Intelligent system hunts out malware hidden in short Twitter URLs
Fri 25 Sep 2015

Computer scientists are developing a system to detect malicious code in shortened URLs on Twitter.
The intelligent system, co-funded by the Engineering and Physical Sciences Research Council (EPSRC) and the Economic and Social Research Council (ESRC), will be tested during the European Football Championships next summer.
Scientists were inspired to carry out further research on the problem, following a Cardiff University study which identified potential attacks within five seconds with up to 83% accuracy and within 30 seconds with up to 98% accuracy, when a user clicked on a shortened URL on Twitter.
The test collected data from tweets during the 2015 Superbowl and cricket world cup finals, and traced the interaction between the user’s device and the destination website to monitor for signs of malicious attack. Changes to the user’s machine, such as modified processes and files, were recorded as malicious activity.
These activities were then used to train their system to recognise common attack signs, and therefore distinguish between malicious and harmless URLs.
“Unfortunately, the high volume of traffic around large scale events creates a perfect environment for cybercriminals to launch surreptitious attacks. It is well known that people use online social networks such as Twitter to find information about an event,” explained Dr Pete Burnap, Director at Cardiff University’s Social Data Science Lab. He added that attackers typically disguise links to malicious servers in a tweet about an exciting part of an event to take advantage of the hype.
Professor Omer Rana, lead investigator on the team, which also includes researchers from Royal Holloway, the University of London, City University London, the University of Plymouth and Durham University, said that the European Football Championships next summer will provide an ideal environment for stress-testing the system, with a huge predicted spike in Twitter traffic.
Professor Philip Nelson, CEO at EPSRC, added: “Using social media is an integral part of modern life, vital to organisations, businesses and individuals. The UK needs to operate in a resilient and secure environment and this research will help combat these criminal cyberattacks.”