Abstract: The disclosed techniques provide systems and methods for detecting coordinated attacks on social networking databases containing personal end-user data. More specifically, various advanced persistent threat (APT) detection procedures are described that explore the commonality between specific targets of various private data accesses. In one embodiment, a threat detection tool is configured to process various private data accesses initiated by a source user account in order to identify associated query structures. The tool then applies one or more filters to the private data accesses to identify a subset of the private data accesses that have query structures indicating specific targets and processes these specific targets to determine if an access pattern exists. The access pattern can indicate, for example, a measure of commonality among two or more of the specific targets. If an access pattern exists, the threat detection tool can trigger an alarm.

Abstract: The disclosed techniques provide systems and methods for detecting malicious or otherwise abusive access of private end-user data in social networking systems. More specifically, various malicious action detection procedures are described for identifying a target user account that is examined via a private data access, generating a relationship scorecard including various social factors that together indicate a measure of social connectedness between a source user that initiates the private data access and the target user whose account is examined via the private data access, and making a determination as to whether the private data access is potentially abusive based on the social connectedness.

Abstract: The disclosed techniques provide systems and methods for detecting coordinated attacks on social networking databases containing personal end-user data. More specifically, various advanced persistent threat (APT) detection procedures are described that explore the commonality between specific targets of various private data accesses. In one embodiment, a threat detection tool is configured to process various private data accesses initiated by a source user account in order to identify associated query structures. The tool then applies one or more filters to the private data accesses to identify a subset of the private data accesses that have query structures indicating specific targets and processes these specific targets to determine if an access pattern exists. The access pattern can indicate, for example, a measure of commonality among two or more of the specific targets. If an access pattern exists, the threat detection tool can trigger an alarm.

Abstract: The disclosed techniques provide systems and methods for detecting coordinated attacks on social networking databases containing personal end-user data. More specifically, various advanced persistent threat (APT) detection procedures are described that explore the commonality between specific targets of various private data accesses. In one embodiment, a threat detection tool is configured to process various private data accesses initiated by a source user account in order to identify associated query structures. The tool then applies one or more filters to the private data accesses to identify a subset of the private data accesses that have query structures indicating specific targets and processes these specific targets to determine if an access pattern exists. The access pattern can indicate, for example, a measure of commonality among two or more of the specific targets. If an access pattern exists, the threat detection tool can trigger an alarm.

Abstract: One embodiment provides a system that detects vulnerabilities in a web application. During operation, the system obtains a web request which is directed to the web application, wherein the web request specifies at least one request parameter. The system then determines whether the web request is a suspicious web request by determining if at least one request parameter matches a known attack. Next, the system determines whether the suspicious web request can cause a vulnerability of the web application to be exploited.