COMPA: Detecting Compromised Accounts on Social Networks

As social networking sites have risen in popularity, cyber-criminals started to exploit these sites to spread malware and to carry out scams. Previous work has extensively studied the use of fake (Sybil) accounts that attackers set up to distribute spam messages (mostly messages that contain links to scam pages or drive-by download sites). Fake accounts typically exhibit highly anomalous behavior, and hence, are relatively easy to detect. As a response, attackers have started to compromise and abuse legitimate accounts. Compromising legitimate accounts is very effective, as attackers can leverage the trust relationships that the account owners have established in the past. Moreover, compromised accounts are more difficult to clean up because a social network provider cannot simply delete the correspond-

[1]  W. B. Cavnar,et al.  N-gram-based text categorization , 1994 .

[2]  John C. Platt,et al.  Fast training of support vector machines using sequential minimal optimization, advances in kernel methods , 1999 .

[3]  Christopher Krügel,et al.  Your botnet is my botnet: analysis of a botnet takeover , 2009, CCS.

[4]  Leyla Bilge,et al.  All your contacts are belong to us: automated identity theft attacks on social networks , 2009, WWW '09.

[5]  Jun Hu,et al.  Detecting and characterizing social spam campaigns , 2010, CCS '10.

[6]  Kyumin Lee,et al.  Uncovering social spammers: social honeypots + machine learning , 2010, SIGIR.

[7]  Vern Paxson,et al.  @spam: the underground on 140 characters or less , 2010, CCS '10.

[8]  Wei Xu,et al.  Toward worm detection in online social networks , 2010, ACSAC '10.

[9]  Virgílio A. F. Almeida,et al.  Detecting Spammers on Twitter , 2010 .

[10]  Gianluca Stringhini,et al.  Detecting spammers on social networks , 2010, ACSAC '10.

[11]  Dawn Xiaodong Song,et al.  Design and Evaluation of a Real-Time URL Spam Filtering Service , 2011, 2011 IEEE Symposium on Security and Privacy.

[12]  Jong Kim,et al.  Spam Filtering in Twitter Using Sender-Receiver Relationship , 2011, RAID.

[13]  Alok N. Choudhary,et al.  Towards Online Spam Filtering in Social Networks , 2012, NDSS.

[14]  Jong Kim,et al.  WarningBird: Detecting Suspicious URLs in Twitter Stream , 2012, NDSS.

[15]  Chris Jermaine,et al.  The Latent Community Model for Detecting Sybils in Social Networks , 2012, NDSS.

[16]  Chao Yang,et al.  Empirical Evaluation and New Design for Fighting Evolving Twitter Spammers , 2011, IEEE Transactions on Information Forensics and Security.