Loading [MathJax]/extensions/TeX/extpfeil.js
Detecting Malicious Accounts in Online Developer Communities Using Deep Learning | IEEE Journals & Magazine | IEEE Xplore

Detecting Malicious Accounts in Online Developer Communities Using Deep Learning


Abstract:

Online developer communities like GitHub allow a massive number of developers to collaborate. However, the openness of the communities makes them vulnerable to different ...Show More

Abstract:

Online developer communities like GitHub allow a massive number of developers to collaborate. However, the openness of the communities makes them vulnerable to different types of malicious attacks, since attackers can easily join these communities and interact with legitimate users. In this work, we propose GitSec, a deep learning-based solution for detecting malicious accounts in online developer communities. GitSec distinguishes malicious accounts from legitimate ones based on the account profiles, dynamic activity characteristics, as well as social interactions. First, GitSec introduces two user activity sequences and applies a parallel neural network design with an attention mechanism to process the sequences. Second, GitSec constructs two graphs to represent the interactions between users according to their repository operations. Especially, graph neural networks and structural hole theory are employed to deal with the two constructed graphs. Third, GitSec makes use of the descriptive features to enhance the detection performance. The final judgement is made by a decision maker implemented by a supervised machine learning-based classifier. Based on the real-world data of GitHub users, our comprehensive evaluations show that GitSec achieves a better performance than state-of-the-art solutions, with an AUC value of 0.916.
Published in: IEEE Transactions on Knowledge and Data Engineering ( Volume: 35, Issue: 10, 01 October 2023)
Page(s): 10633 - 10649
Date of Publication: 17 January 2023

ISSN Information:

Funding Agency:


References

References is not available for this document.