Advertisement

Friend or foe? Fake profile identification in online social networks

  • Michael Fire
  • Dima Kagan
  • Aviad Elyashar
  • Yuval Elovici
Original Article

Abstract

The amount of personal information involuntarily exposed by users on online social networks is staggering, as shown in recent research. Moreover, recent reports indicate that these networks are inundated with tens of millions of fake user profiles, which may jeopardize the user’s security and privacy. To identify fake users in such networks and to improve users’ security and privacy, we developed the Social Privacy Protector (SPP) software for Facebook. This software contains three protection layers that improve user privacy by implementing different methods to identify fake profiles. The first layer identifies a user’s friends who might pose a threat and then restricts the access these “friends” have to the user’s personal information. The second layer is an expansion of Facebook’s basic privacy settings based on different types of social network usage profiles. The third layer alerts users about the number of installed applications on their Facebook profile that has access to their private information. An initial version of the SPP software received positive media coverage, and more than 3,000 users from more than 20 countries have installed the software, out of which 527 have used the software to restrict more than 9,000 friends. In addition, we estimate that more than 100 users have accepted the software’s recommendations and removed nearly 1,800 Facebook applications from their profiles. By analyzing the unique dataset obtained by the software in combination with machine learning techniques, we developed classifiers that are able to predict Facebook profiles with a high probability of being fake and consequently threaten the user’s security and privacy. Moreover, in this study, we present statistics generated by the SPP software on both user privacy settings and the number of applications installed on Facebook profiles. These statistics alarmingly demonstrate how vulnerable Facebook users’ information is to both fake profile attacks and third-party Facebook applications.

Keywords

Online Social Network Privacy Setting Machine Learning Classifier Restriction Interface Friend Request 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Notes

Acknowledgments

We would like to thank Elizabeth Huesing and Sawsan Brik for proofreading this article. Especially, we want to thank Carol Teegarden for her editing expertise and endless helpful advice which guided this article to completion. We also want to thank the anonymous reviewers for their helpful comments.

References

  1. Altshuler Y, Fire M, Aharony N, Elovici Y, Pentland A (2012) How many makes a crowd? On the evolution of learning as a factor of community coverage. In: Social computing, behavioral-cultural modeling and prediction. Springer, Berlin Heidelberg, pp 43–52 Google Scholar
  2. Anwar M, Fong PW (2012) A visualization tool for evaluating access control policies in facebook-style social network systems. In: Proceedings of the 27th annual ACM symposium on applied computing, ACM, pp 1443–1450Google Scholar
  3. Benevenuto F, Magno G, Rodrigues T, Almeida V (2010) Detecting spammers on twitter. In: Collaboration, electronic messaging, anti-abuse and spam conference (CEAS), vol 6, p 12Google Scholar
  4. Bigos A (2012) New facebook app helps protect kids against online criminals. http://www.foxcharlotte.com/news/top-stories/New-Facebook-App-Helps-Protects-Kids-Against-Online-Criminals-162540726.html. Accessed 21 Sept 2012
  5. Boshmaf Y, Muslukhov I, Beznosov K, Ripeanu M (2011) The socialbot network: when bots socialize for fame and money. In: Proceedings of the 27th annual computer security applications conference, ACM, pp 93–102Google Scholar
  6. Chawla N, Bowyer K, Hall L, Kegelmeyer W (2011) Smote: synthetic minority over-sampling technique. arXiv, preprint arXiv:11061813Google Scholar
  7. Cukierski WJ, Hamner B, Yang B (2011) Graph-based features for supervised link prediction. In: IEEE International Joint Conference on Neural Networks (IJCNN), pp 1237–1244Google Scholar
  8. DeBarr D, Wechsler H (2010) Using social network analysis for spam detection. In: Chai S, Salerno JJ, Mabry PL (eds) Proceedings of the third international conference on social computing, behavioral modeling, and prediction (SBP’10). Springer-Verlag, Berlin, Heidelberg, pp 62–69Google Scholar
  9. Egele M, Moser A, Kruegel C, Kirda E (2011) Pox: Protecting users from malicious facebook applications. In: IEEE international conference on pervasive computing and communications workshops (PERCOM workshops), 2011, pp 288–294Google Scholar
  10. Facebook I (2012) Quarterly report pursuant to section 13 or 15(d) of the securities exchange act of 1934. http://www.sec.gov/Archives/edgar/data/1326801/000119312512325997/d371464d10q.htm#tx371464\_14Google Scholar
  11. Fire M, Tenenboim L, Lesser O, Puzis R, Rokach L, Elovici Y (2011) Link prediction in social networks using computationally efficient topological features. In: Privacy, Security, Risk and Trust (PASSAT), 2011 IEEE third international conferenee on social computing (SocialCom), IEEE, pp 73–80Google Scholar
  12. Fire M, Kagan D, Elisahr A, Elovici Y (2012a) Social privacy protector official website. http://socialprotector.net/,. Accessed 21, Sept 2012
  13. Fire M, Kagan D, Elishar A, Elovici Y (2012b) Social privacy protector-protecting users’ privacy in social networks. In: SOTICS 2012, the second international conference on social eco-informatics, pp 46–50Google Scholar
  14. Fire M, Katz G, Elovici Y (2012c) Strangers intrusion detection-detecting spammers and fake profiles in social networks based on topology anomalies. ASE Hum J 1(1):26–39Google Scholar
  15. Fire M, Tenenboim-Chekina L, Puzis R, Lesser O, Rokach L, Elovici Y (2013) Computationally efficient link prediction in a variety of social networks. ACM Trans Intell Syst Technol (TIST) 5(1):10Google Scholar
  16. Guha R, Kumar R, Raghavan P, Tomkins A (2004) Propagation of trust and distrust. In: Proceedings of the 13th international conference on World Wide Web, ACM, pp 403–412Google Scholar
  17. Hall M, Frank E, Holmes G, Pfahringer B, Reutemann P, Witten I (2009) The weka data mining software: an update. ACM SIGKDD Explor Newslett 11(1):10–18CrossRefGoogle Scholar
  18. Hasan MA, Chaoji V, Salem S, Zaki M (2006) Link prediction using supervised learning. SDM workshop of link analysis, counterterrorism and securityGoogle Scholar
  19. Kahanda I, Neville J (2009) Using transactional information to predict link strength in online social networks. In: Proceedings of the third international conference on weblogs and social media (ICWSM).Google Scholar
  20. Kuzma J (2011) Account creation security of social network sites. Inter J Appl Sci Technol 1(3):8–13Google Scholar
  21. Lee K, Caverlee J, Webb S (2010) Uncovering social spammers: social honeypots+ machine learning. In: Proceeding of the 33rd international ACM SIGIR conference on research and development in information retrieval, ACM, pp 435–442Google Scholar
  22. Leskovec J, Huttenlocher D, Kleinberg J (2010) Predicting positive and negative links in online social networks. In: Proceedings of the 19th international conference on World wide web, ACM, pp 641–650Google Scholar
  23. Liben-Nowell D, Kleinberg J (2007) The link-prediction problem for social networks. J Am Soc Inform Sci Technol 58(7):1019–1031CrossRefGoogle Scholar
  24. Liu Y, Gummadi K, Krishnamurthy B, Mislove A (2011) Analyzing facebook privacy settings: User expectations vs. reality. In: Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference, ACM, pp 61–70Google Scholar
  25. Madden M, Zickuhr K (2011) 65% of online adults use social networking sites. http://pewinternet.org/Reports/2011/Social-Networking-Sites.aspx
  26. Mahmood S, Desmedt Y (2011) Poster: preliminary analysis of google+’s privacy. In: Proceedings of the 18th ACM conference on computer and communications security, ACM, pp 809–812Google Scholar
  27. Nazir A, Raza S, Chuah CN, Schipper B, Davis C (2010) Ghostbusting facebook: detecting and characterizing phantom profiles in online social gaming applications. Proceedings of SIGCOMM WOSNGoogle Scholar
  28. Nelson S, Simek J, Foltin J (2009) The legal implications of social networking. Regent UL Rev 22:1–481Google Scholar
  29. Nielsen (2011) The social media report. http://blog.nielsen.com/nielsenwire/social/,. Accessed April 7, 2014
  30. Paul G, Maitra S (2011) RC4 stream cipher and its variants. CRC Press, New YorkGoogle Scholar
  31. Popkin H (2012) Facebook app helps ferret out pedophiles. http://www.nbcnews.com/technology/technolog/facebook-app-helps-ferret-out-pedophiles-871761,. Accessed 21 Sept 2012
  32. Rahman M, Huang T, Madhyastha H, Faloutsos M (2012a) Efficient and scalable socware detection in online social networks. In: Proceedings of the 21st USENIX conference on security symposium, USENIX association, pp 32–32Google Scholar
  33. Rahman MS, Huang TK, Madhyastha HV, Faloutsos M (2012b) Frappe: detecting malicious facebook applications. In: Proceedings of the 8th international conference on emerging networking experiments and technologies, ACM, pp 313–324Google Scholar
  34. Sakaki T, Okazaki M, Matsuo Y (2010) Earthquake shakes twitter users: real-time event detection by social sensors. In: Proceedings of the 19th international conference on World wide web, ACM, pp 851–860Google Scholar
  35. Smith A (2014) 6 new facts about facebook. http://www.pewresearch.org/fact-tank/2014/02/03/6-new-facts-about-facebook/,. Accessed April 7, 2014
  36. Stein T, Chen E, Mangla K (2011) Facebook immune system. In: Proceedings of the 4th workshop on social network systems, ACM, p 8Google Scholar
  37. Stringhini G, Kruegel C, Vigna G (2010) Detecting spammers on social networks. In: Proceedings of the 26th annual computer security applications conference, ACM, pp 1–9Google Scholar
  38. Wang A (2010) Don’t follow me: Spam detection in twitter. In: Security and cryptography (SECRYPT), proceedings of the 2010 international conference on, IEEE, pp 1–10Google Scholar
  39. Wang G, Konolige T, Wilson C, Wang X, Zheng H, Zhao BY (2013) You are how you click: clickstream analysis for sybil detection. In: USENIX security symposium, Washington, DCGoogle Scholar
  40. Xiang R, Neville J, Rogati M (2010) Modeling relationship strength in online social networks. In: Proceedings of the 19th international conference on World wide web, ACM, pp 981–990Google Scholar
  41. Yang Z, Wilson C, Wang X, Gao T, Zhao BY, Dai Y (2011) Uncovering social network sybils in the wild. In: Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference, ACM, pp 259–268Google Scholar

Copyright information

© Springer-Verlag Wien 2014

Authors and Affiliations

  • Michael Fire
    • 1
  • Dima Kagan
    • 1
  • Aviad Elyashar
    • 1
  • Yuval Elovici
    • 1
  1. 1.Telekom Innovation Laboratories at Ben-Gurion University of the Negev, Department of Information Systems EngineeringBen Gurion UniversityBeer ShevaIsrael

Personalised recommendations