socialbots and its implication on online social networks md abdul alim, xiang li and tianyi pan...
TRANSCRIPT
Socialbots and its implication On ONLINE SOCIAL Networks
Md Abdul Alim, Xiang Li and Tianyi PanGroup 18
Outline
2
Overview of socialbot
How socialbots spreads dangers
Impacts of socialbots
Infiltration mechanism: a case study
Socialbots Detection
Overview
A socialbot is a piece of software that controls a user account in an online social network and passes itself of as a human being
3
The dangers of socialbots
Harvest private user data Socialbots can be
used to collect organizational data Online
surveillance Profiling Data
commoditization
4
Contd.
Spread misinformation OSNs are attractive
medium for abusive content and Socialbots take advantage of it Propagate
propaganda Political astroturfing Bias public opinion Influence user
perception5
Contd.
Malware infection Infect computers
and use it for DDoS Social spamming Fraudulent
activities
6
Impact of socialbots
OSNs are growing source of income for advertisers, investors, developers Inaccurate representation of actual users in
OSNs severely impact the revenue of dependent businesses
7
Up to 15 millio
n (1.2%
of monthly active users)
are fake [2014
Facebook earning
report]
Boshmaf et. al (2011) showed that Facebook can be infiltrated by socialbots sending friend requests. Average reported acceptance rate: 35.7% up to 80% depending on how many mutual friends the social bots had with the infiltrated users
Impact of socialbots (contd.)
8
Socialbots: a case study
Elyashar et al. (2013) performed a social study for infiltrating specific users in targeted organizations using socialbots
Technology oriented organizations were chosen to emphasize the vulnerability of users in OSNs Employees of these organization should be
more aware of the dangers of exposing private information
An infiltration is defined as accepting a Socialbot's friend request. Upon accepting a Socialbot's friend request, users unknowingly expose information about themselves and their workplace which leads to security compromise
9
Socialbot: infiltration mechanism
OSN: Facebook Target Organization: 3 [selected by the
authors, not disclosed] Targeted users: 10 Socialbot: one socialbot per organization
Idea is to send friend requests to all specific users' mutual friends who worked or work in the same targeted organization. The rationale behind this idea was to gain as many mutual friends as possible and through this act increase the probability that our friend requests will be accepted by the targeted users.
10
Steps: infiltration mechanism1. Step1:
crawl on targeted organizations to gather public information regarding its employees who have a Facebook user account and declared that they work or worked in the targeted organizations
2. Step2: Choose 10 users randomly to be a target for infiltration
3. Step3: Increase credibility of the socialbot: Send friend request to random users each of them having more than 1000 friend regardless of organization.
4. Step4: After socialbot has 50 friends, send friend request to targeted users’ mutual friends 11
Algorithm: infiltration mechanism
12
Result of the study
13
Socialbot 1 in Organization 1 succeeded to accumulate 50% of the targeted users
Socialbot 2 in Organization 2 succeeded to accumulate 70% of the targeted users
Results for two organization
How to detect the socialbots?
14
Socialbot Detection
Existing Detection Methods
Feature-based detection
15
Feature-based Detection
16
Relies on user-level activities and its account details
Uses machine learning techniques to classify accounts (fake or real)
For the attacker: relatively easy to circumvent
Mimic real users! Only 20% of fake accounts are detected
by this method. (Boshmaf et. al 2011)
Existing Detection Methods
Feature-based detection Graph-based detection
17
Graph-based Detection
18
Rank nodes based on landing probability of short random walks, started from trusted nodes.
Graph-based Detection
19
Perform cut based on node ranking
Graph-based Detection
Assumption: social infiltration on a large scale is infeasible
20
Not always true!
(Pic from Boshmaf et. al 2011)
Graph-based Detection
21
Solution: Integro (Boshmaf et. al 2015 )
Find potential victims Machine learning method (random forests) Assign each node a probability of being a
victim Create weighted graph & choose trusted
nodes Decide edge weights based on their incident
nodes’ victim probability The higher the probability, the lower the
weight Community based trusted nodes selection
Rank nodes based on short random walks in the weighted graph
22
Integro
23
Integro
24
Integro
25
Find Potential Victims
Random Forest Learning method Decision tree based learning Separate the dataset to subsets and use a
decision tree for each dataset Cross-validation method
Chop the dataset into 10 equally sized sets RF method on 9 sets Use the remaining one for testing
26
Create Weighted Graph & Choose Trusted Nodes
Assign weight based on victim probability
Choose trusted nodes Detect communities by the Louvain method Randomly pick a small set of nodes from
each community Manual verification of the selected nodes
27
Rank Nodes Based on Short Random Walks
Trust propagation process
Stop after rounds Rank nodes by
in descending order
28
Experiments
Datasets Labeled feature vectors (for learning)
8.8K public Facebook profiles (32% victims) 60K full Tuenti profiles (50% victims)
Graph samples (for detection) Snapshot of Tuenti’s daily active user graph on
Feb. 6 2014
29
Feature Vector
30
Experiment Results
Precision (In Tuenti)
31
Experiment Results
Scalability (In small-world graphs)
32
RF Ranking
What else can be done?
Stop fake accounts at the time they are created? Fake accounts send random friend requests
at the time they are created It is abnormal when the friends of a real
person all belong to different communities Methods other than random walk to cut
the graph? Current random walk method is limited to
undirected graphs
33
34
Questions?
35
Thank you!