illegal use of these sites for interacting with and in some cases preying on the vulnerable users of the sites. There is also the distribution of malicious software through social networks. One example logs out users who view a compromised page for several seconds, and another sends unauthorized friend requests from the target users. For more information, see Technology Review article.

Project

The purpose of this project is to create a Forensic Tool Kit for social network sites. Utilize one or more of the popular sites: Myspace, Second Life, Facebook, Netlog, HI5, IRC, Bebo, Skype, and Cyworld. This will require you to understand the technology and application of the programs.

This project deals with the security issues related to these sites. We need to understand and innumerate all the security problems before we can find solutions for them. How they come into the picture, and what things can affect the mobility for the user to use these social networks? After we gather this information, then we have to determine how to develop appropriate software or a tool kit compatible with these sites that can prevent these security based problems. We also need to understand the legal issues that are enabled with these sites because only then will we be able to develop security software.

Designing the tool kit may require knowledge of web programming, Java, and SQL. You might also use open source data mining and other information available on the Internet.