skip to main content
10.1145/3292500.3330702acmconferencesArticle/Chapter ViewAbstractPublication PageskddConference Proceedingsconference-collections
research-article

Characterizing and Detecting Malicious Accounts in Privacy-Centric Mobile Social Networks: A Case Study

Published: 25 July 2019 Publication History

Abstract

Malicious accounts are one of the biggest threats to the security and privacy of online social networks (OSNs). In this work, we study a new type of OSN, called privacy-centric mobile social network (PC-MSN), such as KakaoTalk and LINE, which has attracted billions of users recently. The design of PC-MSN is inspired to protect their users' privacy from strangers: (1) a stranger is not easy to send a friend request to a user who does not want to make friends with strangers; and (2) strangers cannot view a user's post. Such a design mitigates the security issue of malicious accounts. At the same time, it also brings the battleground between attackers and defenders to an earlier stage, i.e., making friendship, than the one studied in previous works. Also, previous defense proposals mostly rely on certain assumptions on the attacker, which may not be robust in the new PC-MSNs. As a result, previous malicious accounts detection approaches are less effective on a PC-MSN.
To mitigate this issue, we study the patterns in friend requests to distinguish malicious accounts, and perform a systematic study over 1 million labeled data from WLink, a real PC-MSN with billions of users, to confirm our hypothesis. Based on the results, we propose dozens of new features and leverage machine learning to detect malicious accounts. We evaluate our method and compare it with existing methods, and the results show that our method achieves a precision of 99.5% and a recall of 98.4%, which significantly outperform previous state-of-the-art methods. Importantly, we qualitatively analyze the robustness of the designed features, and our evaluation shows that using only robust features can achieve the same level of performance as using all features. WLink has deployed our detection method. Our method can detect 0.59 million malicious accounts daily, which is 6 times higher than the previous deployment on WLink, with a precision of over 90%.

References

[1]
Fabricio Benevenuto, Gabriel Magno, Tiago Rodrigues, and Virgilio Almeida. 2010. Detecting spammers on twitter. In CEAS.
[2]
L. Bilge, T. Strufe, D. Balzarotti, and E. Kirda. 2009. All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks. In WWW .
[3]
Vincent D Blondel, Jean-Loup Guillaume, Renaud Lambiotte, and Etienne Lefebvre. 2008. Fast unfolding of communities in large networks. JSTAT, Vol. 2008, 10 (2008), P10008.
[4]
Leo Breiman. 2001. Random Forests. Machine Learning, Vol. 45, 1 (2001), 5--32.
[5]
Zhuhua Cai and Christopher Jermaine. 2012. The Latent Community Model for Detecting Sybils in Social Networks. In NDSS .
[6]
Qiang Cao, Michael Sirivianos, Xiaowei Yang, and Kamesh Munagala. 2015. Combating friend spam using social rejections. In ICDCS .
[7]
Qiang Cao, Michael Sirivianos, Xiaowei Yang, and Tiago Pregueiro. 2012. Aiding the Detection of Fake Accounts in Large Scale Social Online Services. In NSDI .
[8]
Qiang Cao, Xiaowei Yang, Jieqi Yu, and Christopher Palow. 2014. Uncovering Large Groups of Active Malicious Accounts in Online Social Networks. In CCS .
[9]
Zi Chu, Indra Widjaja, and Haining Wang. 2012. Detecting Social Spam Campaigns on Twitter. In ACNS .
[10]
G. Danezis and P. Mittal. 2009. SybilInfer: Detecting Sybil Nodes using Social Networks. In NDSS .
[11]
Manuel Egele, Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna. 2013. Compa: Detecting compromised accounts on social networks. In NDSS .
[12]
Bimal Viswanath et al. 2014. Towards Detecting Anomalous User Behavior in Online Social Networks. In USENIX Security Symposium .
[13]
Chao Yang et al. 2011. Die Free or Live Hard? Empirical Evaluation and New Design for Fighting Evolving Twitter Spammers. In RAID .
[14]
Gang Wang et al. 2013a. Social Turing Tests: Crowdsourcing Sybil Detection. In NDSS .
[15]
Haizhong Zheng et al. 2018. Smoke Screener or Straight Shooter: Detecting Elite Sybil Attacks in User-Review Social Networks. In NDSS .
[16]
Lorenzo Alvisi et al. 2013b. SoK: The Evolution of Sybil Defense via Social Networks. In IEEE S & P .
[17]
Saptarshi Ghosh et al. 2012. Understanding and Combating Link Farming in the Twitter Social Network. In WWW .
[18]
Shirin Nilizadeh et al. 2017. POISED: Spotting Twitter Spam Off the Beaten Paths. In CCS .
[19]
Wang Gang et al. 2013c. You Are How You Click: Clickstream Analysis for Sybil Detection. In USENIX Security Symposium .
[20]
Yazan Boshmaf et al. 2015. Integro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs. In NDSS .
[21]
Z. Yang et al. 2016. VoteTrust: Leveraging Friend Invitation Graph to Defend against Social Network Sybils. IEEE TDSC, Vol. 13, 4 (2016), 488--501.
[22]
Emilio Ferrara, Onur Varol, Clayton A. Davis, Filippo Menczer, and Alessandro Flammini. 2016. The rise of social bots. Commun. ACM, Vol. 59 (2016), 96--104.
[23]
Hongyu Gao, Yan Chen, Kathy Lee, Diana Palsetia, and Alok Choudhary. 2012. Towards online spam filtering in social networks. In NDSS .
[24]
Hongyu Gao, Jun Hu, Christo Wilson, Zhichun Li, Yan Chen, and Ben Y Zhao. 2010. Detecting and characterizing social spam campaigns. In IMC .
[25]
Neil Zhenqiang Gong, Mario Frank, and Prateek Mittal. 2014. SybilBelief: A Semi-supervised Learning Approach for Structure-based Sybil Detection. IEEE TIFS, Vol. 9, 6 (2014).
[26]
Chris Grier, Kurt Thomas, Vern Paxson, and Michael Zhang. 2010. @spam: The Underground on 140 Characters or Less. In CCS .
[27]
Hacking Election. 2016. http://goo.gl/G8o9x0
[28]
Hacking Financial Market. 2016. http://goo.gl/4AkWyt
[29]
Yoon Kyung Kim. 2014. Convolutional Neural Networks for Sentence Classification. In EMNLP .
[30]
Kyumin Lee, James Caverlee, and Steve Webb. 2010. Uncovering social spammers: social honeypots
[31]
machine learning. In SIGIR .
[32]
Kyumin Lee, Brian David Eoff, and James Caverlee. 2011. Seven Months with the Devils: A Long-Term Study of Content Polluters on Twitter. In ICWSM .
[33]
Pengfei Liu, Xipeng Qiu, and Xuanjing Huang. 2016. Recurrent Neural Network for Text Classification with Multi-Task Learning. In IJCAI .
[34]
Juan Martinez-Romo and Lourdes Araujo. 2013. Detecting malicious tweets in trending topics using a statistical analysis of language. Expert Syst. Appl., Vol. 40, 8 (2013), 2992--3000.
[35]
Tomas Mikolov, Kai Chen, Greg Corrado, and Jeffrey Dean. 2013. Efficient estimation of word representations in vector space. In ICLR Workshop .
[36]
Abedelaziz Mohaisen, Nicholas Hopper, and Yongdae Kim. 2011. Keep your friends close: Incorporating trust into social network-based Sybil defenses. In INFOCOM .
[37]
Abedelaziz Mohaisen, Aaram Yun, and Yongdae Kim. 2010. Measuring the mixing time of social graphs. In IMC .
[38]
Jonghyuk Song, Sangho Lee, and Jong Kim. 2011. Spam filtering in Twitter using sender-receiver relationship. In RAID .
[39]
Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna. 2010. Detecting spammers on social networks. In ACSAC .
[40]
Gianluca Stringhini, Pierre Mourlanne, Gregoire Jacob, Manuel Egele, Christopher Kruegel, and Giovanni Vigna. 2015. Evilcohort: detecting communities of malicious accounts on online services. In USENIX Security Symposium .
[41]
Kurt Thomas, Chris Grier, Justin Ma, Vern Paxson, and Dawn Song. 2011a. Design and evaluation of a real-time url spam filtering service. In IEEE S & P .
[42]
Kurt Thomas, Chris Grier, Vern Paxson, and Dawn Song. 2011b. Suspended Accounts in Retrospect: An Analysis of Twitter Spam. In IMC .
[43]
Bimal Viswanath, Ansley Post, Krishna P. Gummadi, and Alan Mislove. 2010. An Analysis of Social Network-Based Sybil Defenses. In SIGCOMM .
[44]
Alex Hai Wang. 2010. Don't Follow Me - Spam Detection in Twitter. In SECRYPT 2010 .
[45]
Chao Yang, Robert Harkreader, Jialong Zhang, Seungwon Shin, and Guofei Gu. 2012. Analyzing Spammer's Social Networks for Fun and Profit. In WWW .
[46]
Zhi Yang, Christo Wilson, Xiao Wang, Tingting Gao, Ben Y. Zhao, and Yafei Dai. 2011. Uncovering Social Network Sybils in the Wild. In IMC .
[47]
H. Yu, P. B. Gibbons, M. Kaminsky, and F. Xiao. 2008. SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks. In IEEE S & P .
[48]
H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. 2006. SybilGuard: Defending Against Sybil Attacks via Social Networks. In SIGCOMM .

Cited By

View all
  • (2024)Malicious Intent Detection Framework for Social Networksundefined10.12794/metadc2332602Online publication date: May-2024
  • (2024)Uncovering Malicious Accounts in Open Mobile Social Networks Using a Graph- and Text-Based Attention Fusion AlgorithmIEEE Internet of Things Journal10.1109/JIOT.2024.341655611:19(31040-31052)Online publication date: 1-Oct-2024
  • (2024)Cyber Sentinels: Illuminating Malicious Intent in Social Networks Using Dual-Powered CHAMPervasive Knowledge and Collective Intelligence on Web and Social Media10.1007/978-3-031-66044-3_4(58-74)Online publication date: 13-Aug-2024
  • Show More Cited By

Index Terms

  1. Characterizing and Detecting Malicious Accounts in Privacy-Centric Mobile Social Networks: A Case Study

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    KDD '19: Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining
    July 2019
    3305 pages
    ISBN:9781450362016
    DOI:10.1145/3292500
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 25 July 2019

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. friend request
    2. malicious accounts detection
    3. neural networks
    4. online social networks

    Qualifiers

    • Research-article

    Funding Sources

    • National Natural Science Foundation of China

    Conference

    KDD '19
    Sponsor:

    Acceptance Rates

    KDD '19 Paper Acceptance Rate 110 of 1,200 submissions, 9%;
    Overall Acceptance Rate 1,133 of 8,635 submissions, 13%

    Upcoming Conference

    KDD '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)17
    • Downloads (Last 6 weeks)1
    Reflects downloads up to 15 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Malicious Intent Detection Framework for Social Networksundefined10.12794/metadc2332602Online publication date: May-2024
    • (2024)Uncovering Malicious Accounts in Open Mobile Social Networks Using a Graph- and Text-Based Attention Fusion AlgorithmIEEE Internet of Things Journal10.1109/JIOT.2024.341655611:19(31040-31052)Online publication date: 1-Oct-2024
    • (2024)Cyber Sentinels: Illuminating Malicious Intent in Social Networks Using Dual-Powered CHAMPervasive Knowledge and Collective Intelligence on Web and Social Media10.1007/978-3-031-66044-3_4(58-74)Online publication date: 13-Aug-2024
    • (2023)Enhancing Sybil Detection via Social-Activity Networks: A Random Walk ApproachIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.315170120:2(1213-1227)Online publication date: 1-Mar-2023
    • (2023)Efficient and Effective Entity Alignment for Evolving Temporal Knowledge Graphs2023 IEEE International Conference on Data Mining (ICDM)10.1109/ICDM58522.2023.00044(349-358)Online publication date: 1-Dec-2023
    • (2023)Detecting suspicious transactions in a virtual-currency-enabled online social networkJournal of Network and Computer Applications10.1016/j.jnca.2022.103555211:COnline publication date: 1-Feb-2023
    • (2022)eFraudCom: An E-commerce Fraud Detection System via Competitive Graph Neural NetworksACM Transactions on Information Systems10.1145/347437940:3(1-29)Online publication date: 7-Mar-2022
    • (2022)Detect Professional Malicious User With Metric Learning in Recommender SystemsIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2020.304061834:9(4133-4146)Online publication date: 1-Sep-2022
    • (2022)Account Takeover Detection on E-Commerce Platforms2022 IEEE International Conference on Smart Computing (SMARTCOMP)10.1109/SMARTCOMP55677.2022.00052(196-197)Online publication date: Jun-2022
    • (2021)Lessons Learnt on Reproducibility in Machine Learning Based Android Malware DetectionEmpirical Software Engineering10.1007/s10664-021-09955-726:4Online publication date: 1-Jul-2021
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media