Yinglian Xie
ABSTRACT
This paper presents the design and implementation of Souche, a system that recognizes legitimate users early in online services. This early recognition contributes to both usability and security. Souche leverages social connections established over time. Legitimate users help identify other legitimate users through an implicit vouching process, strategically controlled within vouching trees. Souche is lightweight and fully transparent to users. In our evaluation on a real dataset of several hundred million users, Souche can efficiently identify 85% of legitimate users early, while reducing the percentage of falsely admitted malicious users from 44% to 2.4%. Our evaluation further indicates that Souche is robust in the presence of compromised accounts. It is generally applicable to enhance usability and security for a wide class of online services.
- Cyber-Criminals Shift to Compromised Web Mail Accounts for Spam Delivery. http://www.eweek.com/c/a/Messaging-and-Collaboration/CyberCriminals-Shift-to-Compromised-Web-Mail-Accounts-for-Spam-Delivery-808933/.Google Scholar
- Inside India's CAPTCHA-Solving Economy. http://blogs.zdnet.com/security/?p=1835.Google Scholar
- Message Bounced Due to Sending Limit. http://mail.google.com/support/bin/answer.py?hl=en&answer=22839.Google Scholar
- New Spammer Tactics--Compromised Accounts Now Favored. http://blog.commtouch.com/cafe/dataand-research/new-spammer-tactics.Google Scholar
- Rise in Hacked Gmail, Hotmail, and Yahoo Email. http://www.boxaid.com/word/viruses-and-malware/rise-in-hacked-gmail-hotmailand-yahoo-email.Google Scholar
- Spammers Using Porn to Break Captchas. http://www.schneier.com/blog/archives/2007/11/spammers_using.html.Google Scholar
- Twitter User Reputation Computed from Tweets. http://blog.tagwalk.com/2009/11/twitter-user-reputation-computed-from-tweets.Google Scholar
- Y. Ahn, S. Han, H. Kwak, S. Moon, and H. Jeong. Analysis of Topological Characteristics of Huge Online Social Networking Services. In WWW, 2007. Google ScholarDigital Library
- A. Bonato, J. Janssen, and P. Pralat. A Geometric Model for On-line Social Networks. In Workshop on Online Social Networks (WOSN), 2010. Google ScholarDigital Library
- Y. Boshmaf, I. Muslukhov, K. Beznosov, and M. Ripeanu. The Socialbot Network: When Bots Socialize for Fame and Money. In Proc. of the 27th Annual Computer Security Applications Conference (ACSAC'11), 2011. Google ScholarDigital Library
- P. Boykin and V. P. Roychowdhury. Leveraging Social Networks to Fight Spam. IEEE Computer, 38, 2005. Google ScholarDigital Library
- E. Bursztein, S. Bethard, C. Fabry, J. C. Mitchell, and D. Jurafsky. How Good are Humans at Solving CAPTCHAs? A Large Scale Evaluation. In IEEE Syposium of Security and Privacy, 2010. Google ScholarDigital Library
- Q. Cao, M. Sirivianos, X. Yang, and T. Pregueiro. Aiding the Detection of Fake Accounts in Large Scale Social Online Services. In NSDI, 2012. Google ScholarDigital Library
- P. Chirita, J. Diederich, and W. Nejdl. MailRank: Global Attack-Resistant Whitelists for Spam Detection. In Conference on Information and Knowledge Management (CIKM), 2005. Google ScholarDigital Library
- G. Danezis and P. Mittal. SybilInfer: Detecting Sybil Nodes using Social Networks. In NDSS, 2009.Google Scholar
- J. Douceur. The Sybil Attack. In IPTPS, 2002. Google ScholarDigital Library
- J. Golbeck. Computing with Social Trust. Springer, 2008. Google ScholarDigital Library
- C. Grier, , K. Thomas, V. Paxson, and M. Zhang. @spam: The Underground on 140 Characters or Less. In CCS, 2010. Google ScholarDigital Library
- S. Hao, N. A. Syed, N. Feamster, A. G. Gray, and S. Krasser. Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine. In USENIX Security, 2009. Google ScholarDigital Library
- J. Kleinberg. The Small-World Phenomenon: An Algorithmic Perspective. In Proc. 32nd ACM Symposium on Theory of Computing, 2000. Google ScholarDigital Library
- A. Mislove, M. Marcon, K. P. Gummadi, P. Druschel, and B. Bhattacharjee. Measurement and Analysis of Online Social Networks. In IMC, 2007. Google ScholarDigital Library
- A. Mohaisen, A. Yun, and Y. Kim. Measuring the Mixing Time of Social Graphs. In IMC, 2010. Google ScholarDigital Library
- M. Motoyama, K. Levchenko, C. Kanich, D. McCoy, G. M. Voelker, and S. Savage. Re: CAPTCHAs--Understanding CAPTCHA-Solving Services in an Economic Context. In Usenix Security, 2010. Google ScholarDigital Library
- A. P. V. Shah and A. Mislove. Bazaar: Strengthening User Reputations in Online Marketplaces. In NSDI, 2011. Google ScholarDigital Library
- N. Tran, J. Li, L. Subramanian, and S. S. Chow. Optimal Sybil-resilient Node Admission Control. In Infocom, 2011.Google ScholarCross Ref
- N. Tran, B. Min, J. Li, and L. Subramanian. Sybil-Resilient Online Content Voting. In NSDI, 2009. Google ScholarDigital Library
- B. Viswanath, K. P. Gummadi, A. Post, and A. Mislove. An Analysis of Social Network-Based Sybil Defenses. In SIGCOMM, 2010. Google ScholarDigital Library
- C. Wilson, B. Boe, A. Sala, K. P. N. Puttaswamy, and B. Y. Zhao. User Interactions in Social Networks and their Implications. In EuroSys, 2009. Google ScholarDigital Library
- Y. Xie, F. Yu, K. Achan, R. Panigrahy, G. Hulten, and I. Osipkov. Spamming Botnets: Signatures and Characteristics. In SIGCOMM, 2008. Google ScholarDigital Library
- Z. Yang, C. Wilson, X. Wang, T. Gao, B. Y. Zhao, and Y. Dai. Uncovering Social Network Sybils in the Wild. In IMC, 2011. Google ScholarDigital Library
- H. Yu, P. B. Gibbons, M. Kaminsky, and F. Xiao. SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks. In IEEE Symposium on Security and Privacy, 2008. Google ScholarDigital Library
- H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. SybilGuard: Defending Against Sybil Attacks via Social Networks. In SIGCOMM, 2006. Google ScholarDigital Library
- Y. Yu, M. Isard, D. Fetterly, M. Budiu, U. Erlingsson, P. K. Gunda, and J. Currey. DryadLINQ: A System for General-Purpose Distributed Data-Parallel Computing Using a High-Level Language. In OSDI, 2008. Google ScholarDigital Library
- Y. Zhao, Y. Xie, F. Yu, Q. Ke, Y. Yu, Y. Chen, and E. Gillum. BotGraph: Large Scale Spamming Botnet Detection. In NSDI, 2009. Google ScholarDigital Library
Index Terms
- Innocent by association: early recognition of legitimate users
Recommendations
Consequences of Connectivity: Characterizing Account Hijacking on Twitter
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications SecurityIn this study we expose the serious large-scale threat of criminal account hijacking and the resulting damage incurred by users and web services. We develop a system for detecting large-scale attacks on Twitter that identifies 14 million victims of ...
"My religious aunt asked why i was trying to sell her viagra": experiences with account hijacking
CHI '14: Proceedings of the SIGCHI Conference on Human Factors in Computing SystemsWith so much of our lives digital, online, and not entirely under our control, we risk losing access to our communications, reputation, and data. Recent years have brought a rash of high-profile account compromises, but account hijacking is not limited ...
Analysis of a social engineering threat to information security exacerbated by vulnerabilities exposed through the inherent nature of social networking websites
InfoSecCD '09: 2009 Information Security Curriculum Development ConferenceSocial engineering is defined as "a process in which an attacker attempts to acquire information about your network and system by social means." Social networking websites are those where one person creates a message and presents it to an audience, ...
Comments