10 Bits of Surprise: Detecting Malicious Users with Minimum Information

Malicious users are a threat to many sites and defending against them demands innovative countermeasures. When malicious users join sites, they provide limited information about themselves. With this limited information, sites can find it difficult to distinguish between a malicious user and a normal user. In this study, we develop a methodology that identifies malicious users with limited information. As information provided by malicious users can vary, the proposed methodology utilizes minimum information to identify malicious users. It is shown that as little as 10 bits of information can help greatly in this challenging task. The experiments results verify that this methodology is effective in identifying malicious users in the realistic scenario of limited information availability.

[1]  Sushil Jajodia,et al.  Who is tweeting on Twitter: human, bot, or cyborg? , 2010, ACSAC '10.

[2]  Efstathios Stamatatos,et al.  Spam Detection Using Character N-Grams , 2006, SETN.

[3]  Tony White,et al.  Increasing the accuracy of a spam-detecting artificial immune system , 2003, The 2003 Congress on Evolutionary Computation, 2003. CEC '03..

[4]  Michael Kaminsky,et al.  SybilGuard: defending against sybil attacks via social networks , 2006, SIGCOMM.

[5]  Chandra Prakash,et al.  SybilInfer: Detecting Sybil Nodes using Social Networks , 2011 .

[6]  Anne Barron,et al.  Understanding spam: A macro-textual analysis , 2006 .

[7]  Christopher G. Harris Detecting Deceptive Opinion Spam Using Human Computation , 2012, HCOMP@AAAI.

[8]  Efstathios Stamatatos,et al.  Words versus Character n-Grams for Anti-Spam Filtering , 2007, Int. J. Artif. Intell. Tools.

[9]  Ciro Cattuto,et al.  Social spam detection , 2009, AIRWeb '09.

[10]  Shyhtsun Felix Wu,et al.  On Attacking Statistical Spam Filters , 2004, CEAS.

[11]  Krishna P. Gummadi,et al.  An analysis of social network-based Sybil defenses , 2010, SIGCOMM 2010.

[12]  Reza Zafarani,et al.  Connecting users across social media sites: a behavioral-modeling approach , 2013, KDD.

[13]  Dit-Yan Yeung,et al.  A learning approach to spam detection based on social networks , 2007 .

[14]  Claude Castelluccia,et al.  How Unique and Traceable Are Usernames? , 2011, PETS.

[15]  Michael Sirivianos,et al.  Aiding the Detection of Fake Accounts in Large Scale Social Online Services , 2012, NSDI.

[16]  Robert A. Peterson,et al.  Models for innovation diffusion , 1985 .

[17]  John Langford,et al.  CAPTCHA: Using Hard AI Problems for Security , 2003, EUROCRYPT.

[18]  Ming Li,et al.  An Introduction to Kolmogorov Complexity and Its Applications , 1997, Texts in Computer Science.

[19]  Virgílio A. F. Almeida,et al.  Identifying video spammers in online social networks , 2008, AIRWeb '08.

[20]  Lakshminarayanan Subramanian,et al.  Sybil-Resilient Online Content Voting , 2009, NSDI.

[21]  Jitendra Malik,et al.  Recognizing objects in adversarial clutter: breaking a visual CAPTCHA , 2003, 2003 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 2003. Proceedings..

[22]  Jun Hu,et al.  Detecting and characterizing social spam campaigns , 2010, IMC '10.

[23]  Eamonn J. Keogh,et al.  Towards parameter-free data mining , 2004, KDD.

[24]  Gianluca Stringhini,et al.  Detecting spammers on social networks , 2010, ACSAC '10.

[25]  Alan F. Blackwell,et al.  The memorability and security of passwords – some empirical results , 2000 .

[26]  John Paul Wright,et al.  Handbook of Crime Correlates , 2009, Handbook of Crime Correlates.

[27]  Andreas Hotho,et al.  The anti-social tagger: detecting spam in social bookmarking systems , 2008, AIRWeb '08.

[28]  Samuel D. Gosling,et al.  Snoop: What Your Stuff Says About You , 2008 .

[29]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[30]  Alex Hai Wang,et al.  Don't follow me: Spam detection in Twitter , 2010, 2010 International Conference on Security and Cryptography (SECRYPT).

[31]  Ben Y. Zhao,et al.  Uncovering social network Sybils in the wild , 2011, ACM Trans. Knowl. Discov. Data.

[32]  Jeff Yan,et al.  A low-cost attack on a Microsoft captcha , 2008, CCS.

[33]  Krishna P. Gummadi,et al.  Understanding and combating link farming in the twitter social network , 2012, WWW.

[34]  Ted E. Dunning,et al.  Statistical Identification of Language , 1994 .

[35]  Virgílio A. F. Almeida,et al.  Detecting Spammers on Twitter , 2010 .

[36]  Wonho Kim,et al.  Suppressing bot traffic with accurate human attestation , 2010, APSys '10.

[37]  Lakshminarayanan Subramanian,et al.  Optimal Sybil-resilient node admission control , 2011, 2011 Proceedings IEEE INFOCOM.

[38]  Feng Xiao,et al.  SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks , 2010, IEEE/ACM Trans. Netw..

[39]  Danah Boyd,et al.  Detecting Spam in a Twitter Network , 2009, First Monday.

[40]  Geoff Hulten,et al.  Spamming botnets: signatures and characteristics , 2008, SIGCOMM '08.