Dongwon Shin
ABSTRACT
A Sybil attack is a critical threat that undermines the trust and integrity of web services by creating and exploiting a large number of fake (i.e., Sybil) accounts. To mitigate this threat, previous studies have proposed leveraging collective classification to detect Sybil accounts. Recently, researchers have demonstrated that state-of-the-art adversarial attacks are able to bypass existing collective classification methods, posing a new security threat. To this end, we propose RICC, the first robust collective classification framework, designed to identify adversarial Sybil accounts created by adversarial attacks. RICC leverages the novel observation that these adversarial attacks are highly tailored to a target collective classification model to optimize the attack budget. Owing to this adversarial strategy, the classification results for adversarial Sybil accounts often significantly change when deploying a new training set different from the original training set used for assigning prior reputation scores to user accounts. Leveraging this observation, RICC achieves robustness in collective classification by stabilizing classification results across different training sets randomly sampled in each round. RICC achieves false negative rates of 0.01, 0.11, 0.00, and 0.01 in detecting adversarial Sybil accounts for the Enron, Facebook, Twitter_S, and Twitter_L datasets, respectively. It also attains respective AUCs of 0.99, 1.00, 0.89, and 0.74 for these datasets, achieving high performance on the original task of detecting Sybil accounts. RICC significantly outperforms all existing Sybil detection methods, demonstrating superior robustness and efficacy in the collective classification of Sybil accounts.
- Leyla Bilge, Thorsten Strufe, Davide Balzarotti, and Engin Kirda. 2009. All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks. In Proceedings of the International Conference on World Wide Web. 551–560.Google Scholar
Digital Library
- Yazan Boshmaf, Dionysios Logothetis, Georgos Siganos, Jorge Lería, Jose Lorenzo, Matei Ripeanu, and Konstantin Beznosov. 2015. Íntegro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs. In Proceedings of the Network and Distributed System Security Symposium.Google ScholarCross Ref
- Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, and Matei Ripeanu. 2011. The Socialbot Network: When Bots Socialize for Fame and Money. In Proceedings of the Annual Computer Security Applications Conference. 93–102.Google ScholarDigital Library
- Adam Breuer, Roee Eilat, and Udi Weinsberg. 2020. Friend or Faux: Graph-Based Early Detection of Fake Accounts on Social Networks. In Proceedings of the Web Conference. 1287–1297.Google ScholarDigital Library
- Qiang Cao, Michael Sirivianos, Xiaowei Yang, and Tiago Pregueiro. 2012. Aiding the Detection of Fake Accounts in Large Scale Social Online Services. In Proceedings of the USENIX Conference on Networked Systems Design and Implementation. 197–210.Google Scholar
- Duen Horng “Polo” Chau, Carey Nachenberg, Jeffrey Wilhelm, Adam Wright, and Christos Faloutsos. 2011. Polonium: Tera-Scale Graph Mining and Inference for Malware Detection. In Proceedings of the SIAM International Conference on Data Mining. 131–142.Google Scholar
- Hanjun Dai, Hui Li, Tian Tian, Xin Huang, Lin Wang, Jun Zhu, and Le Song. 2018. Adversarial Attack on Graph Structured Data. In Proceedings of the International Conference on Machine Learning. 1115–1124.Google Scholar
- George Danezis and Prateek Mittal. 2009. SybilInfer: Detecting Sybil Nodes using Social Networks. In Proceedings of the Network and Distributed System Security Symposium.Google Scholar
- Zhijie Deng, Yinpeng Dong, and Jun Zhu. 2019. Batch Virtual Adversarial Training for Graph Convolutional Networks. CoRR abs/1902.09192 (2019).Google Scholar
- Hongyu Gao, Jun Hu, Christo Wilson, Zhichun Li, Yan Chen, and Ben Y. Zhao. 2010. Detecting and Characterizing Social Spam Campaigns. In Proceedings of the ACM SIGCOMM Conference. 35–47.Google Scholar
- Peng Gao, Binghui Wang, Neil Zhenqiang Gong, Sanjeev R. Kulkarni, Kurt Thomas, and Prateek Mittal. 2018. SybilFuse: Combining Local Attributes with Global Structure to Perform Robust Sybil Detection. In Proceedings of the IEEE Conference on Communications and Network Security.Google ScholarCross Ref
- Simon Geisler, Tobias Schmidt, Hakan Şirin, Daniel Zügner, Aleksandar Bojchevski, and Stephan Günnemann. 2021. Robustness of Graph Neural Networks at Scale. In Proceedings of the Advances in Neural Information Processing Systems. 7637–7649.Google Scholar
- Neil Zhenqiang Gong, Mario Frank, and Prateek Mittal. 2014. SybilBelief: A Semi-Supervised Learning Approach for Structure-Based Sybil Detection. IEEE Transactions on Information Forensics and Security 9, 6 (2014), 976–987.Google ScholarDigital Library
- Jinyuan Jia, Binghui Wang, and Neil Zhenqiang Gong. 2017. Random Walk Based Fake Account Detection in Online Social Networks. In Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks. 273–284.Google ScholarCross Ref
- Jinyuan Jia, Binghui Wang, Le Zhang, and Neil Zhenqiang Gong. 2017. AttriInfer: Inferring User Attributes in Online Social Networks Using Markov Random Fields. In Proceedings of the International Conference on World Wide Web. 1561–1569.Google ScholarDigital Library
- Wei Jin, Yaxin Li, Han Xu, Yiqi Wang, Shuiwang Ji, Charu Aggarwal, and Jiliang Tang. 2020. Adversarial Attacks and Defenses on Graphs: A Review, A Tool and Empirical Studies. ACM SIGKDD Explanations Newsletter 22, 2 (2020), 19–34.Google ScholarDigital Library
- Wei Jin, Yao Ma, Xiaorui Liu, Xianfeng Tang, Suhang Wang, and Jiliang Tang. 2020. Graph Structure Learning for Robust Graph Neural Networks. In Proceedings of the ACM SIGKDD Conference on Knowledge Discovery and Data Mining. 66–74.Google ScholarDigital Library
- Zhou Li, Sumayah Alrwais, Yinglian Xie, Fang Yu, and XiaoFeng Wang. 2013. Finding the Linchpins of the Dark Web: a Study on Topologically Dedicated Hosts on Malicious Web Infrastructures. In Proceedings of the IEEE Symposium on Security and Privacy. 112–126.Google Scholar
- Xiao Liang, Zheng Yang, Binghui Wang, Shaofeng Hu, Zijie Yang, Dong Yuan, Neil Zhenqiang Gong, Qi Li, and Fang He. 2021. Unveiling Fake Accounts at the Time of Registration: An Unsupervised Approach. In Proceedings of the ACM SIGKDD Conference on Knowledge Discovery and Data Mining. 3240–3250.Google ScholarDigital Library
- Yushan Liu, Shouling Ji, and Prateek Mittal. 2016. SmartWalk: Enhancing Social Network Security via Adaptive Random Walks. In Proceedings of the ACM Conference on Computer and Communications Security. 492–503.Google ScholarDigital Library
- Annie Palmer. 2022. Amazon sues two companies that allegedly help fill the site with fake reviews. https://www.cnbc.com/2022/02/22/amazon-sues-alleged-fake-reviews-brokers-appsally-rebatest.html.Google Scholar
- Shashank Pandit, Duen Horng Chau, Samuel Wang, and Christos Faloutsos. 2007. NetProbe: A Fast and Scalable System for Fraud Detection in Online Auction Networks. In Proceedings of the International Conference on World Wide Web. 201–210.Google ScholarDigital Library
- Feliz Solomon. 2016. Alibaba Takes On Fake Reviews in Its Latest Push For More Credibility. https://fortune.com/2016/12/20/alibaba-jack-ma-china-fake-reviews/.Google Scholar
- Acar Tamersoy, Kevin Roundy, and Duen Horng Chau. 2014. Guilt by Association: Large Scale Malware Detection by Mining File-relation Graphs. In Proceedings of the ACM SIGKDD Conference on Knowledge Discovery and Data Mining. 1524–1533.Google ScholarDigital Library
- Binghui Wang and Neil Zhenqiang Gong. 2019. Attacking Graph-based Classification via Manipulating the Graph Structure. In Proceedings of the ACM Conference on Computer and Communications Security. 2023–2040.Google ScholarDigital Library
- Binghui Wang, Neil Zhenqiang Gong, and Hao Fu. 2017. GANG: Detecting Fraudulent Users in Online Social Networks via Guilt-by-Association on Directed Graphs. In Proceedings of the IEEE International Conference on Data Mining. 465–474.Google ScholarCross Ref
- Binghui Wang, Jinyuan Jia, and Neil Zhenqiang Gong. 2019. Graph-based Security and Privacy Analytics via Collective Classification with Joint Weight Learning and Propagation. In Proceedings of the Network and Distributed System Security Symposium.Google ScholarCross Ref
- Binghui Wang, Le Zhang, and Neil Zhenqiang Gong. 2017. SybilSCAR: Sybil Detection in Online Social Networks via Local Rule based Propagation. In Proceedings of the IEEE Conference on Computer Communications.Google ScholarCross Ref
- Huijun Wu, Chen Wang, Yuriy Tyshetskiy, Andrew Docherty, Kai Lu, and Liming Zhu. 2019. Adversarial Examples for Graph Data: Deep Insights into Attack and Defense. In Proceedings of the International Joint Conference on Artificial Intelligence. 4816–4823.Google ScholarCross Ref
- Kaidi Xu, Hongge Chen, Sijia Liu, Pin-Yu Chen, Tsui-Wei Weng, Mingyi Hong, and Xue Lin. 2019. Topology Attack and Defense for Graph Neural Networks: An Optimization Perspective. CoRR abs/1906.04214 (2019).Google Scholar
- Xuening Xu, Xiaojiang Du, and Qiang Zeng. 2020. Attacking Graph-Based Classification without Changing Existing Connections. In Proceedings of the Annual Computer Security Applications Conference. 951–962.Google ScholarDigital Library
- Chao Yang, Robert Harkreader, Jialong Zhang, Seungwon Shin, and Guofei Gu. 2012. Analyzing Spammers’ Social Networks for Fun and Profit: A Case Study of Cyber Criminal Ecosystem on Twitter. In Proceedings of the International Conference on World Wide Web. 71–80.Google ScholarDigital Library
- Haifeng Yu, Phillip B. Gibbons, Michael Kaminsky, and Feng Xiao. 2008. SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks. In Proceedings of the IEEE Symposium on Security and Privacy. 3–17.Google ScholarDigital Library
- Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman. 2006. SybilGuard: Defending against Sybil Attacks via Social Networks. In Proceedings of the ACM SIGCOMM Conference. 267–278.Google ScholarDigital Library
- Ao Zhang and Jinwen Ma. 2020. DefenseVGAE: Defending against Adversarial Attacks on Graph Data via a Variational Graph Autoencoder. CoRR abs/2006.08900 (2020).Google Scholar
- Xiaoying Zhang, Hong Xie, Pei Yi, and John C.S. Lui. 2022. Enhancing Sybil Detection via Social-Activity Networks: A Random Walk Approach. IEEE Transactions on Dependable and Secure Computing (2022).Google Scholar
- Xiang Zhang and Marinka Zitnik. 2020. GNNGuard: Defending Graph Neural Networks against Adversarial Attacks. Proceedings of the Advances in Neural Information Processing Systems 33 (2020), 9263–9275.Google Scholar
- Haizhong Zheng, Minhui Xue, Hao Lu, Shuang Hao, Haojin Zhu, Xiaohui Liang, and Keith Ross. 2018. Smoke Screener or Straight Shooter: Detecting Elite Sybil Attacks in User-Review Social Networks. In Proceedings of the Network and Distributed System Security Symposium.Google ScholarCross Ref
- Dingyuan Zhu, Ziwei Zhang, Peng Cui, and Wenwu Zhu. 2019. Robust Graph Convolutional Networks Against Adversarial Attacks. In Proceedings of the ACM SIGKDD Conference on Knowledge Discovery and Data Mining. 1399–1407.Google ScholarDigital Library
Index Terms
- RICC: Robust Collective Classification of Sybil Accounts
Recommendations
The sybil attack in sensor networks: analysis & defenses
IPSN '04: Proceedings of the 3rd international symposium on Information processing in sensor networksSecurity is important for many sensor network applications. A particularly harmful attack against sensor and ad hoc networks is known as the Sybil attack [6], where a node illegitimately claims multiple identities. This paper systematically analyzes the ...
Evaluation of Sybil Attacks Protection Schemes in KAD
AIMS '09: Proceedings of the 3rd International Conference on Autonomous Infrastructure, Management and Security: Scalability of Networks and ServicesIn this paper, we assess the protection mechanisms entered into recent clients to fight against the Sybil attack in KAD, a widely deployed Distributed Hash Table. We study three main mechanisms: a protection against flooding through packet tracking, an ...
A sybil attack detection approach using neighboring vehicles in VANET
SIN '11: Proceedings of the 4th international conference on Security of information and networksVehicular Ad Hoc Network (VANET) is vulnerable to many security threats. One severe attack is Sybil attack, in which a malicious node forges a large number of fake identities in order to disrupt the proper functioning of VANET applications. In this ...
Comments