Presentation is loading. Please wait.

Presentation is loading. Please wait.

Qiang Cao Duke University

Published byEaster Chambers Modified over 9 years ago

Similar presentations

Presentation on theme: "Qiang Cao Duke University"— Presentation transcript:

1 Aiding the Detection of Fake Accounts in Large Scale Social Online Services
Qiang Cao Duke University Michael Sirivianos Xiaowei Yang Tiago Pregueiro Cyprus Univ. of Technology Duke University Tuenti, Telefonica Digital Telefonica Research

2 Fake accounts (Sybils) in OSNs

3 Fake accounts for sale 2010

4 Why are fakes harmful? Fake (Sybil) accounts in OSNs can be used to:
Send spam [IMC’10] Manipulate online rating [NSDI’09] Access personal user info [S&P’11] “the geographic location of our users is estimated based on a number of factors, such as IP address, which may not always accurately reflect the user's actual location. If advertisers, developers, or investors do not perceive our user metrics to be accurate representations of our user base, or if we discover material inaccuracies in our user metrics, our reputation may be harmed and advertisers and developers may be less willing to allocate their budgets or resources to Facebook, which could negatively affect our business and financial results.”

5 Detecting Sybils is challenging
Sybils may resemble real users Difficult to automatically detect using profile and activity features

6 User profiles & activities
Current practice Employs many counter-measures False positives are detrimental to user experience Real users respond very negatively Inefficient use of human labor! User abuse reports Tuenti’s user inspection team Reviews ~12, 000 abusive profile reports per day An employee reviews ~300 reports per hour Deletes ~100 fake accounts per day Human verifiers User profiles & activities Automated classification (Machine learning) Suspicious accounts Mitigation mechanisms

7 User profiles & activities
Can we improve the workflow? User abuse reports Human verifiers User profiles & activities Automated classification (Machine learning) Suspicious accounts Mitigation mechanisms Sybil detection

8 Leveraging the social relationship
The foundation of social-graph-based schemes Sybils have limited social links to real users Can complement current OSN counter-measures Attack edges Non-Sybil region Sybil region

9 Goals of a practical social-graph-based Sybil defense
Effective Uncovers fake accounts with high accuracy Efficient Able to process huge online social networks

10 How to build a practical social-graph-based Sybil defense?
SybilGuard [SIGCOMM’06] SybilLimit [S&P’08] SybilInfer [NDSS’09] PageRank [Page et al. 99] EigenTrust [WWW’03] Traditional trust inference? Sybil*? Sybil* is too expensive in OSNs Designed for decentralized settings PageRank is not Sybil-resilient EigenTrust is substantially manipulable [NetEcon’06]

11 SybilRank in a nutshell
Uncovers Sybils by ranking OSN users Sybils are ranked towards the bottom Based on short random walks Uses parallel computing framework Practical Sybil defense: efficient and effective Low computational cost: O(n log n) ≥20% more accurate than the 2nd best scheme Real-world deployment in Tuenti

12 Primer on short random walks
Trust seed Limited probability of escaping to the Sybil region

13 SybilRank’s key insights
Main idea Ranks by the landing probability of short random walks Uses power iteration to compute the landing probability Iterative matrix multiplication (used by PageRank) Much more efficient than random walk sampling (Sybil*) O(n log n) computational cost As scalable as PageRank

14 An example G B A E F I C D H Landing probability of short random walks
Initialization Step 1 G B 5/12 1/6 A E F I 1/6 1/4 1/6 C 1/4 D H 1/6 1/6 1/2 1/4 1/2 Trust seed Non-Sybil users Sybils

15 An example Non-Sybil users have higher
Stationary distribution Identical degree-normalized landing probability: 1/24 Early Termination 1/65 Step 4 1/6 3/24 2/24 G B 1/5 1/8 1/12 1/81 3/24 3/24 3/24 2/24 A E F I Non-Sybil users have higher degree-normalized landing probability C D H 1/6 1/4 2/24 3/24 1/65 3/24 B C A E D F I G H Rankings

16 How many steps? O(log n) steps to cover the non-Sybil region
The non-Sybil region is fast-mixing (well-connected) [S&P’08 ] O(log n) steps Trust seed Stationary distribution approximation

17 Overview Problem and Motivation Challenges Key Insights Design Details
Evaluation

18 We divide the landing probability by the node degree
Eliminates the node degree bias False positives: low-degree non-Sybil users False negatives: high-degree Sybils Security guarantee Accept O(log n) Sybils per attack edge Theorem: When an attacker randomly establishes g attack edges in a fast mixing social network, the total number of Sybils that rank higher than non-Sybils is O(g log n). Rankings Only O(g log n)

19 Coping with the multi-community structure
A weakness of social-graph-based schemes [SIGCOMM’10] Solution: leverage the support for multiple seeds Distribute seeds into communities Trust seed False positives San Diego San Jose Los Angeles San Francisco Fresno

20 How to distribute seeds?
Estimate communities The Louvain method [Blondel et al., J. of Statistical Mechanics’08] Distribute non-Sybil seeds in communities Manually inspect a set of nodes in each community Use the nodes that passed the inspection as seeds Sybils cannot be seeds

21 Evaluation Comparative evaluation Real-world deployment in Tuenti

22 Comparative evaluation
Stanford large network dataset collection Ranking quality Area under the Receiver Operating Characteristics (ROC) curve [Viswanath et al., SIGCOMM’10] Compared approaches SybilLimit (SL) SybilInfer (SI) EigenTrust (ET) GateKeeper [INFOCOM’11] Community detection [SIGCOMM’10] [Fogarty et al., GI’05]

23 SybilRank has the lowest false rates
EigenTrust 20% lower false positive and false negative rates than the 2nd best scheme

24 Real-world deployment
Used the anonymized Tuenti social graph 11 million users 1.4 billion social links 25 large communities with >100K nodes in each

25 A 20K-user Tuenti community
Fake accounts A real community of the Tuenti 11M-user social network Real accounts

26 Various connection patterns among suspected fakes
Clique Tightly connected Loosely connected

27 A global view of suspected fakes’ connections
50K suspected accounts Small clusters/cliques Controlled by many distinct attackers

28 SybilRank is effective
Percentage of fakes in each 50K-node interval Estimated by random sampling Fakes are confirmed by Tuenti’s inspection team Percentage of fakes High percentage of fakes ~180K fakes among the lowest-ranked 200K users Tuenti uncovers x18 more fakes 50K-node intervals in the ranked list (Intervals are numbered from the bottom)

29 Conclusion: a practical Sybil defense
SybilRank: ranks users according to the landing probability of short random walks Computational cost O(n log n) Provable security guarantee Deployment in Tuenti ~200K lowest ranked users are mostly Sybils Enhances Tuenti’s previous Sybil defense workflow

30 Thank You! Questions? qiangcao@cs.duke.edu
Questions?

Download ppt "Qiang Cao Duke University"

Similar presentations

Defending against large-scale crawls in online social networks Mainack Mondal Bimal Viswanath Allen Clement Peter Druschel Krishna Gummadi Alan Mislove.

Defending against large-scale crawls in online social networks Mainack Mondal Bimal Viswanath Allen Clement Peter Druschel Krishna Gummadi Alan Mislove.
An analysis of Social Network-based Sybil defenses Bimal Viswanath § Ansley Post § Krishna Gummadi § Alan Mislove ¶ § MPI-SWS ¶ Northeastern University.

An analysis of Social Network-based Sybil defenses Bimal Viswanath § Ansley Post § Krishna Gummadi § Alan Mislove ¶ § MPI-SWS ¶ Northeastern University.
Analysis and Modeling of Social Networks Foudalis Ilias.

Analysis and Modeling of Social Networks Foudalis Ilias.
Krishna P. Gummadi Networked Systems Research Group MPI-SWS

Krishna P. Gummadi Networked Systems Research Group MPI-SWS
Practical Recommendations on Crawling Online Social Networks

Practical Recommendations on Crawling Online Social Networks
Authors Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, Abraham Flaxman Presented by: Jonathan di Costanzo & Muhammad Atif Qureshi 1.

Authors Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, Abraham Flaxman Presented by: Jonathan di Costanzo & Muhammad Atif Qureshi 1.
An Analysis of Social Network-Based Sybil Defenses Sybil Defender

An Analysis of Social Network-Based Sybil Defenses Sybil Defender
Xiaowei Ying, Xintao Wu, Daniel Barbara Spectrum based Fraud Detection in Social Networks 1.

Xiaowei Ying, Xintao Wu, Daniel Barbara Spectrum based Fraud Detection in Social Networks 1.
Toward an Optimal Social Network Defense Against Sybil Attacks Haifeng Yu National University of Singapore Phillip B. Gibbons Intel Research Pittsburgh.

Toward an Optimal Social Network Defense Against Sybil Attacks Haifeng Yu National University of Singapore Phillip B. Gibbons Intel Research Pittsburgh.
Fighting Fire With Fire: Crowdsourcing Security Solutions on the Social Web Christo Wilson Northeastern University

Fighting Fire With Fire: Crowdsourcing Security Solutions on the Social Web Christo Wilson Northeastern University
Marios Iliofotou (UC Riverside) Brian Gallagher (LLNL)Tina Eliassi-Rad (Rutgers University) Guowu Xi (UC Riverside)Michalis Faloutsos (UC Riverside) ACM.

Marios Iliofotou (UC Riverside) Brian Gallagher (LLNL)Tina Eliassi-Rad (Rutgers University) Guowu Xi (UC Riverside)Michalis Faloutsos (UC Riverside) ACM.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
1 Walking on a Graph with a Magnifying Glass Stratified Sampling via Weighted Random Walks Maciej Kurant Minas Gjoka, Carter T. Butts, Athina Markopoulou.

1 Walking on a Graph with a Magnifying Glass Stratified Sampling via Weighted Random Walks Maciej Kurant Minas Gjoka, Carter T. Butts, Athina Markopoulou.
Haifeng Yu National University of Singapore

Haifeng Yu National University of Singapore
Funding Networks Abdullah Sevincer University of Nevada, Reno Department of Computer Science & Engineering.

Funding Networks Abdullah Sevincer University of Nevada, Reno Department of Computer Science & Engineering.
1 BotGraph: Large Scale Spamming Botnet Detection Yao Zhao EECS Department Northwestern University.

1 BotGraph: Large Scale Spamming Botnet Detection Yao Zhao EECS Department Northwestern University.
Minas Gjoka, UC IrvineWalking in Facebook 1 Walking in Facebook: A Case Study of Unbiased Sampling of OSNs Minas Gjoka, Maciej Kurant ‡, Carter Butts,

Minas Gjoka, UC IrvineWalking in Facebook 1 Walking in Facebook: A Case Study of Unbiased Sampling of OSNs Minas Gjoka, Maciej Kurant ‡, Carter Butts,
PageRank Identifying key users in social networks Student : Ivan Todorović, 3231/2014 Mentor : Prof. Dr Veljko Milutinović.

PageRank Identifying key users in social networks Student : Ivan Todorović, 3231/2014 Mentor : Prof. Dr Veljko Milutinović.
BotGraph: Large Scale Spamming Botnet Detection Yao Zhao Yinglian Xie *, Fang Yu *, Qifa Ke *, Yuan Yu *, Yan Chen and Eliot Gillum ‡ EECS Department,

BotGraph: Large Scale Spamming Botnet Detection Yao Zhao Yinglian Xie *, Fang Yu *, Qifa Ke *, Yuan Yu *, Yan Chen and Eliot Gillum ‡ EECS Department,
SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman Presented by Ryan.

SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman Presented by Ryan.

Similar presentations

Ads by Google