Social Network Forensic Tools
Social network sites are becoming increasingly popular, and have attracted millions of users,
many of whom have integrated these sites into their daily practice.
Some sites cater to diverse audiences,
while others attract people based on common language or shared racial, sexual, religious, or nationality-based identities.
These sites also vary by how they portray themselves by posting new information and using communication tools,
such as mobile connectivity, blogging, and photo/video-sharing, live text chat, comparing people, etc.
There are many security issues with the social network sites.
Users have the right to post information as they like, but is the information they are putting up secure?
How easy is it for others to access and change the information on their sites?
There are other security issues.
There is the inappropriate and often illegal use of these sites
for interacting with and in some cases preying on the vulnerable users of the sites.
There is also the distribution of malicious software through social networks --
one logs out users who view a compromised page for several seconds,
and another sends unauthorized friend requests from the target users
(for more information on malicious software through social networks, see
Technology Review article).
This project deals with the security issues related to social network sites.
The popular social network sites include Myspace, Second Life, Facebook, Netlog, HI5, IRC, Bebo, Skype, and Cyworld.
We need to understand and innumerate all the security problems before we can find solutions for them.
After we understand the security issues, we need to create forensic tools for the social network sites.
We also need to understand the legal issues that are enabled with these sites
because only then will we be able to develop security software.
The forensic tools being developed can be used by social network users so they can protect themselves.
They can also be used by law enforcement officers to help find the perpetrators of illegal uses of the sites.
For the most part, these tools will provide the ability to retrieve online user information of other users.
An earlier team on this project made a good start in developing some forensic tools,
Research Day 2009 paper.
This semester's team will continue to extend and developed these forensic tools.
Fast Agile XP Deliverables
We will use the agile methodology,
particularly Extreme Programming (XP) which involves small releases and fast turnarounds in roughly two-week iterations.
Many of these deliverables can be done in parallel by different members or subsets of the team.
The following is the current list of deliverables
(ordered by the date initiated, deliverable modifications marked in red,
initiated date marked in bold red if programming involved,
completion date and related comments marked in green,
pseudo-code marked in blue):
- 2/1 (first week).
Read the background material to become familiar with the project.
Then, plan the semester's work with your instructor and customer Steve Kim.