research-article

Innocent by association: early recognition of legitimate users

Authors:

Krish Vitaldevaria,

Zhuoqing Morley MaoAuthors Info & Claims

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Pages 353 - 364

https://doi.org/10.1145/2382196.2382235

Published: 16 October 2012 Publication History

Abstract

This paper presents the design and implementation of Souche, a system that recognizes legitimate users early in online services. This early recognition contributes to both usability and security. Souche leverages social connections established over time. Legitimate users help identify other legitimate users through an implicit vouching process, strategically controlled within vouching trees. Souche is lightweight and fully transparent to users. In our evaluation on a real dataset of several hundred million users, Souche can efficiently identify 85% of legitimate users early, while reducing the percentage of falsely admitted malicious users from 44% to 2.4%. Our evaluation further indicates that Souche is robust in the presence of compromised accounts. It is generally applicable to enhance usability and security for a wide class of online services.

References

[1]

Cyber-Criminals Shift to Compromised Web Mail Accounts for Spam Delivery. http://www.eweek.com/c/a/Messaging-and-Collaboration/CyberCriminals-Shift-to-Compromised-Web-Mail-Accounts-for-Spam-Delivery-808933/.

[2]

Inside India's CAPTCHA-Solving Economy. http://blogs.zdnet.com/security/?p=1835.

[3]

Message Bounced Due to Sending Limit. http://mail.google.com/support/bin/answer.py?hl=en&answer=22839.

[4]

New Spammer Tactics--Compromised Accounts Now Favored. http://blog.commtouch.com/cafe/dataand-research/new-spammer-tactics.

[5]

Rise in Hacked Gmail, Hotmail, and Yahoo Email. http://www.boxaid.com/word/viruses-and-malware/rise-in-hacked-gmail-hotmailand-yahoo-email.

[6]

Spammers Using Porn to Break Captchas. http://www.schneier.com/blog/archives/2007/11/spammers_using.html.

[7]

Twitter User Reputation Computed from Tweets. http://blog.tagwalk.com/2009/11/twitter-user-reputation-computed-from-tweets.

[8]

Y. Ahn, S. Han, H. Kwak, S. Moon, and H. Jeong. Analysis of Topological Characteristics of Huge Online Social Networking Services. In WWW, 2007.

Digital Library

[9]

A. Bonato, J. Janssen, and P. Pralat. A Geometric Model for On-line Social Networks. In Workshop on Online Social Networks (WOSN), 2010.

Digital Library

[10]

Y. Boshmaf, I. Muslukhov, K. Beznosov, and M. Ripeanu. The Socialbot Network: When Bots Socialize for Fame and Money. In Proc. of the 27th Annual Computer Security Applications Conference (ACSAC'11), 2011.

Digital Library

[11]

P. Boykin and V. P. Roychowdhury. Leveraging Social Networks to Fight Spam. IEEE Computer, 38, 2005.

Digital Library

[12]

E. Bursztein, S. Bethard, C. Fabry, J. C. Mitchell, and D. Jurafsky. How Good are Humans at Solving CAPTCHAs? A Large Scale Evaluation. In IEEE Syposium of Security and Privacy, 2010.

Digital Library

[13]

Q. Cao, M. Sirivianos, X. Yang, and T. Pregueiro. Aiding the Detection of Fake Accounts in Large Scale Social Online Services. In NSDI, 2012.

Digital Library

[14]

P. Chirita, J. Diederich, and W. Nejdl. MailRank: Global Attack-Resistant Whitelists for Spam Detection. In Conference on Information and Knowledge Management (CIKM), 2005.

Digital Library

[15]

G. Danezis and P. Mittal. SybilInfer: Detecting Sybil Nodes using Social Networks. In NDSS, 2009.

[16]

J. Douceur. The Sybil Attack. In IPTPS, 2002.

Digital Library

[17]

J. Golbeck. Computing with Social Trust. Springer, 2008.

Digital Library

[18]

C. Grier, K. Thomas, V. Paxson, and M. Zhang. @spam: The Underground on 140 Characters or Less. In CCS, 2010.

Digital Library

[19]

S. Hao, N. A. Syed, N. Feamster, A. G. Gray, and S. Krasser. Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine. In USENIX Security, 2009.

Digital Library

[20]

J. Kleinberg. The Small-World Phenomenon: An Algorithmic Perspective. In Proc. 32nd ACM Symposium on Theory of Computing, 2000.

Digital Library

[21]

A. Mislove, M. Marcon, K. P. Gummadi, P. Druschel, and B. Bhattacharjee. Measurement and Analysis of Online Social Networks. In IMC, 2007.

Digital Library

[22]

A. Mohaisen, A. Yun, and Y. Kim. Measuring the Mixing Time of Social Graphs. In IMC, 2010.

Digital Library

[23]

M. Motoyama, K. Levchenko, C. Kanich, D. McCoy, G. M. Voelker, and S. Savage. Re: CAPTCHAs--Understanding CAPTCHA-Solving Services in an Economic Context. In Usenix Security, 2010.

Digital Library

[24]

A. P. V. Shah and A. Mislove. Bazaar: Strengthening User Reputations in Online Marketplaces. In NSDI, 2011.

Digital Library

[25]

N. Tran, J. Li, L. Subramanian, and S. S. Chow. Optimal Sybil-resilient Node Admission Control. In Infocom, 2011.

[26]

N. Tran, B. Min, J. Li, and L. Subramanian. Sybil-Resilient Online Content Voting. In NSDI, 2009.

Digital Library

[27]

B. Viswanath, K. P. Gummadi, A. Post, and A. Mislove. An Analysis of Social Network-Based Sybil Defenses. In SIGCOMM, 2010.

Digital Library

[28]

C. Wilson, B. Boe, A. Sala, K. P. N. Puttaswamy, and B. Y. Zhao. User Interactions in Social Networks and their Implications. In EuroSys, 2009.

Digital Library

[29]

Y. Xie, F. Yu, K. Achan, R. Panigrahy, G. Hulten, and I. Osipkov. Spamming Botnets: Signatures and Characteristics. In SIGCOMM, 2008.

Digital Library

[30]

Z. Yang, C. Wilson, X. Wang, T. Gao, B. Y. Zhao, and Y. Dai. Uncovering Social Network Sybils in the Wild. In IMC, 2011.

Digital Library

[31]

H. Yu, P. B. Gibbons, M. Kaminsky, and F. Xiao. SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks. In IEEE Symposium on Security and Privacy, 2008.

Digital Library

[32]

H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. SybilGuard: Defending Against Sybil Attacks via Social Networks. In SIGCOMM, 2006.

Digital Library

[33]

Y. Yu, M. Isard, D. Fetterly, M. Budiu, U. Erlingsson, P. K. Gunda, and J. Currey. DryadLINQ: A System for General-Purpose Distributed Data-Parallel Computing Using a High-Level Language. In OSDI, 2008.

Digital Library

[34]

Y. Zhao, Y. Xie, F. Yu, Q. Ke, Y. Yu, Y. Chen, and E. Gillum. BotGraph: Large Scale Spamming Botnet Detection. In NSDI, 2009.

Digital Library

Cited By

Chawla VKapoor Y(2023)A hybrid framework for bot detection on twitter: Fusing digital DNA with BERTMultimedia Tools and Applications10.1007/s11042-023-14730-582:20(30831-30854)Online publication date: 1-Mar-2023
https://doi.org/10.1007/s11042-023-14730-5
Azhari LBarmawi A(2022)Activity Attribute-Based User Behavior Model for Continuous User AuthenticationProceedings of the 2022 12th International Conference on Communication and Network Security10.1145/3586102.3586113(69-76)Online publication date: 1-Dec-2022
https://dl.acm.org/doi/10.1145/3586102.3586113
Jia NBagam LFabijanczyk PCeesay E(2022)Machine Learning models for Customer Relationship Analysis to Improve Satisfaction Rate in Banking2022 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS)10.1109/IEMTRONICS55184.2022.9795855(1-9)Online publication date: 1-Jun-2022
https://doi.org/10.1109/IEMTRONICS55184.2022.9795855
Show More Cited By

Index Terms

Innocent by association: early recognition of legitimate users
1. Information systems
  1. World Wide Web
    1. Web applications
      1. Internet communications tools
        Email

Recommendations

Consequences of Connectivity: Characterizing Account Hijacking on Twitter
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

In this study we expose the serious large-scale threat of criminal account hijacking and the resulting damage incurred by users and web services. We develop a system for detecting large-scale attacks on Twitter that identifies 14 million victims of ...
"My religious aunt asked why i was trying to sell her viagra": experiences with account hijacking
CHI '14: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

With so much of our lives digital, online, and not entirely under our control, we risk losing access to our communications, reputation, and data. Recent years have brought a rash of high-profile account compromises, but account hijacking is not limited ...
Analysis of a social engineering threat to information security exacerbated by vulnerabilities exposed through the inherent nature of social networking websites
InfoSecCD '09: 2009 Information Security Curriculum Development Conference

Social engineering is defined as "a process in which an attacker attempts to acquire information about your network and system by social means." Social networking websites are those where one person creates a message and presents it to an audience, ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

October 2012

1088 pages

ISBN:9781450316514

DOI:10.1145/2382196

General Chair:
Ting Yu
North Carolina State University, USA
,
Program Chairs:
George Danezis
Microsoft Research Cambridge, UK
,
Virgil Gligor
Carnegie Mellon University, USA

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 October 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'12

Sponsor:

SIGSAC

CCS'12: the ACM Conference on Computer and Communications Security

October 16 - 18, 2012

North Carolina, Raleigh, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

27
Total Citations
View Citations
604
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)2

Reflects downloads up to 30 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chawla VKapoor Y(2023)A hybrid framework for bot detection on twitter: Fusing digital DNA with BERTMultimedia Tools and Applications10.1007/s11042-023-14730-582:20(30831-30854)Online publication date: 1-Mar-2023
https://doi.org/10.1007/s11042-023-14730-5
Azhari LBarmawi A(2022)Activity Attribute-Based User Behavior Model for Continuous User AuthenticationProceedings of the 2022 12th International Conference on Communication and Network Security10.1145/3586102.3586113(69-76)Online publication date: 1-Dec-2022
https://dl.acm.org/doi/10.1145/3586102.3586113
Jia NBagam LFabijanczyk PCeesay E(2022)Machine Learning models for Customer Relationship Analysis to Improve Satisfaction Rate in Banking2022 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS)10.1109/IEMTRONICS55184.2022.9795855(1-9)Online publication date: 1-Jun-2022
https://doi.org/10.1109/IEMTRONICS55184.2022.9795855
Shakir M(2021)Applying Human Behaviour Recognition in Cloud Authentication Method—A ReviewProceedings of International Conference on Emerging Technologies and Intelligent Systems10.1007/978-3-030-85990-9_45(565-578)Online publication date: 3-Dec-2021
https://doi.org/10.1007/978-3-030-85990-9_45
Torusdag MKutlu MSelcuk A(2020)Are We Secure from Bots? Investigating Vulnerabilities of Botometer2020 5th International Conference on Computer Science and Engineering (UBMK)10.1109/UBMK50275.2020.9219433(343-348)Online publication date: Sep-2020
https://doi.org/10.1109/UBMK50275.2020.9219433
Wei FNguyen U(2019)Twitter Bot Detection Using Bidirectional Long Short-Term Memory Neural Networks and Word Embeddings2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)10.1109/TPS-ISA48467.2019.00021(101-109)Online publication date: Dec-2019
https://doi.org/10.1109/TPS-ISA48467.2019.00021
Karataş AŞahin S(2018)SOSYAL BOT ALGILAMA TEKNİKLERİ VE ARAŞTIRMA YÖNLERİ ÜZERİNE BİR İNCELEMEUluslararası Bilgi Güvenliği Mühendisliği Dergisi10.18640/ubgmd.3485174:1(10-20)Online publication date: 30-Jun-2018
https://doi.org/10.18640/ubgmd.348517
Perna DTagarelli ALee DSastry NWeber I(2018)Learning to Rank Social BotsProceedings of the 29th on Hypertext and Social Media10.1145/3209542.3209563(183-191)Online publication date: 3-Jul-2018
https://dl.acm.org/doi/10.1145/3209542.3209563
Paradise AShabtai APuzis R(2018)Detecting Organization-Targeted Socialbots by Monitoring Social Network ProfilesNetworks and Spatial Economics10.1007/s11067-018-9406-119:3(731-761)Online publication date: 11-Jul-2018
https://doi.org/10.1007/s11067-018-9406-1
Paradise APuzis RShabtai A(2018)SocialbotsEncyclopedia of Social Network Analysis and Mining10.1007/978-1-4939-7131-2_110212(2802-2816)Online publication date: 12-Jun-2018
https://doi.org/10.1007/978-1-4939-7131-2_110212
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents