Online Social Network Security
Description
Online social networks (OSNs) are extremely popular among Internet
users.
However, spam originating from friends and acquaintances in OSNs not
only reduces the joy of Internet surfing, but also may cause damage
to less
security-savvy users. While spam filtering techniques have been
significantly
advanced, spammers constantly adapt their spamming strategy to avoid
detection.
In this project, we develop Tangram, a framework that incorporates
multiple heterogeneous techniques
to mitigate OSN spam and to protect OSN users. The heterogeneous
detection
techniques attack spam from different angles and complement each
other.
The system is designed to integrate into the OSN platform. It
inspects the
user generated message stream and block spam message directly. The
process
is transparent to OSN users.
Tangram contains three major detection modules: 1)
online campaign discovery module, 2) spam template generation
module,
and 3) malicious domain group detection module.
The online campaign discovery module and the spam template
generation module
detect OSN spam online, whereas the malicious domain group detection
module
works offline. Although the offline module does not directly detects
OSN spam,
it supplies training samples to the online modules.
People
Collaborators
Projects
Scavenger:
Offline OSN spam detection and
characterization using syntactic similarity.
Online OSN Spam Detection:
Online OSN spam detection
using syntactic similarity and supervised machine learning.
OSN Spam Categorization, Template Generation and Strategy
Inference:
- Empirically confirm that the majority of OSN spam is generated
with underlying templates.
- Identify semantically meaningful segments in OSN spam messages and
use the segments to construct templates to filter future spam.
- Analyze the behavior of detected OSN spammers.
Empirical Reexamination of Global DNS
Behavior:
- Measure a unique dataset containing more than 26 billion DNS query-response pairs collected from more than
600 globally distributed recursive DNS resolvers.
- Detect malicious domain groups using temporal correlation in DNS
queries.
Publication
- Hongyu Gao, Jun Hu, Christo Wilson, Zhichun Li, Yan Chen and Ben Y. Zhao, "Detecting and Characterizing Social Spam Campaigns", in
Proceedings of Internet Measurement Conference, Melbourne, Australia, November 2010.
- Hongyu Gao, Jun Hu, Tuo Huang, Jingnan Wang and Yan Chen, "Security
Issues in Online Social Networks", in IEEE Internet Computing,
Volume 15, No. 4, July/August, 2011, pp. 56-63.
- Hongyu Gao, Yan Chen, Kathy Lee, Diana Palsetia and Alok
Choudhary, "Towards Online Spam Filtering in Social
Networks", in the Proc. of 19th Network & Distributed System
Security Symposium (NDSS), 2012.
- Hongyu Gao, Vinod Yegneswaran, Yan Chen, Phillip Porras, Shalini
Ghosh, Jian Jiang, Haixin Duan, "An Empirical Reexamination of
Global DNS Behavior", in the Proc. of ACM SIGCOMM, 2013
System Release
We make available a list of tools and datasets that we developed in
this project.
-
All the confirmed malicious URLs in the Scavenger project. The URLs come with the UNIX timestamp when they were posted. The data can be
accessed via this link .
-
Our implementation of the prototype syntactic-based spam filtering system. The code can be
accessed via this link .
This available implementation works with Twitter data. The acceptable format is described in the README
of the code.
-
Our implementation of the prototype spam template generation system. The code can be
accessed via
this link.
This available implementation is generally applicable to OSN data. The acceptable format is described in the README
of the code.
-
Our implementation of the
prototype malicious domain group detection system. The code can be
accessed via
this link.
This available implementation works with DNS data captured at Internet
Systems Consortium (ISC), SIE project.