A Big Data Analytic Identity Management Expert System for Social Media Networks by Kudapana Don Buddhima Hansinie Subasinghe. A presentation given at APNIC 42's Lightning Talks session on Tuesday, 4 October 2016.

1. A Big Data Analytic Identity
Management Expert System for
Social Media Networks
K.D.B.H. Subasinghe S.R. Kodithuwakku
Department of Statistics and Computer
Science,
Faculty of Science,
University of Peradeniya
Peradeniya,
Sri Lanka
E- mail : buddhimahs@hotmail.com

2. “Identity theft is like true love….
You never think it will happen to you.”
Johnny Corn

3. Agenda
• Introduction
• Identity Management in Social Media
• Our Approach
• Methodology
• Results
• Conclusion and Future Work
• References

4. Introduction
• Explosive Growth
of social media
• Privacy / Security
at a Risk ?
• Need for Identity
Management

5. Identity Management in Social Media
The Need
NETWORKS???
• 83M Facebook profiles fake
• 65M LinkedIn Passwords at risk AND 30,000 passwords
cracked
• Cyber Theft hacked 24 M Zappos/Amazon Customers
• 1.5 M eHarmony Passwords
stolen in 2002
• 1.5 M credit card
numbers STOLEN in 2014

6. Identity Management in Social Media
Current Status
• User Credential based Identity management system
[Brian Soeder et al(2015)]
• Encryption and multi-factor authentication followed by a
cryptographic methods for user authentication
[G.-J. Ahn et al(2009)]
• Game theoretic approaches
to reputation and trust
[K. C. Nguyen et al(2010)]
• Several studies on e-commerce
not on user behavior of social
networks [A. Rabkin et al 2008]

7. Identity Management in Social Media
Research Gap
• Observing usage data for identity management by the
network operator violates user privacy
• This has retarded the development of effective identity
management systems in social media
• There’s a research gap to come up with effective and
robust identity management systems without violating
user privacy rights.

8. Our Approach
• We propose to develop an evolving Hidden Markov Model
(HMM) for each user at network operator’s end.
• HMM model is dynamically updated as and when a user
browses the social media network to capture his usage
character.
• User activity sequence from login to logout is checked against
his typical usage behavior to identify illegitimate user.
“A person can never be understood by his words,
but by his actions.”

9. MethodologyMethodology

10. Methodology
User Behavior HMM model

11. • Here mainly there is only one prominent state
• Subsequent to user activity, brings him back to the original
state
• Depending on the user character, he may perform respective
activities to more or less extent
• Transition probabilities of these user activities are dynamically
updated with usage
Methodology
User Behavior HMM model

12. Activity Count Transition Probability
A1 10 P1 = 10/102
A2 13 P2 = 13/102
.
A68
.
7
.
P68 = 7/102
Sum 102 1.0
Methodology
HMM model – Transition Probabilities

13. Methodology
No of Activities logged 10
Sequence of Activities per user login A30,A1,A5,A4…..
PT = Probability of sequence of activities PT = P30.P1.P5.P4
Mean Transition Probability :
X = [∏ 𝑃 i (𝑞 → 𝑞`)],/..
/0, PM= (PT)^1/N
Behavioral Legitimacy Index (BLI)
Mean (PM) = µ ; STD (PM) = 𝜎 BLI = 𝑒𝑥𝑝((−(PM − µ) 7/2𝜎7)
Methodology
HMM model
Behavioral Legitimacy Index

14. Methodology
HMM model
Behavioral Legitimacy Index
Distribution of X for a typical user
We observe that the Mean Transition Probability (X) is
approximately normally distributed

15. MethodologyMethodology
Login Time Deviation
K Means Clustering
• Naturally users have prominent characteristic login times during
the day
• Time deviation from a prominent login time is related to
legitimacy

16. Methodology
Neuro-Fuzzy Classifier
The Neuro-Fuzzy Model
• Login time deviation and
User Behavioral Legitimacy
as inputs
• Three membership functions
for each input
• Nine Fuzzy rules
• Model generated using
Mathlab Fuzzy Logic toolbox

17. Methodology
Training Neuro-Fuzzy Classifier
• 5-6 years of usage data from 3 different users
• 24 event sequences per user extracted per activity log
resulting 24x3=72 legitimate event sequences.
• Each 24 legitimate event sequence of a user applied in the
HMM models of the other two users to generate 2x24x3=144
event sequences considered illegitimate.
• Therefore, in total 72+144 = 216 data points for our analysis.

18. Results
• The HMM user behavioural model alone gives an accuracy of
73.61% in detecting authorized users
• 71.33% accuracy in detecting unauthorized users.
• Overall precision of detecting right user
(legitimate/illegitimate) is 72.1%
• false positive rate of 8.83%
• false negative rate of 19.07%

19. Results
Final Legitimacy of Users from
Neuro-Fuzzy Inferencing
• Overall precision of detecting right user is 76.85%,
• false positive rate of 10.65%
• false negative rate of 12.5%.

20. Results
Final Distribution of Valid and
Invalid User
• Accuracy of identifying a legitimate user - 84%
• Accuracy in identifying an illegitimate user - 62.5%
• Illegitimate users undetected - 37.5%
• Legitimate users detected illegitimate - 15.97%

21. Conclusion and Future Work
• A novel analytical method for detecting unauthorised access
of computer resources is developed
• Developed a novel mechanism to monitor social media user
activities without violating their privacy rights
• This principle can be applied to any web-based application
which require user identification based on his activities
performed.
• This research being extended to monitor user generated text
in web applications to carry out NLP based contextual analysis
to moderate content.

22. Conclusion and Future Work

23. References
• Kaplan, Andreas M. and Haenlein, Michael. (2010). Users of the world, unite! The challenges and opportunities of Social
Media. Business Horizons, 53, 59-68.
• R.Schullich,”Risk Assessment of Social Media” GIAC (GSEC) Gold Certification, December 5th
2011
• The Guardian , available at http://www.theguardian.com/technology/2012/aug/02/facebook-83m-profiles-bogus-fake
• Krog,A.(1998), “An Introduction to hidden Markov models for biological sequences”,Computational Methods in Molecular
Biology, pp. 45-63, Elsevier
• S.S. Joshi and V.V Phoha, ‘Investigating Hidden Markov Models Capabilities in Anomaly Detection,” Proc. 43rd
ACM Ann.
Southeast Regional Conf.,vol. 1, pp.45-55, 2014.
• S. Blake, D.L. Black, M.A. Carlson, E. Davies, Z. Wang,W.Weiss, “An Architecture for Differentiated Services,” RFC2475,
Internet Engineering Task Force, Network Working Group, December 1998. Category:
Informational.http://www.ietf.org/html.charters/diffserv-charter.html.
• A. Cabrera, S. Sánchez-Solano, P. Brox, A. Barriga, R.Senhadji. “Hardware/Software Codesign of Configurable FuzzyControl
Systems”. Applied Soft Computing, Vol. 4, n. 3, pp.271-285, December 2014.
• H.C. Cho, M.S. Fadali, H. Lee, “Dynamic Queue Scheduling using Fuzzy Systems for Internet
• Routers,” IEEE International Conference on Fuzzy Systems (FUZZ-IEEE) 2005, Reno, USA,May 2013.
• Cisco Systems, Inc. “Cisco Series 12000 router performance evaluation. 2005.http://www.cisco.com
• G.-J. Ahn, M. Ko, and M. Shehab. Privacy-enhanced user-centric identity management. In IEEE International Conference on
Communications, pages 1–5, 2009.
• A. Rabkin. Personal knowledge questions for fallback authentication: security questions in the era of Facebook. In SOUPS
’08: Proc. of the 4th symposium on Usable privacy and security, pages 13–23, New York, NY, USA, 2008.
• T. W. van der Horst and K. E. Seamons. Simple authentication for the web. In WWW ’07: Proc. of the 16th international
conference on World Wide Web, pages 1217–1218, New York, NY, USA, 2007. ACM.
• P. J. Windley, D. Daley, B. Cutler, and K. Tew. Using reputation to augment explicit authorization. In DIM ’07: Proc. of the 2007
ACM workshop on Digital identity management, pages 72–81, New York, NY,USA, 2007. ACM.
• S. Kruk, S. Grzonkowski, A. Gzella, T. Woroniecki, and H.-C. Choi. D-foaf: Distributed identity management with access rights
delegation. In The Semantic Web – ASWC 2006, volume 4185 of Lecture Notesin Computer Science, chapter 15, pages 140–
154. Springer Berlin Heidelberg, 2006.
• K. Aberer and Z. Despotovic. On reputation in game theory applicationon online settings, 2004. U. D. Farzad Salim, Jason
Reid and E. Dawson. Towards a game theoretic authorisation model. In Proc. of the 1st IEEE Conference on Decision and
Game Theory for Security, 2010.

24. Thank you !