Security analysis of malicious socialbots on the web

The open nature of the Web, online social networks (OSNs) in particular, makes it possible to design socialbots—automation software that controls fake accounts in a target OSN, and has the ability to perform basic activities similar to those of real users. In the wrong hands, socialbots can be used...

Full description

Bibliographic Details
Main Author: Boshmaf, Yazan
Language:English
Published: University of British Columbia 2015
Online Access:http://hdl.handle.net/2429/53166
id ndltd-UBC-oai-circle.library.ubc.ca-2429-53166
record_format oai_dc
spelling ndltd-UBC-oai-circle.library.ubc.ca-2429-531662018-01-05T17:28:13Z Security analysis of malicious socialbots on the web Boshmaf, Yazan The open nature of the Web, online social networks (OSNs) in particular, makes it possible to design socialbots—automation software that controls fake accounts in a target OSN, and has the ability to perform basic activities similar to those of real users. In the wrong hands, socialbots can be used to infiltrate online communities, build up trust over time, and then engage in various malicious activities. This dissertation presents an in-depth security analysis of malicious socialbots on the Web, OSNs in particular. The analysis focuses on two main goals: (1) to characterize and analyze the vulnerability of OSNs to cyber attacks by malicious socialbots, social infiltration in particular, and (2) to design and evaluate a countermeasure to efficiently and effectively defend against socialbots. To achieve these goals, we first studied social infiltration as an organized campaign operated by a socialbot network (SbN)—a group of programmable socialbots that are coordinated by an attacker in a botnet-like fashion. We implemented a prototypical SbN consisting of 100 socialbots and operated it on Facebook for 8 weeks. Among various findings, we observed that some users are more likely to become victims than others, depending on factors related to their social structure. Moreover, we found that traditional OSN defenses are not effective at identifying automated fake accounts or their social infiltration campaigns. Based on these findings, we designed Íntegro—an infiltration-resilient defense system that helps OSNs detect automated fake accounts via a user ranking scheme. In particular, Íntegro relies on a novel approach that leverages victim classification for robust graph-based fake account detection, with provable security guarantees. We implemented Íntegro on top of widely-used, open-source distributed systems, in which it scaled nearly linearly. We evaluated Íntegro against SybilRank—the state-of-the-art in graph-based fake account detection—using real-world datasets and a large-scale, production-class deployment at Tuenti, the largest OSN in Spain with more than 15 million users. We showed that Íntegro significantly outperforms SybilRank in ranking quality, allowing Tuenti to detect at least 10 times more fake accounts than their current abuse detection system. Applied Science, Faculty of Electrical and Computer Engineering, Department of Graduate 2015-05-14T17:46:53Z 2015-05-14T17:46:53Z 2015 2015-09 Text Thesis/Dissertation http://hdl.handle.net/2429/53166 eng Attribution 2.5 Canada http://creativecommons.org/licenses/by/2.5/ca/ University of British Columbia
collection NDLTD
language English
sources NDLTD
description The open nature of the Web, online social networks (OSNs) in particular, makes it possible to design socialbots—automation software that controls fake accounts in a target OSN, and has the ability to perform basic activities similar to those of real users. In the wrong hands, socialbots can be used to infiltrate online communities, build up trust over time, and then engage in various malicious activities. This dissertation presents an in-depth security analysis of malicious socialbots on the Web, OSNs in particular. The analysis focuses on two main goals: (1) to characterize and analyze the vulnerability of OSNs to cyber attacks by malicious socialbots, social infiltration in particular, and (2) to design and evaluate a countermeasure to efficiently and effectively defend against socialbots. To achieve these goals, we first studied social infiltration as an organized campaign operated by a socialbot network (SbN)—a group of programmable socialbots that are coordinated by an attacker in a botnet-like fashion. We implemented a prototypical SbN consisting of 100 socialbots and operated it on Facebook for 8 weeks. Among various findings, we observed that some users are more likely to become victims than others, depending on factors related to their social structure. Moreover, we found that traditional OSN defenses are not effective at identifying automated fake accounts or their social infiltration campaigns. Based on these findings, we designed Íntegro—an infiltration-resilient defense system that helps OSNs detect automated fake accounts via a user ranking scheme. In particular, Íntegro relies on a novel approach that leverages victim classification for robust graph-based fake account detection, with provable security guarantees. We implemented Íntegro on top of widely-used, open-source distributed systems, in which it scaled nearly linearly. We evaluated Íntegro against SybilRank—the state-of-the-art in graph-based fake account detection—using real-world datasets and a large-scale, production-class deployment at Tuenti, the largest OSN in Spain with more than 15 million users. We showed that Íntegro significantly outperforms SybilRank in ranking quality, allowing Tuenti to detect at least 10 times more fake accounts than their current abuse detection system. === Applied Science, Faculty of === Electrical and Computer Engineering, Department of === Graduate
author Boshmaf, Yazan
spellingShingle Boshmaf, Yazan
Security analysis of malicious socialbots on the web
author_facet Boshmaf, Yazan
author_sort Boshmaf, Yazan
title Security analysis of malicious socialbots on the web
title_short Security analysis of malicious socialbots on the web
title_full Security analysis of malicious socialbots on the web
title_fullStr Security analysis of malicious socialbots on the web
title_full_unstemmed Security analysis of malicious socialbots on the web
title_sort security analysis of malicious socialbots on the web
publisher University of British Columbia
publishDate 2015
url http://hdl.handle.net/2429/53166
work_keys_str_mv AT boshmafyazan securityanalysisofmalicioussocialbotsontheweb
_version_ 1718584754511544320