SocialFilter: Introducing social trust to collaborative spam mitigation

We propose SocialFilter, a trust-aware collaborative spam mitigation system. Our proposal enables nodes with no email classification functionality to query the network on whether a host is a spammer. It employs Sybil-resilient trust inference to weigh the reports concerning spamming hosts that collaborating spam-detecting nodes (reporters) submit to the system. It weighs the spam reports according to the trustworthiness of their reporters to derive a measure of the system's belief that a host is a spammer. SocialFilter is the first collaborative unwanted traffic mitigation system that assesses the trustworthiness of spam reporters by both auditing their reports and by leveraging the social network of the reporters' administrators. The design and evaluation of our proposal offers us the following lessons: a) it is plausible to introduce Sybil-resilient Online-Social-Network-based trust inference mechanisms to improve the reliability and the attack-resistance of collaborative spam mitigation; b) using social links to obtain the trustworthiness of reports concerning spammers can result in comparable spam-blocking effectiveness with approaches that use social links to rate-limit spam (e.g., Ostra [27]); c) unlike Ostra, in the absence of reports that incriminate benign email senders, SocialFilter yields no false positives.

[1]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[2]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[3]  Sergey Brin,et al.  The Anatomy of a Large-Scale Hypertextual Web Search Engine , 1998, Comput. Networks.

[4]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[5]  Duncan J. Watts,et al.  Collective dynamics of ‘small-world’ networks , 1998, Nature.

[6]  Albert-László Barabási,et al.  Internet: Diameter of the World-Wide Web , 1999, Nature.

[7]  Paul Resnick,et al.  Reputation systems , 2000, CACM.

[8]  Kevin Barraclough,et al.  I and i , 2001, BMJ : British Medical Journal.

[9]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[10]  Ramon Sangüesa,et al.  Extracting reputation in multi agent systems by means of social network topology , 2002, AAMAS '02.

[11]  Jordi Sabater-Mir,et al.  Reputation and social network analysis in multi-agent systems , 2002, AAMAS '02.

[12]  Scott B. Cantor,et al.  Shibboleth architecture draft v05 , 2002 .

[13]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[14]  Yong Chen,et al.  Trust Propagation in Small Worlds , 2003, iTrust.

[15]  Ben Y. Zhao,et al.  Approximate Object Location and Spam Filtering on Peer-to-Peer Systems , 2003, Middleware.

[16]  Ramanathan V. Guha,et al.  Propagation of trust and distrust , 2004, WWW '04.

[17]  Tad Hogg,et al.  Enhancing reputation mechanisms via online social networks , 2004, EC '04.

[18]  Hector Garcia-Molina,et al.  Combating Web Spam with TrustRank , 2004, VLDB.

[19]  Alice Cheng,et al.  Sybilproof reputation mechanisms , 2005, P2PECON '05.

[20]  Balachander Krishnamurthy,et al.  Collaborating against common enemies , 2005, IMC '05.

[21]  Eric J. Friedman,et al.  Manipulability of PageRank under Sybil Strategies , 2006 .

[22]  David Mazières,et al.  RE: Reliable Email , 2006, NSDI.

[23]  P. Oscar Boykin,et al.  Collaborative Spam Filtering Using E-Mail Networks , 2006, Computer.

[24]  Emin Gün Sirer,et al.  Experience with an Object Reputation System for Peer-to-Peer Filesharing , 2006, NSDI.

[25]  Christos Faloutsos,et al.  Sampling from large graphs , 2006, KDD '06.

[26]  Hector Garcia-Molina,et al.  Taxonomy of trust: Categorizing P2P reputation systems , 2006, Comput. Networks.

[27]  Nick Feamster,et al.  Understanding the network-level behavior of spammers , 2006, SIGCOMM.

[28]  Michael Kaminsky,et al.  SybilGuard: defending against sybil attacks via social networks , 2006, SIGCOMM.

[29]  Gautam Singaraju,et al.  RepuScore: Collaborative Reputation Management Framework for Email Infrastructure , 2007, LISA.

[30]  Santosh S. Vempala,et al.  Filtering spam with behavioral blacklisting , 2007, CCS '07.

[31]  Geoff Hulten,et al.  Spamming botnets: signatures and characteristics , 2008, SIGCOMM '08.

[32]  Phillip A. Porras,et al.  Highly Predictive Blacklisting , 2008, USENIX Security Symposium.

[33]  Krishna P. Gummadi,et al.  Ostra: Leveraging Trust to Thwart Unwanted Communication , 2008, NSDI.

[34]  Gautam Singaraju,et al.  Tracking Email Reputation for Authenticated Sender Identities , 2008, CEAS.

[35]  Michael Kaminsky,et al.  SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks , 2008, S&P 2008.

[36]  Kang Li,et al.  ALPACAS: A Large-Scale Privacy-Aware Collaborative Anti-Spam System , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[37]  Alexander J. Smola,et al.  Collaborative Email-Spam Filtering with the Hashing-Trick , 2009 .

[38]  Lakshminarayanan Subramanian,et al.  Sybil-Resilient Online Content Voting , 2009, NSDI.

[39]  George Danezis,et al.  SybilInfer: Detecting Sybil Nodes using Social Networks , 2009, NDSS.

[40]  Minas Gjoka,et al.  A Walk in Facebook: Uniform Sampling of Users in Online Social Networks , 2009, ArXiv.

[41]  Cristina Nita-Rotaru,et al.  A survey of attack and defense techniques for reputation systems , 2009, CSUR.

[42]  Athina Markopoulou,et al.  Predictive Blacklisting as an Implicit Recommendation System , 2009, 2010 Proceedings IEEE INFOCOM.

[43]  W. Marsden I and J , 2012 .