The innovation proposed in this project is a novel technology to protect people and businesses from socware, which refers to cyber-crime activities enabled by and propagated on Online Social Networks (OSNs), such as Facebook, Twitter, and Pinterest. First, it is clear that OSNs is the new battleground of cybercrime with worrisome trends, and a plan towards a secure the Internet has to include safer social networks. Second, socware will require novel security solutions, as it is significantly different and cannot be detected with existing security solutions for other security threats, like viruses and malware-infected websites. The innovation of this project is a holistic and effective approach for securing OSNs and their users. The technical novelty the approach lies in: (a) how it determines socware, by combining all possible useful information, and most importantly the "social context" of a post, and (b) the extensive repertoire of questions it answers, which include detecting malicious: posts, users, and Facebook apps. A key technical challenge is to engineer the solution for a large-scale deployment. Using an early prototype, it is observed that more than 60% of people are exposed to at least one malicious link in 5 months in Facebook.
There is a tremendous opportunity for the company to become the security pioneer in this space, given that these are still the early years of the social-web era. With 800M users, Facebook has become the new web: Facebook profiles are now the face of companies, instead of stand-alone websites. The effect of socware will only increase as users spend substantial time in OSNs and are influenced by them. Historically, every time a new technological platform emerges (PCs, Internet, and web), new cyber-threats and new specialized security solutions have emerged. The security landscape in OSNs is currently wide open, without a dominant player. Initially, the project will focus on Facebook, leveraging its current Facebook security application, but it will expand to other OSNs, to become the go-to security place for any social network. Outside the scope of this proposal, the long-term future plans will be opportunistic and could include services for Google+, Twitter, LinkedIn, and eventually, foreign-language networks, like the Chinese Renren, Weibo, which will be a non-trivial, but potentially lucrative expansion. The project has a multi-pronged strategy for monetizing the proposed technology, which will help create new services and complement the current successful services of the company, as evidenced by the feedback from the company's partners.
