Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Detecting Spammers on Social Networks
1. Detecting
Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Detecting Spammers on Social
Networks
Gianluca Stringhini, Christopher Kruegel, and Giovanni
Vigna
University of California, Santa Barbara
December 8, 2010
2. Detecting
Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Part I
Social Network Spam
3. Detecting
Why Targeting Social Networks? Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Social networking sites are constantly gaining popularity
Malicious parties can use them to:
Steal personal information.
Reach a large number of people.
Execute targeted campaigns.
Exploit networks of trust.
4. Detecting
Sample Scenario Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
5. Detecting
Sample Scenario Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
6. Detecting
Sample Scenario Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
7. Detecting
Sample Scenario Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
8. Detecting
Is it really a problem? Spammers on
Social Networks
Gianluca
Stringhini,
Yes, it is Christopher
Kruegel, and
A previous study showed that: Giovanni Vigna
20% of the malicious friend requests are acknowledged.
Users click on 45% of links posted by their “friends”.
What makes spamming harder
Javascript.
Captchas.
Twitter makes it easier
Most pages are public.
A developer-friendly API is provided.
9. Detecting
User Awareness Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
10. Detecting
Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Part II
Spam Observation
11. Detecting
Our Methodology Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Honey profiles
12. Detecting
Honey Profiles Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
300 honey profiles on each of 3 popular social networks
Facebook
MySpace
Twitter
We observed the behavior of spammers
Spam bots show some characteristic behavior.
We also studied the targeting of users based on certain
information.
13. Detecting
Profiles that contacted us Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
network overall spammers
facebook 3,831 173
myspace 22 8
twitter 397 361
Only a minority were spammers!
We had to manually look at them.
14. Detecting
Spam Behavior Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Follow users aggressively.
Followed back only by a fraction of the requests.
Most of their messages contain a URL.
The structure of the messages sent does not change
much.
Profile names are built on “templates”.
Profile pictures come from a small set.
Use “easier” ways to spam (e.g., Facebook mobile,
Twitter API).
15. Detecting
Bot Categories Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
We categorize the bots based on their spam activity:
Frequency of activity
Slow
Fast
Ratio of spam content sent
Greedy
Stealth
16. Detecting
Targeted Campaigns Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Gender-related campaigns: 80% of spam victims on
Facebook are males.
Some campaigns use lists of names to target victims.
17. Detecting
Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Part III
Spam Detection
18. Detecting
Detection Approach Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
We leverage our observations to detect spammers.
We built a classifier that looks for typical features
Following
Followers Ratio.
URL Ratio.
Message Similarity.
Friend Choice.
Messages sent.
Number of Friends.
19. Detecting
Spam Detection on Facebook Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
No FF feature available.
Difficult to get data
Dataset from the Los Angeles and New York networks.
We applied our classifier to 790,951 profiles.
We detected 130 spammers, with 7 false positives.
Spammers did not use geographic networks
20. Detecting
Spam Detection on Twitter Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
On Twitter, most profiles are public
We developed a real-time spam detection system.
Twitter limits us to 20,000 API calls per hour
We started crawling for those profiles sending tweets
similar to the ones that have been flagged as spam
during the training.
Whenever we find new spam tweets, we search for them
as well.
21. Detecting
@spamdetector Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Our Crawling is targeted to previously observed
campaigns
We set up a Twitter profile users can flag spammers to.
Whenever our system detects one of those profiles as a
spammer, it inserts it into the crawling system.
22. Detecting
Results Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
In three months, we flagged 15,932 profiles as
spammers.
Twitter anti spam team considered 75 of these as false
positives.
23. Detecting
Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Part IV
Analysis of Collected Spam
24. Detecting
What kind of spam is out there? Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Traditional Spam (e.g., pharmacy, dating)
Phishing
Malicious sites (e.g., koobface)
25. Detecting
Spammer typical traits Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
The vast majority of spammers are “slow”.
There are both “greedy” and “stealth” spammers.
They act in “campaigns”.
There is no common way to target users
26. Detecting
Spam Campaigns Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
27. Detecting
Spam Campaigns Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
28. Detecting
Campaign-Specific Features Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Profilename templates.
Profile pictures.
Typical spamming times.
Typical hashtags / mentions.
look at where the URLs point.
Our system does not use them, but they might be
useful to completely eradicate a given campaign.
29. Detecting
Open Problems & Future Work Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Detect spammers whose behaviour differs from the
modeled one.
Detect DM spam.
30. Detecting
Spammers on
Social Networks
Gianluca
Stringhini,
Christopher
Kruegel, and
Giovanni Vigna
Thanks!