000000301 001__ 301
000000301 005__ 20150519044448.0
000000301 037__ $$aLERSSE-THESIS-2015-002
000000301 100__ $$aYazan Boshmaf
000000301 245__ $$aSecurity Analysis of Malicious Socialbots on the Web
000000301 260__ $$c2015-05-13
000000301 300__ $$amult. p
000000301 520__ $$aThe open nature of the Web, online social networks (OSNs) in particular, makes it possible to design socialbots—automation software that controls fake accounts in a target OSN, and has the ability to perform basic activities similar to those of real users. In the wrong hands, socialbots can be used to infiltrate online communities, build up trust over time, and then engage in various malicious activities. This dissertation presents an in-depth security analysis of malicious socialbots on the Web, OSNs in particular. The analysis focuses on two main goals: (1) to characterize and analyze the vulnerability of OSNs to cyber attacks by malicious socialbots, social infiltration in particular, and (2) to design and evaluate a countermeasure to efficiently and effectively defend against socialbots. To achieve these goals, we first studied social infiltration as an organized campaign operated by a socialbot network (SbN)—a group of programmable socialbots that are coordinated by an attacker in a botnet-like fashion. We implemented a prototypical SbN consisting of 100 socialbots and operated it on Facebook for 8 weeks. Among various findings, we observed that some users are more likely to become victims than others, depending on factors related to their social structure. Moreover, we found that traditional OSN defenses are not effective at identifying automated fake accounts or their social infiltration campaigns. Based on these findings, we designed Integro—an infiltration-resilient defense system that helps OSNs detect automated fake accounts via a user ranking scheme. In particular, Integro relies on a novel approach that leverages victim classification for robust graph-based fake account detection, with provable security guarantees. We implemented Integro on top of widely-used, open-source distributed systems, in which it scaled nearly linearly. We evaluated Integro against SybilRank—the state-of-the-art in graph-based fake account detection—using real-world datasets and a large-scale, production-class deployment at Tuenti, the largest OSN in Spain with more than 15 million users. We showed that Integro significantly outperforms SybilRank in ranking quality, allowing Tuenti to detect at least 10 times more fake accounts than their current abuse detection system.
000000301 6531_ $$aSocialbots
000000301 6531_ $$aSocial Botnets
000000301 6531_ $$aSocial Infiltration
000000301 6531_ $$aFake Accounts
000000301 6531_ $$aGraph-based Detection
000000301 6531_ $$aFeature-based Detection
000000301 6531_ $$aUser Ranking
000000301 6531_ $$aOnline Social Networks
000000301 6531_ $$aWeb Security
000000301 6531_ $$aOnline Privacy
000000301 8560_ $$fboshmaf@ece.ubc.ca
000000301 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/301/files/ubc_2015_september_boshmaf_yazan.pdf
000000301 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/301/files/ubc_2015_september_boshmaf_yazan.pdf?subformat=pdfa$$xpdfa
000000301 909C4 $$pYazan Boshmaf, Security Analysis of Malicious Socialbots on the Web, PhD Dissertation, UBC, 2015
000000301 980__ $$aTHESIS