Various websites rely on a content delivery network (CDN) to facilitate distribution of media files to the website's viewers. A CDN is a system of distributed servers forming a computer network that delivers cached content objects (e.g., media files or other content files) to an end-user device based on the geographic locations of the end-user device, the origin of the content objects, and/or a content delivery server. In a typical architecture, a web server system for a website can store the blueprints (e.g., formatted in a markup language) of pages of the website. For example, a blueprint of a webpage can be specified as a hypertext markup language (HTML) page. A blueprint specifies how an end-user device renders the corresponding page of the blueprint. The blueprint can specify links to one or more content objects for an end-user device to fetch from a CDN in order to render the page. The blueprint can specify where to render the content objects relative to other content of the page.
Because of the distributed manner of a CDN and because a content delivery server may be managed by a third-party entity different from the entity that manages a web server system, a malicious computing system may be able to access some of the content objects in the CDN without the web server system's approval. In one example, a web server system is part of a social networking system and a CDN can cache/store the photos and videos of the social networking system for end-user devices. In this example, a malicious computing system may be able to retrieve the photos and videos without being detected, and reconstruct a shadow social graph based on image recognition of the photos.
The figures depict various embodiments of this disclosure for purposes of illustration only. One skilled in the art will readily recognize from the following discussion that alternative embodiments of the structures and methods illustrated herein may be employed without departing from the principles of embodiments described herein.