Detecting Spammers on Social Networks

1,498 views
1,388 views

Published on

Published in: Technology, News & Politics
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,498
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
66
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Detecting Spammers on Social Networks

  1. 1. Detecting Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna Detecting Spammers on Social NetworksGianluca Stringhini, Christopher Kruegel, and Giovanni Vigna University of California, Santa Barbara December 8, 2010
  2. 2. Detecting Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna Part ISocial Network Spam
  3. 3. DetectingWhy Targeting Social Networks? Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni VignaSocial networking sites are constantly gaining popularityMalicious parties can use them to: Steal personal information. Reach a large number of people. Execute targeted campaigns. Exploit networks of trust.
  4. 4. DetectingSample Scenario Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
  5. 5. DetectingSample Scenario Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
  6. 6. DetectingSample Scenario Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
  7. 7. DetectingSample Scenario Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
  8. 8. DetectingIs it really a problem? Spammers on Social Networks Gianluca Stringhini, Yes, it is Christopher Kruegel, and A previous study showed that: Giovanni Vigna 20% of the malicious friend requests are acknowledged. Users click on 45% of links posted by their “friends”. What makes spamming harder Javascript. Captchas. Twitter makes it easier Most pages are public. A developer-friendly API is provided.
  9. 9. DetectingUser Awareness Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
  10. 10. Detecting Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna Part IISpam Observation
  11. 11. DetectingOur Methodology Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni VignaHoney profiles
  12. 12. DetectingHoney Profiles Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna300 honey profiles on each of 3 popular social networks Facebook MySpace TwitterWe observed the behavior of spammers Spam bots show some characteristic behavior. We also studied the targeting of users based on certain information.
  13. 13. DetectingProfiles that contacted us Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna network overall spammers facebook 3,831 173 myspace 22 8 twitter 397 361Only a minority were spammers!We had to manually look at them.
  14. 14. DetectingSpam Behavior Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna Follow users aggressively. Followed back only by a fraction of the requests. Most of their messages contain a URL. The structure of the messages sent does not change much. Profile names are built on “templates”. Profile pictures come from a small set. Use “easier” ways to spam (e.g., Facebook mobile, Twitter API).
  15. 15. DetectingBot Categories Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni VignaWe categorize the bots based on their spam activity:Frequency of activity Slow FastRatio of spam content sent Greedy Stealth
  16. 16. DetectingTargeted Campaigns Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna Gender-related campaigns: 80% of spam victims on Facebook are males. Some campaigns use lists of names to target victims.
  17. 17. Detecting Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna Part IIISpam Detection
  18. 18. DetectingDetection Approach Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni VignaWe leverage our observations to detect spammers.We built a classifier that looks for typical features Following Followers Ratio. URL Ratio. Message Similarity. Friend Choice. Messages sent. Number of Friends.
  19. 19. DetectingSpam Detection on Facebook Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni VignaNo FF feature available.Difficult to get dataDataset from the Los Angeles and New York networks. We applied our classifier to 790,951 profiles. We detected 130 spammers, with 7 false positives.Spammers did not use geographic networks
  20. 20. DetectingSpam Detection on Twitter Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni VignaOn Twitter, most profiles are publicWe developed a real-time spam detection system.Twitter limits us to 20,000 API calls per hour We started crawling for those profiles sending tweets similar to the ones that have been flagged as spam during the training. Whenever we find new spam tweets, we search for them as well.
  21. 21. Detecting@spamdetector Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni VignaOur Crawling is targeted to previously observedcampaigns We set up a Twitter profile users can flag spammers to. Whenever our system detects one of those profiles as a spammer, it inserts it into the crawling system.
  22. 22. DetectingResults Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna In three months, we flagged 15,932 profiles as spammers. Twitter anti spam team considered 75 of these as false positives.
  23. 23. Detecting Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna Part IVAnalysis of Collected Spam
  24. 24. DetectingWhat kind of spam is out there? Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna Traditional Spam (e.g., pharmacy, dating) Phishing Malicious sites (e.g., koobface)
  25. 25. DetectingSpammer typical traits Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna The vast majority of spammers are “slow”. There are both “greedy” and “stealth” spammers. They act in “campaigns”.There is no common way to target users
  26. 26. DetectingSpam Campaigns Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
  27. 27. DetectingSpam Campaigns Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna
  28. 28. DetectingCampaign-Specific Features Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna Profilename templates. Profile pictures. Typical spamming times. Typical hashtags / mentions. look at where the URLs point.Our system does not use them, but they might beuseful to completely eradicate a given campaign.
  29. 29. DetectingOpen Problems & Future Work Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna Detect spammers whose behaviour differs from the modeled one. Detect DM spam.
  30. 30. Detecting Spammers on Social Networks Gianluca Stringhini, Christopher Kruegel, and Giovanni VignaThanks!

×