Top

Information Systems Frontiers

Published in:

13-03-2020

NetDER: An Architecture for Reasoning About Malicious Behavior

Authors: Jose N. Paredes, Gerardo I. Simari, Maria Vanina Martinez, Marcelo A. Falappa

Published in: Information Systems Frontiers | Issue 1/2021

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Malicious behavior in social media has many faces, which for instance appear in the form of bots, sock puppets, creation and dissemination of fake news, Sybil attacks, and actors hiding behind multiple identities. In this paper, we propose the NetDER architecture, which takes its name from its two main modules: Net work D iffusion and ontological reasoning based on E xistential R ules), to address these issues. This initial proposal is meant to serve as a roadmap for research and development of tools to attack malicious behavior in social media, guiding the implementation of software in this domain, instead of a specific solution. Our working hypothesis is that these problems – and many others – can be effectively tackled by (i) combining multiple data sources that are constantly being updated, (ii) maintaining a knowledge base using logic-based formalisms capable of value invention to support generating hypotheses based on available data, and (iii) maintaining a related knowledge base with information regarding how actors are connected, and how information flows across their network. We show how these three basic tenets give rise to a general model that has the further capability of addressing multiple problems at once.

previous article Combining Graph Exploration and Fragmentation for Scalable RDF Query Processing

next article TopoGraph: an End-To-End Framework to Build and Analyze Graph Cubes

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

https://nvd.nist.gov/

If one wishes to use an implementation provided by a Semantic Web standard, this can be done taking appropriate measures to first translate the Datalog syntax.

https://nvd.nist.gov/vuln/data-feeds

https://www.cyr3con.ai/

Linux.Luabot is a malware discovered in late 2016 that infects Linux-based hosts via Trojan horse attacks; cf. https://www.symantec.com/security-center/writeup/2016-090915-3236-99

For instance, the rule could have the form “if a user believes that certain software is dangerous with a degree of at least 0.5, then there exists another user who is related to the first, is an expert, and also has this belief with at least 0.5”.

Abokhodair, N., Yoo, D., McDonald, D.W. (2015). Dissecting a social botnet: growth, content and influence in Twitter. In Proceedings of the 18th ACM conference on computer supported cooperative work & social computing (pp. 839–851). ACM.

Baget, J.F., Mugnier, M.L., Rudolph S, Thomazo M. (2011a). Walking the complexity lines for generalized guarded existential rules. In 22nd international joint conference on artificial intelligence. AAAI Press.

Baget, J.F., Mugnier, M.L., Thomazo, M. (2011b). Towards farsighted dependencies for existential rules. In Web reasoning and rule systems (pp. 30–45). Berlin: Springer.

Bekiros, S., Nguyen, D.K., Junior, L.S., Uddin, G.S. (2017). Information diffusion, cluster formation and entropy-based network dynamics in equity and commodity markets. European Journal of Operational Research, 256 (3), 945–961.CrossRef

Benigni, M., & Carley, K.M. (2016). From tweets to intelligence: Understanding the islamic jihad supporting community on twitter. In Xu, K.S., Reitter, D., Lee, D., Osgood, N. (Eds.) Social, cultural, and behavioral modeling (pp. 346–355). Cham: Springer International Publishing.

Benigni, M.C., Joseph, K., Carley, K.M. (2017). Online extremism and the communities that sustain it: Detecting the isis supporting community on twitter. PloS one, 12(12), e0181405.CrossRef

Benigni, M.C., Joseph, K., Carley, K.M. (2019). Bot-ivistm: Assessing information manipulation in social media using network analytics, (pp. 19–42). Cham: Springer International Publishing.

Bianconi, G. (2015). Interdisciplinary and physics challenges of network theory. EPL (Europhysics Letters), 111(5), 56001.CrossRef

Calì, A., Gottlob, G., Lukasiewicz, T. (2012). A general Datalog-based framework for tractable query answering over ontologies. Web Semantics: Science, Services and Agents on the World Wide Web, 4, 57–83.CrossRef

Cali, A., Gottlob, G., Pieris, A. (2012). Towards more expressive ontology languages: the query answering problem. Artificial Intelligence, 193, 87–128.CrossRef

Calì, A., Gottlob, G., Kifer, M. (2013). Taming the infinite chase: Query answering under expressive relational constraints. Journal of Artificial Intelligence Research, 48, 115–174.CrossRef

Centola, D. (2015). The social origins of networks and diffusion. American Journal of Sociology, 120(5), 1295–1338.CrossRef

Conroy, N.J., Rubin, V.L., Chen, Y. (2015). Automatic deception detection: Methods for finding fake news. Proceedings of the association for information science and technology, 52(1), 1–4.CrossRef

Davis, C.A., Varol, O., Ferrara, E., Flammini, A., Menczer, F. (2016). BotOrNot: A system to evaluate social bots. In Proceedings of the 25th international conference companion on World Wide Web. (pp. 273–274). International World Wide Web Conferences Steering Committee.

Deagustini, C.A.D., Martinez, M.V., Falappa, M.A., Simari, G.R. (2016). Datalog+/– ontology consolidation. Journal of Artificial Intelligence Research, 56, 613–656.CrossRef

Deagustini, C.A.D., Martinez, M.V., Falappa, M.A., Simari, G.R. (2018). How does incoherence affect inconsistency-tolerant semantics for Datalog+/–? Annals of Mathematics and Artificial Intelligence, 82(1-3), 43–68.CrossRef

Della Valle, E., Ceri, S., van Harmelen, F., Fensel, D. (2009). It’s a streaming world! reasoning upon rapidly changing information. IEEE Intelligent Systems, 24(6), 83–89.CrossRef

Falappa, M.A., Kern-Isberner, G., Reis, M.D.L., Simari, G.R. (2012). Prioritized and non-prioritized multiple change on belief bases. J Philosophical Log, 41(1), 77–113.CrossRef

Falappa, M.A., García, A.J., Kern-Isberner, G., Simari, G.R. (2013). Stratified belief bases revision with argumentative inference. Journal of Philosophical Logic, 42(1), 161–193.CrossRef

Ferrara, E., Varol, O., Davis, C., Menczer, F., Flammini, A. (2016). The rise of social bots. Communications of the ACM, 59(7), 96–104.CrossRef

Gallo, F.R., Simari, G.I., Martinez, M.V., Falappa, M.A., Santos, N.A. (2017). Reasoning about sentiment and knowledge diffusion in social networks. IEEE Internet Computing, 21(6), 8–17.CrossRef

Gallo, F.R., Simari, G.I., Martinez, M.V., Falappa, M.A. (2019). Predicting user reactions to twitter feed content based on personality type and social cues. Future Generation Computer Systems (In Press).

Jain, P., Kumaraguru, P., Joshi A. (2013). @ i seek ‘fb. me’: Identifying users across multiple online social networks. In Proceedings of the 22nd International Conference on World Wide Web, (pp. 1259–1268). ACM.

Jalili, M., & Perc, M. (2017). Information cascades in complex networks. Journal of Complex Networks, 5(5), 665–693.

Kolaitism, P.G. (2018). Reflections on schema mappings, data exchange, and metadata management. In Proc.ACM SIGMOD/PODS, (pp. 107–109). ACM.

Konieczny, S., & Pino Pérez, R. (2002). Merging information under constraints: A logical framework. Journal of Logic And Computation, 12(5), 773–808.CrossRef

Konieczny, S., & Pino Pérez, R. (2011). Logic based merging. Journal of Philosophical Logic, 40(2), 239–270.CrossRef

Kumar, A., Garg, D., Singh, P. (2017a). Clustering approach to detect profile injection attacks in recommender system. International Journal Of Computer Applications, 166(6), 7–11.CrossRef

Kumar, S., Cheng, J., Leskovec, J., Subrahmanian, V. (2017b). An army of me: Sockpuppets in online discussion communities. In Proceedings of WWW, International World Wide Web conferences steering committee. (pp. 857–866).

Leone, N., Manna, M., Terracina, G., Veltri, P. (2012). Efficiently computable datalog^∃ programs. In Thirteenth international conference on the principles of knowledge representation and reasoning. (AAAI Press).

Lukasiewicz, T., Martinez, M.V., Simari, G.I. (2012). Inconsistency handling in datalog+/– ontologies. In Proc. ECAI, (pp. 558–563).

Malhotra, A., Totti, L., Meira, W. Jr, Kumaraguru, P., Almeida, V. (2012). Studying user footprints in different online social networks. In Proc. ASONAM, IEEE computer society, (pp. 1065–1070).

Malliaros, F.D., Rossi, M.E.G., Vazirgiannis, M. (2016). Locating influential nodes in complex networks. Scientific reports, 6, 19307.CrossRef

Marin, E., Diab, A., Shakarian, P. (2016). Product offerings in malicious hacker markets. In 2016 IEEE conference on intelligence and security informatics (ISI). (IEEE) (pp. 187– 189).

Miller, R.J. (2018). Open data integration. Proceedings of the VLDB Endowment, 11(12), 2130–2139.CrossRef

Noh, G., Ym, Kang, Oh, H., Ck, Kim. (2014). Robust sybil attack defense with information level in online recommender systems. Expert Systems with Applications, 41(4), 1781–1791.CrossRef

Nunes, E., Shakarian, P., Simari, G.I. (2018). At-risk system identification via analysis of discussions on the darkweb. In 2018 APWG symposium on electronic crime research (eCrime), (pp 1–12). IEEE.

Paredes, J.N., Martinez, M.V., Simari, G.I., Falappa, M.A. (2018a). Leveraging probabilistic existential rules for adversarial deduplication. In Proceedings of PRUV@IJCAR 2018 CEUR-WS.

Paredes, J.N., Simari, G.I., Martinez, M.V., Falappa, M.A. (2018b). First steps towards data-driven adversarial deduplication. Information, 9(8), 189.CrossRef

Pavlopoulos, G.A., Secrier, M., Moschopoulos, C.N., Soldatos, T.G., Kossida, S., Aerts, J., Schneider, R., Bagos, P.G. (2011). Using graph theory to analyze biological networks. BioData Mining, 4(1), 10.CrossRef

Robson, D. (2019). Why smart people are more likely to believe fake news. https://www.theguardian.com/books/2019/apr/01/why-smart-people-are-more-likely-to-believe-fake-news, (Accessed June 12, 2019).

Sarkar, S., Almukaynizi, M., Shakarian, J., Shakarian, P. (2018). Predicting enterprise cyber incidents using social network analysis on the darkweb hacker forums. CoRR arXiv:1811.06537.

Shakarian, P., Simari, G.I., Callahan, D. (2013). Reasoning about complex networks: A logic programming approach. Theory and Practice of Logic Programming, 13. 4-5-Online-Supplement.

Shao, C., Ciampaglia, G.L., Varol, O., Flammini, A., Menczer, F. (2017). The spread of fake news by social bots, (pp 96–104). arXiv:170707592.

Shu, K., Sliva, A., Wang, S., Tang, J., Liu, H. (2017). Fake news detection on social media: A data mining perspective. ACM SIGKDD Explorations Newsletter, 19(1), 22–36.CrossRef

Simari, G.I., Molinaro, C., Martinez, M.V., Lukasiewicz, L, Predoiu, L. (2017). Ontology-based data access leveraging subjective reports, 1st edn.: Springer Publishing Company, Inc.

Subrahmanian, V.S., Azaria, A., Durst, S., Kagan, V., Galstyan, A., Lerman, K., Zhu, L., Ferrara, E., Flammini, A., Menczer, F. (2016). The DARPA twitter bot challenge. IEEE Computer, 49(6), 38–46.CrossRef

Tavabi, N., Goyal, P., Almukaynizi, M., Shakarian, P., Lerman, K. (2018). Darkembed: Exploit prediction with neural language models. In 32nd AAAI conference on artificial intelligence. (AAAI Press).

Yamak, Z., Saunier, J., Vercouter, L. (2018). Sockscatch: Automatic detection and grouping of sockpuppets in social media. Knowledge-Based Systems, 149, 124–142.CrossRef

Zheng, X., Lai, Y.M., Chow, K.P., Hui, L.C., Yiu, S.M. (2011). Sockpuppet detection in online discussion forums. In Proc. international conference on intelligent information hiding and multimedia signal processing, (pp 374–377). IEEE.

Title: NetDER: An Architecture for Reasoning About Malicious Behavior
Authors: Jose N. Paredes
Gerardo I. Simari
Maria Vanina Martinez
Marcelo A. Falappa
Publication date: 13-03-2020
Publisher: Springer US
Published in: Information Systems Frontiers / Issue 1/2021
Print ISSN: 1387-3326
Electronic ISSN: 1572-9419
DOI: https://doi.org/10.1007/s10796-020-10003-w

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2021

An Approach to Extracting Topic-guided Views from the Sources of a Data Lake

Atypical Sample Regularizer Autoencoder for Cross-Domain Human Activity Recognition

Combining Graph Exploration and Fragmentation for Scalable RDF Query Processing

Mining Social Networks to Detect Traffic Incidents

TextBenDS: a Generic Textual Data Benchmark for Distributed Systems

Towards End-to-End Multilingual Question Answering

Premium Partner