Data verifications for online social networks

OF THE DISSERTATION DATA VERIFICATIONS FOR ONLINE SOCIAL NETWORKS by Mahmudur Rahman Florida International University, 2015 Miami, Florida Professor Bogdan Carbunar, Major Professor Social networks are popular platforms that simplify user interaction and encourage collaboration. They collect large amounts of media from their users, often reported from mobile devices. The value and impact of social media makes it however an attractive attack target. In this thesis, we focus on the following social media vulnerabilities. First, review centered social networks such as Yelp and Google Play have been shown to be the targets of significant search rank and malware proliferation attacks. Detecting fraudulent behaviors is thus paramount to prevent not only public opinion bias, but also to curb the distribution of malware. Second, the increasing use of mobile visual data in news networks, authentication and banking applications, raises questions of its integrity and credibility. Third, through proofof-concept implementations, we show that data reported from wearable personal trackers is vulnerable to a wide range of security and privacy attacks, while off-theshelves security solutions do not port gracefully to the constraints introduced by trackers. In this thesis we propose novel solutions to address these problems. First, we introduce Marco, a system that leverages the wealth of spatial, temporal and network information gleaned from Yelp, to detect venues whose ratings are impacted by fraudulent reviews. Second, we propose FairPlay, a system that correlates review activities, linguistic and behavioral signals gleaned from longitudinal app data, to

[1]  Ashwin Machanavajjhala,et al.  l-Diversity: Privacy Beyond k-Anonymity , 2006, ICDE.

[2]  Philip S. Yu,et al.  Review Graph Based Online Store Review Spammer Detection , 2011, 2011 IEEE 11th International Conference on Data Mining.

[3]  Martin Raab,et al.  "Balls into Bins" - A Simple and Tight Analysis , 1998, RANDOM.

[4]  Stuart Haber,et al.  Privacy-Preserving Computation and Verification of Aggregate Queries on Outsourced Databases , 2009, Privacy Enhancing Technologies.

[5]  Mahmudur Rahman,et al.  Seeing is not believing: visual verifications through liveness analysis using mobile devices , 2013, ACSAC.

[6]  Mahmudur Rahman,et al.  Movee: Video Liveness Verification for Mobile Devices Using Built-In Motion Sensors , 2016, IEEE Transactions on Mobile Computing.

[7]  Bogdan Carbunar,et al.  You unlocked the Mt. Everest badge on foursquare! Countering location fraud in Geosocial Networks , 2012, 2012 IEEE 9th International Conference on Mobile Ad-Hoc and Sensor Systems (MASS 2012).

[8]  Ahmad Rahmati,et al.  SenseCoding: accelerometer-assisted motion estimation for efficient video encoding , 2008, ACM Multimedia.

[9]  Christos Faloutsos,et al.  Netprobe: a fast and scalable system for fraud detection in online auction networks , 2007, WWW '07.

[10]  Josef Bigün,et al.  Non-intrusive liveness detection by face images , 2009, Image Vis. Comput..

[11]  Yali Amit,et al.  Shape Quantization and Recognition with Randomized Trees , 1997, Neural Computation.

[12]  Jitendra Malik,et al.  Recovering 3D human body configurations using shape contexts , 2006, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[13]  Marc Najork,et al.  Detecting spam web pages through content analysis , 2006, WWW '06.

[14]  Yuval Elovici,et al.  “Andromaly”: a behavioral malware detection framework for android devices , 2012, Journal of Intelligent Information Systems.

[15]  Ben Y. Zhao,et al.  Preserving privacy in location-based mobile social applications , 2010, HotMobile '10.

[16]  Takeaki Uno,et al.  An Efficient Algorithm for Enumerating Pseudo Cliques , 2007, ISAAC.

[17]  Simin Nadjm-Tehrani,et al.  Crowdroid: behavior-based malware detection system for Android , 2011, SPSM '11.

[18]  Sushil Jajodia,et al.  Privacy in geo-social networks: proximity notification with untrusted service providers and curious buddies , 2010, The VLDB Journal.

[19]  Arjun Mukherjee,et al.  Spotting fake reviewer groups in consumer reviews , 2012, WWW.

[20]  Ulrike Meyer,et al.  Security and privacy for mobile electronic health monitoring and recording systems , 2010, 2010 IEEE International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM).

[21]  Jianliang Xu,et al.  Distortion-based anonymity for continuous queries in location-based mobile services , 2009, GIS.

[22]  Claire Cardie,et al.  Finding Deceptive Opinion Spam by Any Stretch of the Imagination , 2011, ACL.

[23]  R Core Team,et al.  R: A language and environment for statistical computing. , 2014 .

[24]  Jean-Pierre Seifert,et al.  Beyond Kernel-Level Integrity Measurement: Enabling Remote Attestation for the Android Platform , 2010, TRUST.

[25]  G. Chetty,et al.  Multi-Level Liveness Verification for Face-Voice Biometric Authentication , 2006, 2006 Biometrics Symposium: Special Session on Research at the Biometric Consortium Conference.

[26]  Jianzhong Li,et al.  Unsupervised Outlier Detection in Sensor Networks Using Aggregation Tree , 2007, ADMA.

[27]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[28]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[29]  Srdjan Capkun,et al.  Proximity-based access control for implantable medical devices , 2009, CCS.

[30]  Robert Frischholz,et al.  BioID: A Multimodal Biometric Identification System , 2000, Computer.

[31]  Ankur Agarwal,et al.  Recovering 3D human pose from monocular images , 2006, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[32]  Spencer Ch The Utility of Hotspot Mapping for Predicting Spatial Patterns of Crime , 2008 .

[33]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[34]  Ron Kohavi,et al.  A Study of Cross-Validation and Bootstrap for Accuracy Estimation and Model Selection , 1995, IJCAI.

[35]  Bobby Bhattacharjee,et al.  Identifying Close Friends on the Internet , 2009, HotNets.

[36]  Philip Chan,et al.  Toward accurate dynamic time warping in linear time and space , 2007, Intell. Data Anal..

[37]  Dirk Westhoff,et al.  A Smartphone Security Architecture for App Verification and Process Authentication , 2012, 2012 21st International Conference on Computer Communications and Networks (ICCCN).

[38]  Alec Wolman,et al.  Lockr: better privacy for social networks , 2009, CoNEXT '09.

[39]  Christos Faloutsos,et al.  Polonium: Tera-Scale Graph Mining and Inference for Malware Detection , 2011 .

[40]  Mohan M. Trivedi,et al.  Robust real-time detection, tracking, and pose estimation of faces in video streams , 2004, Proceedings of the 17th International Conference on Pattern Recognition, 2004. ICPR 2004..

[41]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[42]  Alan Mislove,et al.  Iolaus: securing online content rating systems , 2013, WWW.

[43]  Yan Wang,et al.  Real-Time Multi-View Face Detection and Pose Estimation in Video Stream , 2006, 18th International Conference on Pattern Recognition (ICPR'06).

[44]  M. M. Kilgo,et al.  Statistics and Data Analysis: From Elementary to Intermediate , 2001 .

[45]  Helen Nissenbaum,et al.  Adnostic: Privacy Preserving Targeted Advertising , 2010, NDSS.

[46]  Bing Liu,et al.  Mining and summarizing customer reviews , 2004, KDD.

[47]  Niraj K. Jha,et al.  Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system , 2011, 2011 IEEE 13th International Conference on e-Health Networking, Applications and Services.

[48]  Bijoy K. Ghosh,et al.  Pose estimation using line-based dynamic vision and inertial sensors , 2003, IEEE Trans. Autom. Control..

[49]  Markus Jakobsson,et al.  Mix and Match: Secure Function Evaluation via Ciphertexts , 2000, ASIACRYPT.

[50]  Jun Hu,et al.  Detecting and characterizing social spam campaigns , 2010, IMC '10.

[51]  Yuval Elovici,et al.  Securing Android-Powered Mobile Devices Using SELinux , 2010, IEEE Security & Privacy.

[52]  Ing. M. F. Breeuwsma Forensic imaging of embedded systems using JTAG (boundary-scan) , 2006, Digit. Investig..

[53]  Naphtali Rishe,et al.  Towards Safe Cities: A Mobile and Social Networking Approach , 2014, IEEE Transactions on Parallel and Distributed Systems.

[54]  Lakshminarayanan Subramanian,et al.  Sybil-Resilient Online Content Voting , 2009, NSDI.

[55]  Michael L. Anderson,et al.  Learning from the Crowd: Regression Discontinuity Estimates of the Effects of an Online Review Database , 2012 .

[56]  Alexandre M. Bayen,et al.  Virtual trip lines for distributed privacy-preserving traffic monitoring , 2008, MobiSys '08.

[57]  Ee-Peng Lim,et al.  Finding unusual review patterns using unexpected rules , 2010, CIKM.

[58]  Begnaud Francis Hildebrand,et al.  Introduction to numerical analysis: 2nd edition , 1987 .

[59]  Gabi Dreo Rodosek,et al.  Towards Permission-Based Attestation for the Android Platform - (Short Paper) , 2011, TRUST.

[60]  Yajin Zhou,et al.  RiskRanker: scalable and accurate zero-day android malware detection , 2012, MobiSys '12.

[61]  Mahmudur Rahman,et al.  To catch a fake: Curbing deceptive Yelp ratings and venues , 2015, Stat. Anal. Data Min..

[62]  Arjun Mukherjee,et al.  What Yelp Fake Review Filter Might Be Doing? , 2013, ICWSM.

[63]  Naphtali Rishe,et al.  Private location centric profiles for GeoSocial networks , 2012, SIGSPATIAL/GIS.

[64]  Stephen I. Gallant,et al.  Perceptron-based learning algorithms , 1990, IEEE Trans. Neural Networks.

[65]  Ninghui Li,et al.  Using probabilistic generative models for ranking risks of Android apps , 2012, CCS.

[66]  J. J. Fourier,et al.  The Analytical Theory of Heat , 2009 .

[67]  P. Nijkamp,et al.  Smart Cities in Europe , 2011 .

[68]  Yunhui Liu,et al.  User-generated-video summarization using Sparse Modelling , 2014, 2014 International Joint Conference on Neural Networks (IJCNN).

[69]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[70]  Heekuck Oh,et al.  Neural Networks for Pattern Recognition , 1993, Adv. Comput..

[71]  S. Chainey,et al.  Mapping Crime: Understanding Hot Spots , 2014 .

[72]  Minas Gjoka,et al.  Walking in Facebook: A Case Study of Unbiased Sampling of OSNs , 2010, 2010 Proceedings IEEE INFOCOM.

[73]  Deborah Estrin,et al.  Participatory sensing: applications and architecture , 2010, MobiSys '10.

[74]  Marco Gruteser,et al.  USENIX Association , 1992 .

[75]  James Biagioni,et al.  Cooperative transit tracking using smart-phones , 2010, SenSys '10.

[76]  Samy Bengio,et al.  Evidences of Equal Error Rate Reduction in Biometric Authentication Fusion , 2004 .

[77]  Kevin Fu,et al.  Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[78]  Neil Stuart,et al.  When is a hotspot a hotspot? A procedure for creating statistically robust hotspot maps of crime , 2002 .

[79]  Olivier Stasse,et al.  MonoSLAM: Real-Time Single Camera SLAM , 2007, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[80]  A. J. Hulbert,et al.  Basal Metabolic Rate: History, Composition, Regulation, and Usefulness , 2004, Physiological and Biochemical Zoology.

[81]  Yi Yang,et al.  Learning to Identify Review Spam , 2011, IJCAI.

[82]  C. Morandi,et al.  Registration of Translated and Rotated Images Using Finite Fourier Transforms , 1987, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[83]  Philip H. S. Torr,et al.  Randomized trees for human pose detection , 2008, 2008 IEEE Conference on Computer Vision and Pattern Recognition.

[84]  Mahmudur Rahman,et al.  SensCrypt: A Secure Protocol for Managing Low Power Fitness Trackers , 2014, 2014 IEEE 22nd International Conference on Network Protocols.

[85]  Ee-Peng Lim,et al.  Detecting product review spammers using rating behaviors , 2010, CIKM.

[86]  Marcos De Oliveira,et al.  Collective intelligence in law enforcement - The WikiCrimes system , 2010, Inf. Sci..

[87]  David Clifford,et al.  Variable Penalty Dynamic Time Warping Code for Aligning Mass Spectrometry Chromatograms in R , 2012 .

[88]  Gonzalo Álvarez,et al.  PUMA: Permission Usage to Detect Malware in Android , 2012, CISIS/ICEUTE/SOCO Special Sessions.

[89]  Timo Pylvänäinen,et al.  Accelerometer Based Gesture Recognition Using Continuous HMMs , 2005, IbPRIA.

[90]  Ian Goldberg,et al.  Achieving Efficient Query Privacy for Location Based Services , 2010, Privacy Enhancing Technologies.

[91]  Stefano Soatto,et al.  Fast Human Pose Estimation using Appearance and Motion via Multi-Dimensional Boosting Regression , 2007, 2007 IEEE Conference on Computer Vision and Pattern Recognition.

[92]  Ninghui Li,et al.  Android permissions: a perspective combining risks and benefits , 2012, SACMAT '12.

[93]  Carl A. Gunter,et al.  Inside Job: Understanding and Mitigating the Threat of External Device Mis-Binding on Android , 2014, NDSS.

[94]  William I. Gasarch,et al.  A Survey on Private Information Retrieval (Column: Computational Complexity) , 2004, Bull. EATCS.

[95]  Abhinav Kumar,et al.  Spotting opinion spammers using behavioral footprints , 2013, KDD.

[96]  Tae Hwan Oh,et al.  Security Issues on Wireless Body Area Network for Remote Healthcare Monitoring , 2010, 2010 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing.

[97]  Arjun Mukherjee,et al.  Exploiting Burstiness in Reviews for Review Spammer Detection , 2021, ICWSM.

[98]  Javid Taheri,et al.  SparseDTW: A Novel Approach to Speed up Dynamic Time Warping , 2009, AusDM.

[99]  Masamichi Shimosaka,et al.  Working-relationship detection from fitbit sensor data , 2013, UbiComp.

[100]  Naphtali Rishe,et al.  Yelp Events: Making Bricks Without Clay? , 2013, 2013 IEEE 33rd International Conference on Distributed Computing Systems Workshops.

[101]  Latifur Khan,et al.  A Machine Learning Approach to Android Malware Detection , 2012, 2012 European Intelligence and Security Informatics Conference.

[102]  Weiwei Zhang,et al.  A Video Watermarking Algorithm of H.264/AVC for Content Authentication , 2012, J. Networks.

[103]  Mahmudur Rahman,et al.  Liveness verifications for citizen journalism videos , 2015, WISEC.

[104]  Girija Chetty,et al.  Biometric liveness detection based on cross modal fusion , 2009, 2009 12th International Conference on Information Fusion.

[105]  Refik Molva,et al.  Safebook: Feasibility of transitive cooperation for privacy on a decentralized social network , 2009, 2009 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks & Workshops.

[106]  I. D. Coope,et al.  Circle fitting by linear and nonlinear least squares , 1993 .

[107]  Balachander Krishnamurthy,et al.  On the leakage of personally identifiable information via online social networks , 2010, Comput. Commun. Rev..

[108]  Mahmudur Rahman,et al.  Secure Management of Low Power Fitness Trackers , 2013, IEEE Transactions on Mobile Computing.

[109]  Mohan M. Trivedi,et al.  Head Pose Estimation in Computer Vision: A Survey , 2009, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[110]  Bo Pang,et al.  Thumbs up? Sentiment Classification using Machine Learning Techniques , 2002, EMNLP.

[111]  Lakhmi C. Jain,et al.  Error-Resilient Triple-Watermarking with Multiple Description Coding , 2010, J. Networks.

[112]  Yejin Choi,et al.  Distributional Footprints of Deceptive Product Reviews , 2012, ICWSM.

[113]  André Brinkmann,et al.  Balls into bins with related random choices , 2012 .

[114]  Elaine Shi,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[115]  Mahmudur Rahman Search Engines Going beyond Keyword Search: A Survey , 2013 .

[116]  Bing Liu,et al.  Opinion spam and analysis , 2008, WSDM '08.

[117]  Salil S. Kanhere,et al.  A survey on privacy in mobile participatory sensing applications , 2011, J. Syst. Softw..

[118]  Dragomir Anguelov,et al.  Object Pose Detection in Range Scan Data , 2006, 2006 IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR'06).

[119]  Victoria J. Hodge,et al.  A Survey of Outlier Detection Methodologies , 2004, Artificial Intelligence Review.

[120]  Jesús Martínez del Rincón,et al.  A spatio-temporal 2D-models framework for human pose recovery in monocular sequences , 2008, Pattern Recognit..

[121]  Christian S. Jensen,et al.  Preserving location and absence privacy in geo-social networks , 2010, CIKM '10.

[122]  Zygmunt Pizlo,et al.  Camera Motion-Based Analysis of User Generated Video , 2010, IEEE Transactions on Multimedia.

[123]  Mahmudur Rahman,et al.  Turning the Tide: Curbing Deceptive Yelp Behaviors , 2014, SDM.

[124]  Lisa Ann Osadciw,et al.  Secure Health Monitoring Network against Denial-Of-Service Attacks Using Cognitive Intelligence , 2008, 6th Annual Communication Networks and Services Research Conference (cnsr 2008).

[125]  David M. Pennock,et al.  Mining the peanut gallery: opinion extraction and semantic classification of product reviews , 2003, WWW '03.

[126]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[127]  Meinard Müller,et al.  Dynamic Time Warping , 2008 .

[128]  Chandra Prakash,et al.  SybilInfer: Detecting Sybil Nodes using Social Networks , 2011 .

[129]  Hans-Peter Kriegel,et al.  A survey on unsupervised outlier detection in high‐dimensional numerical data , 2012, Stat. Anal. Data Min..

[130]  Akira Maeda,et al.  Unsupervised Outlier Detection in Time Series Data , 2006, 22nd International Conference on Data Engineering Workshops (ICDEW'06).

[131]  Sakir Sezer,et al.  Android Malware Detection Using Parallel Machine Learning Classifiers , 2014, 2014 Eighth International Conference on Next Generation Mobile Apps, Services and Technologies.

[132]  Trevor Darrell,et al.  Fast pose estimation with parameter-sensitive hashing , 2003, Proceedings Ninth IEEE International Conference on Computer Vision.

[133]  Frank Dürr,et al.  PShare: Position sharing for location privacy based on multi-secret sharing , 2012, 2012 IEEE International Conference on Pervasive Computing and Communications.

[134]  Gang Wang,et al.  Northeastern University , 2021, IEEE Pulse.