Uncovering large groups of active malicious accounts in online social networks

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2014, Pages 477-488

  Cao, Qiang ^a   Yang, Xiaowei ^a   Yu, Jieqi ^b   Palow, Christopher ^b  

^a DUKE UNIVERSITY   (United States)

^b FACEBOOK   (United States)

Author keywords

Malicious account detection; Online social networks; Scalable clustering system

Indexed keywords

MALWARE;

DESIGN AND IMPLEMENTS; DETECTION SYSTEM; INCREMENTAL PROCESSING; ON-LINE SOCIAL NETWORKS; ONLINE RATINGS; SCALABLE CLUSTERING; SOCIAL NETWORK CONTEXTS; USER ACTIVITY DATA;

SOCIAL NETWORKING (ONLINE);

EID: 84910660900     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2660267.2660269     Document Type: Conference Paper

References (48)

1. Better Security through Software. http://www.facebook.com/notes/facebook/better-security-through-software/248766257130, 2010.
2. Staying in Control of Your Facebook Logins. http://www.facebook.com/notes/facebook/staying-in-control-of-your-facebook-logins/389991097130, 2010.
3. Working Together to Keep You Secure. http://www.facebook.com/notes/facebook/working-together-to-keep-you-secure/68886667130, 2010.
4. Amazon EC2 Pricing. http://aws.amazon.com/ec2/pricing/, 2013.
5. Apache Giraph. http://giraph.apache.org/, 2013.
6. Apache Hadoop. http://hadoop.apache.org/, 2013.
7. Cookies, Pixels & Similar Technologies. https://www.facebook.com/help/cookies, 2013.
8. Facebook Reports Fourth Quarter and Full Year 2012 Results. http://investor.fb.com/releasedetail.cfm?ReleaseID=736911, 2013.
9. Facebook's New Way to Combat Child Pornography. http://gadgetwise.blogs.nytimes.com/2011/05/19/facebook-to-combat-child-pornusing-microsofts-technology, 2013.
10. Malicious Chrome extensions on the rise. http://www.zdnet.com/malicious-chrome-extensions-on-the-rise-7000019913/, 2013.
11. Scaling Apache Giraph to a trillion edges. https://www.facebook.com/notes/facebook-engineering/scaling-apache-giraph-to-atrillion-edges/10151617006153920, 2013.
12. Types of cookies used by Google. http://www.google.com/policies/technologies/types/, 2013.
13. Rate Limiting at Facebook. https://developers.facebook.com/docs/reference/ads-api/api-rate-limiting, 2014.
14. Rate Limiting at Google+. https://developers.google.com/+/domains/faq, 2014.
15. I. Anderson. Combinatorics of finite sets. Clarendon Press, 1987.
16. A. Beutel, W. Xu, V. Guruswami, C. Palow, and C. Faloutsos. CopyCatch: Stopping Group Attacks by Spotting Lockstep Behavior in Social Networks. In Proceedings of the 22nd International Conference on World Wide Web (WWW), 2013.
17. L. Bilge, T. Strufe, D. Balzarotti, and E. Kirda. All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks. In WWW, 2009.
18. F. Brunk. Intersection Problems in Combinatorics. University of St Andrews thesis. University of St Andrews, 2009.
19. Q. Cao, M. Sirivianos, X. Yang, and T. Pregueiro. Aiding the Detection of Fake Accounts in Large Scale Social Online Services. In NSDI, 2012.
20. M. Egele, G. Stringhini, C. Krügel, and G. Vigna. COMPA: Detecting Compromised Accounts on Social Networks. In NDSS, 2013.
21. G. Gu, R. Perdisci, J. Zhang, and W. Lee. BotMiner: Clustering Analysis of Network Traffic for Protocol-and Structure-Independent Botnet Detection. In USENIX SECURITY, 2008.
22. G. Gu, J. Zhang, and W. Lee. BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic. In NDSS, 2008.
23. S. Hao, N. A. Syed, N. Feamster, A. G. Gray, and S. Krasser. Detecting Spammers with SNARE: Spatio-Temporal Network-Level Automatic Reputation Engine. In USENIX SECURITY, 2009.
24. P. Jaccard. The Distribution of the Flora in the Alpine Zone. New Phytologist, 11(2), 1912.
25. T. N. Jagatic, N. A. Johnson, M. Jakobsson, and F. Menczer. Social Phishing. Communications of the ACM, 50(10), 2007.
26. A. K. Jain, M. N. Murty, and P. J. Flynn. Data Clustering: a Review. ACM Computing Surveys, 31(3), 1999.
27. U. Kang, C. E. Tsourakakis, and C. Faloutsos. PEGASUS: Mining Peta-Scale Graphs. Knowl. Inf. Syst., 27(2), 2011.
28. G. Karypis and V. Kumar. Multilevel Algorithms for Multi-Constraint Graph Partitioning. In Proceedings of the 1998 ACM/IEEE conference on Supercomputing, 1998.
29. H.-P. Kriegel, P. Kröger, and A. Zimek. Clustering High-Dimensional Data: A Survey on Subspace Clustering, Pattern-Based Clustering, and Correlation Clustering. ACM Trans. Knowl. Discov. Data, 3(1), 2009.
30. G. Malewicz, M. H. Austern, A. J. Bik, J. C. Dehnert, I. Horn, N. Leiser, and G. Czajkowski. Pregel: a System for Large-Scale Graph Processing. In SIGMOD, 2010.
31. I. V. Mechelen, H. H. Bock, and P. D. Boeck. Two-mode clustering methods: a structured overview. Statistical Methods in Medical Research, 13:363-394, 2004.
32. D. Moore, C. Shannon, G. M. Voelker, and S. Savage. Internet Quarantine: Requirements for Containing Self-Propagating Code. In INFOCOM, 2003.
33. M. Motoyama, D. McCoy, K. Levchenko, S. Savage, and G. M. Voelker. Dirty Jobs: the Role of Freelance Labor in Web Service Abuse. In USENIX SECURITY, 2011.
34. R. Nishtala, H. Fugal, S. Grimm, M. Kwiatkowski, H. Lee, H. C. Li, R. McElroy, M. Paleczny, D. Peek, P. Saab, D. Stafford, T. Tung, and V. Venkataramani. Scaling Memcache at Facebook. In NSDI, 2013.
35. T. Stein, E. Chen, and K. Mangla. Facebook Immune System. In Proceedings of the 4th Workshop on Social Network Systems (SNS), 2011.
36. K. Thomas, C. Grier, D. Song, and V. Paxson. Suspended accounts in retrospect: An analysis of twitter spam. In IMC, 2011.
37. K. Thomas, D. McCoy, C. Grier, A. Kolcz, and V. Paxson. Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse. In USENIX SECURITY, 2013.
38. A. Thusoo, Z. Shao, S. Anthony, D. Borthakur, N. Jain, J. Sen Sarma, R. Murthy, and H. Liu. Data Warehousing and Analytics Infrastructure at Facebook. In SIGMOD, 2010.
39. D. N. Tran, B. Min, J. Li, and L. Subramanian. Sybil-Resilient Online Content Rating. In NSDI, 2009.
40. C. E. Tsourakakis, C. Gkantsidis, B. Radunovic, and M. Vojnovic. Fennel: Streaming Graph Partitioning for Massive Scale Graphs. Microsoft Technical Report MSR-TR-2012-113, 2012.
41. B. Viswanath, A. Post, K. P. Gummadi, and A. Mislove. An Analysis of Social Network-based Sybil Defenses. In SIGCOMM, 2010.
42. G. Wang, T. Konolige, C. Wilson, X. Wang, H. Zheng, and B. Y. Zhao. You are How You Click: Clickstream Analysis for Sybil Detection. In USENIX SECURITY, 2013.
43. Y. Xie, F. Yu, K. Achan, R. Panigrahy, G. Hulten, and I. Osipkov. Spamming Botnets: Signatures and Characteristics. In SIGCOMM, 2008.
44. Z. Yang, C. Wilson, X. Wang, T. Gao, B. Y. Zhao, and Y. Dai. Uncovering Social Network Sybils in the Wild. In IMC, 2011.
45. H. Yu, P. Gibbons, M. Kaminsky, and F. Xiao. SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks. In IEEE S&P, 2008.
46. H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. SybilGuard: Defending Against Sybil Attacks via Social Networks. In SIGCOMM, 2006.
47. Y. Zhao, Y. Xie, F. Yu, Q. Ke, Y. Yu, Y. Chen, and E. Gillum. BotGraph: Large Scale Spamming Botnet Detection. In NSDI, 2009.
48. C. C. Zou, W. Gong, and D. Towsley.Worm Propagation Modeling and Analysis Under Dynamic Quarantine Defense. In Proceedings of the 2003 ACM Workshop on Rapid Malcode (WORM), 2003.