research-article

Public Access

10 Bits of Surprise: Detecting Malicious Users with Minimum Information

Authors:

Huan LiuAuthors Info & Claims

CIKM '15: Proceedings of the 24th ACM International on Conference on Information and Knowledge Management

Pages 423 - 431

https://doi.org/10.1145/2806416.2806535

Published: 17 October 2015 Publication History

Abstract

Malicious users are a threat to many sites and defending against them demands innovative countermeasures. When malicious users join sites, they provide limited information about themselves. With this limited information, sites can find it difficult to distinguish between a malicious user and a normal user. In this study, we develop a methodology that identifies malicious users with limited information. As information provided by malicious users can vary, the proposed methodology utilizes minimum information to identify malicious users. It is shown that as little as 10 bits of information can help greatly in this challenging task. The experiments results verify that this methodology is effective in identifying malicious users in the realistic scenario of limited information availability.

References

[1]

Anne Barron. Understanding spam: A macro-textual analysis. Journal of Pragmatics, 38(6):880--904, 2006.

[2]

Fabrício Benevenuto, Gabriel Magno, Tiago Rodrigues, and Virgílio Almeida. Detecting spammers on twitter. In CEAS, volume 6, page 12, 2010.

[3]

Fabricio Benevenuto, Tiago Rodrigues, Virgilio Almeida, Jussara Almeida, Chao Zhang, and Keith Ross. Identifying video spammers in online social networks. In Proceedings of the 4th international workshop on Adversarial information retrieval on the web, pages 45--52. ACM, 2008.

Digital Library

[4]

Qiang Cao, Michael Sirivianos, Xiaowei Yang, and Tiago Pregueiro. Aiding the detection of fake accounts in large scale social online services. In NSDI, 2012.

Digital Library

[5]

Zi Chu, Steven Gianvecchio, Haining Wang, and Sushil Jajodia. Who is tweeting on twitter: human, bot, or cyborg? In ACSAC, pages 21--30, 2010.

Digital Library

[6]

Thomas M Cover and Joy A Thomas. Elements of information theory. John Wiley & Sons, 2012.

Digital Library

[7]

George Danezis and Prateek Mittal. Sybilinfer: Detecting sybil nodes using social networks. In NDSS, 2009.

[8]

C. Doctorow. Preliminary Analysis of LinkedIn User Passwords. http://bit.ly/L5AHo3.

[9]

T. Dunning. Statistical Identification of Language. CR Lab, New Mexico State University, 1994.

[10]

J. Elder. Inside a Twitter Robot Factory. http://on.wsj.com/1bdQbEI.

[11]

Lee Ellis, Kevin M Beaver, and John Wright. Handbook of crime correlates. Academic Press, 2009.

[12]

Hongyu Gao, Jun Hu, Christo Wilson, Zhichun Li, Yan Chen, and Ben Y Zhao. Detecting and characterizing social spam campaigns. In IMC, pages 35--47. ACM, 2010.

Digital Library

[13]

Saptarshi Ghosh, Bimal Viswanath, Farshad Kooti, Naveen Kumar Sharma, Gautam Korlam, Fabricio Benevenuto, Niloy Ganguly, and Krishna Phani Gummadi. Understanding and combating link farming in the twitter social network. In WWW, pages 61--70. ACM, 2012.

Digital Library

[14]

Sam Gosling. Snoop: What your stuff says about you. Basic Books, 2009.

[15]

C Harris. Detecting deceptive opinion spam using human computation. In Workshops at AAAI on Artificial Intelligence, 2012.

[16]

Muhammad Asim Jamshed, Wonho Kim, and KyoungSoo Park. Suppressing bot traffic with accurate human attestation. In Proceedings of the 1st ACM asia-pacific Workshop on systems, pages 43--48, 2010.

Digital Library

[17]

Ioannis Kanaris, Konstantinos Kanaris, Ioannis Houvardas, and Efstathios Stamatatos. Words versus character n-grams for anti-spam filtering. International Journal on Artificial Intelligence Tools, 16(06):1047--1067, 2007.

[18]

Ioannis Kanaris, Konstantinos Kanaris, and Efstathios Stamatatos. Spam detection using character n-grams. In Advances in Artificial Intelligence, pages 95--104. Springer, 2006.

Digital Library

[19]

Eamonn Keogh, Stefano Lonardi, and Chotirat Ann Ratanamahatana. Towards parameter-free data mining. In SIGKDD, pages 206--215. ACM, 2004.

Digital Library

[20]

Beate Krause, Christoph Schmitz, Andreas Hotho, and Gerd Stumme. The anti-social tagger: detecting spam in social bookmarking systems. In Proceedings of the 4th international workshop on Adversarial information retrieval on the web, pages 61--68. ACM, 2008.

Digital Library

[21]

Ho-Yu Lam. A learning approach to spam detection based on social networks. PhD thesis, HKUST, 2007.

[22]

Ming Li and Paul MB Vitányi. An introduction to Kolmogorov complexity and its applications. Springer, 2009.

Digital Library

[23]

Vijay Mahajan and Robert A Peterson. Models for innovation diffusion, volume 48. Sage, 1985.

[24]

Benjamin Markines, Ciro Cattuto, and Filippo Menczer. Social spam detection. In Proceedings of the 5th International Workshop on Adversarial Information Retrieval on the Web, pages 41--48, 2009.

Digital Library

[25]

MediaWiki. Combating Spam - List of Proxy and Spambot IPs. bit.ly/1mwUqml.

[26]

Greg Mori and Jitendra Malik. Recognizing objects in adversarial clutter: Breaking a visual captcha. In CVPR, volume 1, pages I--134. IEEE, 2003.

Digital Library

[27]

Terri Oda and Tony White. Increasing the accuracy of a spam-detecting artificial immune system. In CEC, volume 1, pages 390--396. IEEE, 2003.

[28]

Daniele Perito, Claude Castelluccia, Mohamed Ali Kaafar, and Pere Manils. How unique and traceable are usernames? In PET, pages 1--17. Springer, 2011.

Digital Library

[29]

Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna. Detecting spammers on social networks. In ACSAC, pages 1--9. ACM, 2010.

Digital Library

[30]

Dinh Nguyen Tran, Bonan Min, Jinyang Li, and Lakshminarayanan Subramanian. Sybil-resilient online content voting. In NSDI, volume 9, pages 15--28, 2009.

Digital Library

[31]

Nguyen Tran, Jinyang Li, Lakshminarayanan Subramanian, and Sherman SM Chow. Optimal sybil-resilient node admission control. In INFOCOM, pages 3218--3226, 2011.

[32]

Bimal Viswanath, Ansley Post, Krishna P Gummadi, and Alan Mislove. An analysis of social network-based sybil defenses. SIGCOMM Computer Communication Review, 41(4):363--374, 2011.

Digital Library

[33]

Luis Von Ahn, Manuel Blum, Nicholas J Hopper, and John Langford. Captcha: Using hard ai problems for security. In EUROCRYPT 2003, pages 294--311. Springer, 2003.

Digital Library

[34]

Alex Hai Wang. Don't follow me: Spam detection in twitter. In SECRYPT, pages 1--10. IEEE, 2010.

[35]

T. Wasserman. 83 Million Facebook Accounts Are Fake. http://on.mash.to/1hdze2B.

[36]

Wikipedia. Keyboard Layouts. http://bit.ly/kXso.

[37]

Wikipedia. List of countries by population. http://bit.ly/1eTTUHe.

[38]

Gregory L Wittel and Shyhtsun Felix Wu. On attacking statistical spam filters. In CEAS, 2004.

[39]

Yinglian Xie, Fang Yu, Kannan Achan, Rina Panigrahy, Geoff Hulten, and Ivan Osipkov. Spamming botnets: signatures and characteristics. Computer Communication Review, 38(4):171--182, 2008.

Digital Library

[40]

J. Yan, A. Blackwell, R. Anderson, and A. Grant. The Memorability and Security of Passwords-Some Empirical Results. U. of Cambridge Tech. Rep., 2000.

[41]

Jeff Yan and Ahmad Salah El Ahmad. A low-cost attack on a microsoft captcha. In Proceedings of the 15th ACM conference on Computer and communications security, pages 543--554. ACM, 2008.

Digital Library

[42]

Zhi Yang, Christo Wilson, Xiao Wang, Tingting Gao, Ben Y Zhao, and Yafei Dai. Uncovering social network sybils in the wild. In IMC, pages 259--268. ACM, 2011.

Digital Library

[43]

Sarita Yardi, Daniel Romero, Grant Schoenebeck, et al. Detecting spam in a twitter network. First Monday, 15(1), 2009.

[44]

Haifeng Yu, Phillip B Gibbons, Michael Kaminsky, and Feng Xiao. Sybillimit: A near-optimal social network defense against sybil attacks. In Security and Privacy, pages 3--17, 2008.

Digital Library

[45]

Haifeng Yu, Michael Kaminsky, Phillip B Gibbons, and Abraham Flaxman. Sybilguard: defending against sybil attacks via social networks. Computer Communication Review, 36(4):267--278, 2006.

Digital Library

[46]

Reza Zafarani and Huan Liu. Connecting users across social media sites: a behavioral-modeling approach. In SIGKDD, pages 41--49. ACM, 2013.

Digital Library

Cited By

Sakib MSpezzano F(2022)Automated Detection of Sockpuppet Accounts in Wikipedia2022 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM)10.1109/ASONAM55673.2022.10068604(155-158)Online publication date: 10-Nov-2022
https://doi.org/10.1109/ASONAM55673.2022.10068604
Jiang JLiu QYu MLi GLiu MLiu CHuang W(2021)Landscape-Enhanced Graph Attention Network for Rumor DetectionKnowledge Science, Engineering and Management10.1007/978-3-030-82153-1_16(188-199)Online publication date: 14-Aug-2021
https://dl.acm.org/doi/10.1007/978-3-030-82153-1_16
Joshi NSpezzano FGreen MHill E(2020)Detecting Undisclosed Paid Editing in WikipediaProceedings of The Web Conference 202010.1145/3366423.3380055(2899-2905)Online publication date: 20-Apr-2020
https://dl.acm.org/doi/10.1145/3366423.3380055
Show More Cited By

Index Terms

10 Bits of Surprise: Detecting Malicious Users with Minimum Information
1. Information systems
  1. Information systems applications
    1. Data mining

Recommendations

Containment of network worms via per-process rate-limiting
SecureComm '08: Proceedings of the 4th international conference on Security and privacy in communication netowrks

Network worms pose a serious threat to the Internet infrastructure as well as end-users. Various techniques have been proposed for detection of, and response against worms. A frequently-used and automated response mechanism is to rate-limit outbound ...
An Anti-Malicious Task Allocation Mechanism in Crowdsensing Systems
Abstract
Crowdsensing has emerged as a promising data collection paradigm for utilizing embedded sensors in mobile devices to monitor the real world. However, due to the existence of malicious users, data quality problem has become a critical ...
Highlights
- Utilizing observations to detect malicious users with cost-efficiency and accuracy.
DTB-IDS: an intrusion detection system based on decision tree using behavior analysis for preventing APT attacks

Due to rapid growth of communications and networks, a cyber-attack with malicious codes has been coming as a new paradigm in information security area since last few years. In particular, an advanced persistent threats (APT) attack is bringing out big ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CIKM '15: Proceedings of the 24th ACM International on Conference on Information and Knowledge Management

October 2015

1998 pages

ISBN:9781450337946

DOI:10.1145/2806416

General Chairs:
James Bailey
The University of Melbourne
,
Alistair Moffat
The University of Melbourne
,
Program Chairs:
Charu C. Aggarwal
IBM
,
Maarten de Rijke
University of Amsterdam
,
Ravi Kumar
Google
,
Vanessa Murdock
Microsoft
,
Timos Sellis
RMIT University
,
Jeffrey Xu Yu
Chinese University of Hong Kong

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 October 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

ONR

Conference

CIKM'15

Sponsor:

CIKM'15: 24th ACM International Conference on Information and Knowledge Management

October 18 - 23, 2015

Melbourne, Australia

Acceptance Rates

CIKM '15 Paper Acceptance Rate 165 of 646 submissions, 26%;

Overall Acceptance Rate 1,861 of 8,427 submissions, 22%

Upcoming Conference

CIKM '25

Sponsor:
sigir
sigir

The 34th ACM International Conference on Information and Knowledge Management

November 10 - 14, 2025

Seoul , Republic of Korea

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

22
Total Citations
View Citations
671
Total Downloads

Downloads (Last 12 months)59
Downloads (Last 6 weeks)12

Reflects downloads up to 20 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Sakib MSpezzano F(2022)Automated Detection of Sockpuppet Accounts in Wikipedia2022 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM)10.1109/ASONAM55673.2022.10068604(155-158)Online publication date: 10-Nov-2022
https://doi.org/10.1109/ASONAM55673.2022.10068604
Jiang JLiu QYu MLi GLiu MLiu CHuang W(2021)Landscape-Enhanced Graph Attention Network for Rumor DetectionKnowledge Science, Engineering and Management10.1007/978-3-030-82153-1_16(188-199)Online publication date: 14-Aug-2021
https://dl.acm.org/doi/10.1007/978-3-030-82153-1_16
Joshi NSpezzano FGreen MHill E(2020)Detecting Undisclosed Paid Editing in WikipediaProceedings of The Web Conference 202010.1145/3366423.3380055(2899-2905)Online publication date: 20-Apr-2020
https://dl.acm.org/doi/10.1145/3366423.3380055
Wu BLiu LYang YZheng KWang X(2020)Using Improved Conditional Generative Adversarial Networks to Detect Social Bots on TwitterIEEE Access10.1109/ACCESS.2020.29756308(36664-36680)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.2975630
Deng XDai ZSun MLv T(2020)Variational Autoencoder Based Enhanced Behavior Characteristics Classification for Social Robot DetectionSecurity and Privacy in Digital Economy10.1007/978-981-15-9129-7_17(232-248)Online publication date: 22-Oct-2020
https://doi.org/10.1007/978-981-15-9129-7_17
Cresci SPetrocchi MSpognardi ATognazzi SBoldi PWelles BKinder-Kurlanda KWilson CPeters IMeira W(2019)Better Safe Than SorryProceedings of the 10th ACM Conference on Web Science10.1145/3292522.3326030(47-56)Online publication date: 26-Jun-2019
https://dl.acm.org/doi/10.1145/3292522.3326030
Wu LLiu HBoldi PWelles BKinder-Kurlanda KWilson CPeters IMeira W(2019)Debunking Rumors in Social NetworksProceedings of the 10th ACM Conference on Web Science10.1145/3292522.3326025(323-331)Online publication date: 26-Jun-2019
https://dl.acm.org/doi/10.1145/3292522.3326025
Alvari HSarkar SShakarian P(2019)Detection of Violent Extremists in Social Media2019 2nd International Conference on Data Intelligence and Security (ICDIS)10.1109/ICDIS.2019.00014(43-47)Online publication date: Jun-2019
https://doi.org/10.1109/ICDIS.2019.00014
Guo ZYang J(2018)Rumor Detection on Twitter with Hierarchical Attention Neural Networks2018 IEEE 9th International Conference on Software Engineering and Service Science (ICSESS)10.1109/ICSESS.2018.8663917(783-787)Online publication date: Nov-2018
https://doi.org/10.1109/ICSESS.2018.8663917
Yildirim MOzer MDavulcu H(2018)Cost-Sensitive Decision Making for Online Fraud ManagementArtificial Intelligence Applications and Innovations10.1007/978-3-319-92007-8_28(323-336)Online publication date: 22-May-2018
https://doi.org/10.1007/978-3-319-92007-8_28
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents