Thwarting Fake OSN Accounts by Predicting their Victims

Our recent work on fighting against automated fake accounts by predicting their victims has been accepted for publication at the 8th ACM Workshop on Artificial Intelligence and Security (AI-Sec’15), which is collocated with the 22nd ACM Conference on Computer and Communications Security (CCS), Denver, Colorado, USA.

In this work, we start with the observation that traditional defense mechanisms for fighting against automated fake accounts in online social networks are victim-agnostic. Even though victims of fake accounts play an important role in the viability of subsequent attacks, there is no work on utilizing this insight to improve the status quo. We then take the first step and propose to incorporate predictions about victims of unknown fakes into the workflows of existing defense mechanisms. In particular, we investigated how such an integration could lead to more robust fake account defense mechanisms. We also used real-world datasets from Facebook and Tuenti to evaluate the feasibility of predicting victims of fake accounts using supervised machine learning.

Security Analysis of Malicious Socialbots on the Web

Good news! I have successfully defended my PhD dissertation titled “Security Analysis of Malicious Socialbots on the Web.” It is available here.

I would like to thank my examination committee members, namely, Konstantin Beznosov (co-advisor), Matei Ripeanu (co-advisor), William (Bill) Aiello, Sidney Fels, and David Lie (external, University of Toronto). I’m also grateful to all my friends and colleagues who have been there for me. Thank you folks!

While it has been a long and humbling journey, I cannot wait to start a new one. I’ll keep you updated!

Integro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs

Our latest research on identifying automated fake accounts in online social networks has been accepted at the 2015 Network and Distributed System Security Symposium (NDSS’15), to be held in Feb in San Diego, USA.

In this work, we present Integro, a scalable defense system that helps OSNs detect fake accounts using a meaningful user ranking scheme. We implemented Integro using Mahout and Giraph in which it scaled nearly linearly. We evaluated Integro against SybilRank, the state-of-the-art in fake account detection, using real-world datasets and a large-scale deployment at Tuenti, the largest OSN in Spain. In particular, we show that Integro significantly outperforms SybilRank in user ranking quality. Moreover, the deployment of Integro at Tuenti resulted in an order of magnitude higher fake account detection precision, as compared to SybilRank.

Integro is published as part of Grafos MLa system and tools for large-scale machine learning and graph analytics on top of Giraph.