AILABS - Lecture Series - Is AI the New Electricity? Topic:- Interplay of Trust and Risk in Social Media Communication, Presented by - Aditya Bagchi

Use and distribution limited solely to authorized personnel. (c) Copyright 2018
Lecture Series: AI is the New Electricity?
Interplay of Trust and Risk in Social Media Communication
Presented at AILABS Academy,
Kolkata on April 27th 2018
Prof. Aditya Bagchi
Emeritus Professor
School of Mathematical Sciences
Ramakrishna Mission Vivekananda Educational & Research
Institute, Belur, West Bengal, India

Interplay of Trust and Risk in Social Media
Communication
Aditya Bagchi
Emeritus Professor
School of Mathematical Sciences
Ramakrishna Mission Vivekananda Educational & Research
Institute
Belur, West Bengal, India
AILABS ACADEMY
Kolkata, April 27, 2018
Ramakrishna Mission Vivekananda
Educational & Research Institute
1

2
This work is based on the project initiated at the Super
Computer Center, University of California, San Diego, USA
in January 2017. Purpose is to provide quantitative measures
for trust, risk and their interplay while communicating over
social media. Social media involve SMS, e-mail, what’s up,
social nets like Facebook, LinkedIn etc. and even mobile
phones.
Related publication:
Amarnath Gupta, Subhasis Dasgupta, Aditya Bagchi,
“PROFORMA: Proactive Forensics with Message
Analytics”, IEEE Security & Privacy, vol. 15, no. 6, pp. 33-41,
November/December 2017, doi:10.1109/MSP.2017.4251112.
Students involved in the project in India:
Pushpendu Biswas – M.Sc. CS
Anurag Banerjee - M.Sc. CS
Nandish Chattopadhyay – M.Sc. BDA

3
We start with a real life event (Names have been changed):
• Medha, a single 35-year old resident of Kolkata, India is
communicating with Mark, resident of Berlin, Germany for
last 6 months over Facebook.
• Personal details exchanged, photos exchanged and
ultimately Mark proposed her and she accepted.
• Marriage date fixed and Mark apparently came to Delhi
and called her over Mobile Phone.
• Medha received a call from Customs Dept at New Delhi
Airport informing that Mark has been taken to custody for
bringing undeclared amount of jewelry.
• Medha being the only connection in India that Mark could
specify, should pay the bail amount in order to release him.
• After about half an hour, Medha received a SMS with bank
account detail for transferring bail amount.
• Medha did and then received no other message either from
Mark or from Customs Dept.

4
Most prevalent type of cyber-crime is:
• Fraudulent attack on individuals using different social
media like, e-mail, social network and even mobile
phone.
• The United States Dept. of Justice calls them “Mass-
Marketing Attacks through Social Media” and divided
these fraud schemes into the following categories
(https://www.justice.gov/criminal-fraud/):
• Online-Auction and Online-Retail Schemes
• Business Opportunity or “Work-at-Home” Schemes
• Credit-Card Interest Reduction Schemes
• Inheritance Schemes
• Lottery/Prize/Sweepstakes Schemes
• Online Sales Schemes
• Bank and Financial Account Schemes
• Romance Schemes

5
• Usually attack is made on Individuals.
• Communication with the potential victim is made for a long
time to earn his/her confidence.
• The potential victim may be communicated by an individual
or by a company which may even have a web presence.
• After building sufficient trust, the victim is asked to pay or
transfer money for some emergency.
• Sometimes, instead of directly paying any amount, the victim
may be convinced to reveal his/her bank details.
• Crime investigation in this area falls under Digital Forensics.
• Digital forensic science has traditionally been the study of
methods to recover and investigate material found in digital
devices that are examined to solve crimes involving the
computer and the internet.
• A forensic investigation is, by its very nature, a retrospective
activity -- it usually starts after the crime is committed.

6
WE NEED PROACTIVE FORENSICS
• Needs both Crime Detection & Crime Prevention.
• A possible crime should be detected early which may be a
false alarm.
• Since crime is organized for a long time, gradual growth
of the crime possibility needs to be measured.
• Since the possible victim is also participating in organizing
the crime, appropriate warning needs to be given to the
possible victim about this gradual growth.
Available Data:
• It is possible to retrieve social media items like Facebook
posts and messages through publicly available APIs.
• With proper access privilege, both current and historical
data (semi-structured) with text content, social circle of an
individual, information entities like URLs and phone
numbers etc. can be collected and analyzed.

7
Procedures:
• Significant advances have been made in decision-making
technologies -- including the ability to estimate trust values
of messages and individuals and evolve trust and risk
estimates over time as new events transpire.
• Involves gradual growth of trust on the possible
adversary through increased exchange of messages.
• Gradual growth of risk on the part of possible victim in
revealing sensitive information.
• Measure the interplay of trust and risk .
Subsystems:
• Profile building and matching.
• Social Context building.
• Message aggregation.
• Trust and Risk analysis.

8
Higher Level Architecture of a Proactive Forensic System

9
Building User Profile:
• A user profile is a collection of verified or verifiable facts, i.e.,
data records, about the user (i.e., the person being protected).
These facts are collected using the respective APIs of the social
networks accessible to the system, and are stored in a secure
personal knowledge base. Examples include birthday, current
and previous place and nature of work, academic degrees and
other skills earned etc. In a more aggressive scenario, it can
also include other publicly available facts available from the
Internet, such as the properties bought and sold, current and
prior addresses etc.
• Used for the purpose of building a personal knowledgebase
which is verifiable against any possible inconsistency.
• Can also be used for profile matching against friendship
requests.
• Different parameters may be organized as ontology structures.

10
• The term Ontology has been borrowed from Philosophy.
• In Computer Science it is used as Semantically inter-
connected information which may even be hierarchical.
• In Web-2 or Semantic Web, most of the data is expected to
be represented as Ontologies. Examples:
has-son has-son has-son
Grandfather Father Son Grandson
==============================================
Position Name
has-responsibility Person has-name
has-qualification has-address
Qualification Location
is-instance-of
XYZ

11
Matching of Profile Information
Trust = Ʃwi.di / n [i=1 to n]

12
Building of Social Context:
• Social context of a user is a graph (a network); more
precisely, a property graph in which each node and edge has
a type and may have a set of attributes and values.
• Thus the ego network of a user constructed from his/her
friends and followers on Facebook (or any other social
channel) forms a social context.
• In our design, we consider the graph to be a property graph,
which means the nodes and the edges of the graph can have
a set of {attribute, value} pairs associated with them. In these
cases, the nodes of the network can be people, organizations,
places, job positions etc., and the edges represent
relationships like friend, child, colleague, work-institution
and so forth.

13
A gmail based Ego Network
Node size => volume of e-mails
Same Node color => cluster

14
How to build a Social Context Graph (Example: Facebook)
• Analysis with respect to Posts.
• Friends are directly related.
• A B C connected by semantic relationship
friend-of. So in Social Context graph, B has a distance of
1 and C has a distance of 2.
• Number of posts or response to posts provides the
strength of a node within a specific period.
• Posts can be positive or negative.
• Positive or negative responses may be dependent on
aspects. (One may provide +ve response on Football but
–ve response on Music).
• Overall trust may be computed as a composite measure
of +ve and –ve responses and weights assigned to
different aspects.

15
Message Aggregation Process: The ability to automatically
detect problematic messages is a fundamental capability of a
proactive forensics system. A message, regardless of whether it
is an email, FB post, SMS message etc., has a core information
structure that consists of:
• metadata about the message including type of data, character
encoding, date and size of message.
• senders and receivers of the message.
• whether the method belongs to a thread and if so, the prior
message it refers to.
• body of the message, that contains semantic references (e.g.,
syntactic tokens like hashtags and user references, lexical
structures like URLs, lexico-semantic structures like phone
numbers and date of birth, as well as semantic entities like
the names of people, organizations and locations.
• auxiliary entities like images, audio and video files.

16
The message aggregator translates individual message formats
from different sources into a common internal form that it
stores in a component store specialized for semistructured data
(Asterix DB - UCI). Usually JSON (JAVA Script Object
Notation) format is used.
Applications:
• Initial Trust assignment: Trust-value for a node is assigned
by combining three factors:
1. Extent of communication between the user and the node,
where greater communication (or a close family link)
implies a higher trust.
2. Link strength; the relative importance of the node with
respect to the user based on a measure of common nodes
(mutual friends).
3. Quality of message exchange between two parties.
Individual scores are combined and normalized to a [0,1] scale.

17
Trust development between victim and adversary:
• Evaluated against multiple contexts.
• Possible contexts in FB environment –
• Interaction time span
• Number of interactions
• Interaction regularity
• Group membership
• Common interests
• Number of mutual friends etc.

18
A profile may also be Fake. Different methods to identify fake
profiles have been developed. Result may be false +ve or –ve.
Ix represents the number of interactions my user is having with
another member x and A is the average number of interactions
among n such members. Computation of trust Tx shows that a
sudden surge of interactions over the average A will reduce the
trust value suspecting anomaly in interaction on the part of
member x.

19
Post based friendship measure:
Standard NLP Tools like Stanford CoreNLP and Apache
OpenNLP have been used. Most relevant area is Sentiment
Analysis.
Aspect-wise Categorization:
Posts
Sports Politics Entertainment Product
Review
Humour Others

20
If (P/N) > 𝟏 + 𝜺 𝟏 , the post will be considered positive. [ 𝜺 𝟏 ≥ 𝟎 ].
If (P/N) < (𝟏 − 𝜺 𝟐), the post will be considered negative. [ 𝟏 ≥ 𝜺 𝟐 ≥ 𝟎]
If 𝟏 + 𝜺 𝟏 ≥ (P/N) ≥ (𝟏 − 𝜺 𝟐), the post will be considered ambiguous.

21

22
Trust and Risk Interplay:
• Trust in our case is associated with the possible adversary.
• Risk in our case is associated with the possible victim.
• As the risk increases or reliability decreases, trust should
decrease.
• Since the victim is involved in the scam such relationship
may not be there.
• So a method needs to be developed for defining the Trust
and Risk Interplay.
• Risk in communication is present because in the process of
increase in trust, sensitive information may be revealed by
the possible victim.
• So the potential victim should be warned in the gradual
increase in Risk.

23
• Both Trust and Risk are defined in the domain of [0, 1].
• A dictionary of sensitive terms may be maintained.
• Each sensitive information may be associated with a cost.
• So, if reliability starts with r = 1, releasing a sensitive
information of cost c in the domain of [0, 1] will reduce the
reliability to r = (1 – c).
• Considering an exponential decay, n occurrences will
reduce reliability to rn .
• Considering trust as an exponential function again, it may
be of the nature (1-αn) for gradual rise.
• Detailed study needed for their interplay.

24
0
0.2
0.4
0.6
0.8
1
1.2
0 20 40 60 80 100 120
r1
t1
r2
t2
Risk and Trust taken together

25
Risks need to be studied for variable degree of possible
damage as well.

26
T = max(I; (1 – (1-αn))

27

28

29
Thank you
Questions ????

AILABS - Lecture Series - Is AI the New Electricity? Topic:- Interplay of Trust and Risk in Social Media Communication, Presented by - Aditya Bagchi

Recommended

Recommended

More Related Content

What's hot

What's hot (12)

Similar to AILABS - Lecture Series - Is AI the New Electricity? Topic:- Interplay of Trust and Risk in Social Media Communication, Presented by - Aditya Bagchi

Similar to AILABS - Lecture Series - Is AI the New Electricity? Topic:- Interplay of Trust and Risk in Social Media Communication, Presented by - Aditya Bagchi (20)

More from AILABS Academy

More from AILABS Academy (6)

Recently uploaded

Recently uploaded (20)

AILABS - Lecture Series - Is AI the New Electricity? Topic:- Interplay of Trust and Risk in Social Media Communication, Presented by - Aditya Bagchi