In recent years, online social networks have grown rapidly and today offer users endless possibilities for publicly expressing themselves, communicating with friends, and sharing information with people across the world. A recent survey estimated that 65% of adult internet users interface with online social network sites.
Online social networks allow users to communicate with one another for various personal and professional purposes. Those users that have been identified by another user as a person with whom there is a preference to grant access to personal information are considered “friends”. After a friendship has been established, a friend is able to access multimedia information posted in an account of the user that granted the friendship.
Due to the friendly nature of social networks such as Facebook, users tend to disclose many personal details about themselves and about their connections. Moreover, Bosmaf et al (“The socialbot network: when bots socialize for fame and money”, Proceedings of the 27th Annual Computer Security Applications Conference. ACM, 2011, pp. 93-102) discovered that an average of 80% of studied Facebook users accepted friend requests from people they do not know if they share more than 11 mutual friends.
In many cases, accepting a friend request from strangers may result in exposure of a user's personal information to unknown third parties. In addition, personal user information can be exposed to third party applications running on the social network. Another privacy concern deals with existing privacy settings which, for the majority of users, do not match security expectations. Accordingly, many users accidently or unknowingly publish private information, leaving them more exposed than they thought.
If a user's personal information is disclosed to a third malicious party, the personal information can be used to threaten the user both online and in the real world. For example, a malicious user can use the gained personal information and send customized spam messages to the user in an attempt to lure such users onto malicious websites or blackmail them into transferring money to the attacker's account.
In recent years, online social network such as Facebook, Twitter, Google+, MySpace, BEBO, and ACADEMIA.EDU have been growing at exponential rates and serving hundreds of millions of users on a daily basis. The Facebook social network, for example, was founded in 2004 and had more than 845 million monthly active users at the end of December 2011. Facebook users averagely have 130 friends and create 90 pieces of content each month. Due to the sharing nature of online social networks, users expose many personal details about themselves. Details, such as date of birth, email address, high school name and even their phone numbers are frequently exposed.
The existing attacks include identity-theft, user de-antonymization, inferring attacks, viruses, click-jacking, phishing, reverse social engineering and social bots. Cybercriminal attackers can use a combination of attacks in order to collect users' personal information and gain their trust. By using the user's collected personal information, an attacker can send personally crafted spam messages in order to lure these users into malicious websites, or even blackmail them to transfer money to the attacker's account. In some cases, the attacker can be an online “predator”, using online attacks in order to gain information that will enable him to obtain the user's trust and convince the user to meet him in the real world.
In order to cover their tracks, social network attackers can use fake profiles. In fact, the number of fake profiles on Facebook can number tens of millions.
Social Networks Threats
Today, an average user spends more time on popular social networking sites than on any other site. With the increasing usage of online social networks, they have become fertile ground for spammers, cybercriminals, and many other threats. These threats put social networks users at risk due to the fact that the users of these networks tend to publish personal information about themselves. This information is sensitive and may cause serious harm if obtained by the wrong people. A research carried out (by Acquisti et al: “Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook”, 2006) evaluated the amount of personal information exposed by users on Facebook and concluded that many Facebook users disclose personal information about themselves.
Another disturbing fact was that around 80% of Facebook users accept friend requests from people they do not know if they have more than 11 mutual friends. By accepting these friendship requests, users disclose their private information to strangers. Moreover, by accepting friendship requests from strangers, users can expose their friends to inference attacks.
Fake profiles have been detected in real online social networks that use the social networks as a platform for collecting users' data (also known as Friend Infiltrators), spammers and even distributers of sexual content (also known as Pornographic Storytellers).
In recent years, social networks users have been exposed to additional types of attacks. These attacks include:
a) viruses which use the social networks as convenient spreading platforms
b) click-jacking attacks that try to hijack the user's web sessions
c) phishing attacks that try to fraudulently acquire a user's sensitive information by impersonating a trustworthy third party
d) spammers that uses the user's social network data in order to send tailored spam messages to the user
e) user de-anonymization attacks that attempt to expose the identity of the user
f) social-bots, consisting of a massive group of fake profiles which aim to harvest users' personal data
g) clones and identity theft attacks, where the attackers duplicate a user's online presence in the same network or across different networks in order to mock the cloned user's friends by forming a trusting relation with the cloned profile. Online “predators” can also use social networks as a platform for finding their next victim. They attempt to do so by collecting personal information, gaining trust, and arranging an encounter in the real world.
Several solutions have been proposed by security companies, social networks operators, and by academic researchers In order to overcome these threats. Social networks operators try to protect their users by adding authentication processes in order to ensure that the registered user is a real person. Many social network operators also support a configurable user privacy setting that enables users to protect their personal data from other users on the network. Additional protection includes defense means against spammers, fake profiles, scams, and other threats. For example, Facebook users can report about abuse or policy violation attempts by other users in the network. In some countries, social networks such as Facebook and BEBO also added a “Panic Button” in order to better protect young people from other users on the social network. Security companies such as CheckPoint Software Technologies Ltd (Tel Aviv, Israel) and UnitedParents offer users of social networks tools to protect themselves. For example, the Checkpoint's SocialGuard software aims to protect users from cyberbullies, predators, dangerous links, and strangers on Facebook.
Several attempts were made to propose solutions to different social networks threats. DeBarr et al (“Using social network analysis for spam detection”, Advances in Social Computing 2010, pp. 62-69) used the graph centrality measure in order to predict whether a user is likely to send spam. Wang (“Don't follow me: Spam detection in twitter, Security and Cryptography (SECRYPT), Proceedings of the 2010 International Conference on, IEEE, pp. 1-10) proposed a method to classify spammers on Twitter by using content and graph based features.
Bosma et al. (“A framework for unsupervised spam detection in social networking sites”, Lecture Notes in Computer Science Volume 7224, 2012, pp. 364-375) proposed a spam detection framework, based on the HITS web link analysis framework. Stringhini et al (“Detecting spammers on social networks”, Proceedings of the 26th Annual Computer Security Applications Conference 2010, ACM, pp. 1-9) proposed a solution for detecting spammers in social networks and suggested a way for detecting spammers on Twitter, Facebook and MySpace social networks by using “honey-profiles”. Stringhini et al also proposed a method for detecting spammer profiles by using supervised learning algorithms. Lee et al presented a method for detecting social spammers of different types by using honey-pots combined with machine learning algorithms. Kontaxis et al (“Detecting social network profile cloning”, PERCOM Workshops, 2011 IEEE International Conference IEEE, pp. 295-300) proposed a method for detecting social network profile cloning by designing and implementing a prototype that can be employed by users and assist in investigating whether the users have fallen victim to clone attacks.
It is therefore an object of the present invention to provide a method for effectively detecting spammers and fake profiles in social networks.
Other objects and advantages of the invention will become apparent as the description proceeds.