Application of System Calls in Abnormal User Behavioral Detection in Social Networks

  • Shizhen Zhang
  • Frank JiangEmail author
  • Min Qin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11434)


Abnormal user detection is one of the key issues in online social network security research. Attackers spread advertising and other malicious messages through stolen accounts, and malicious actions seriously threaten the information security of normal users with the credit system of social networks. For this reason, in the literature, there are a considerable amount of research work which detect abnormal accounts in social networks, however, these efforts ignore the problem of the seamless integration of machine learning with human behaviour-based analysis. This paper reviews the main achievements of abnormal account detection in online social networks in recent years from three aspects: behavioral characteristics, content-based, graph-based, and proposes a new social network abnormal user detection method based on system calls in computer’s kernel. Using enumeration sequence and hidden semi-Markov method, a hierarchical model of anomaly user detection in social networks is established.


Coupled Behavior Analysis Coupled hidden Semi-Markov model Abnormal behavior detection System call 



We applied system calls and investigated their relations to the detection of abnormal behaviors of social network users for the first time. It is a completely new approach. The article has only described the fundamental work in this direction, more work will be reported in the next stage on the new progress on this basis. The authors would like to thank the support of National Natural Science Foundation of China (61762018), the Guangxi 100 Youth Talent Program (F-KA16016) and the Colleges and Universities Key Laboratory of Intelligent Integrated Automation, Guilin University of Electronic Technology, China (GXZDSY2016-03), the research fund of Guangxi Key Lab of Multi-source Information Mining & Security (18-A-02-02), Natural Science Foundation of Guangxi (2018JJA170109).


  1. 1.
    Gao, H., Hu, J., Huang, T.: Security issues in online social networks. IEEE Internet Comput. 5(4), 56–63 (2011)CrossRefGoogle Scholar
  2. 2.
    Caviglione, L., Fire, M., Goldschmidt, R., Elovici, Y.: Online social networks: threats and solutions survey. IEEE Commun. Surv. Tutor. 16(4), 2019–2036 (2013)Google Scholar
  3. 3.
    Merlo, M.A.: A taxonomy-based model of security and privacy in online social networks. Int. J. Comput. Sci. Eng. 9(4), 325–338 (2014)Google Scholar
  4. 4.
    Thomas, K., McCoy, D., Grier, C., Kolcz, A., Paxson, V.: Trafficking fraudulent accounts: The role of the underground market in Twitter spam and abuse. In: Usenix Security Symposium, pp. 195–210 (2013)Google Scholar
  5. 5.
    Huang, T.K., Rahman, M.S., Madhyastha, H.V., Faloutsos, M., Ribeiro, B.: An analysis of socware cascades in online social networks. In: International Conference on World Wide Web, Riode Janeiro, Brazi1, pp. 619–630 (2013)Google Scholar
  6. 6.
    Chu, Z., Gianvecchio, S., Wang, H.: Who is tweeting on Twitter: Human, bot, or cyborg? In: Proceedings of the 26th Annual Computer Security Applications Conference, Austin, USA, pp. 21–30 (2010)Google Scholar
  7. 7.
    Kanich, C., Kreibich, C., Levchenko, K.: Spamalytics: an empirical analysis of spam marketing conversion. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, Alexandria, USA, pp. 3–14 (2008)Google Scholar
  8. 8.
    Amleshwaram, A.A., Reddy, N., Yadav, S.: CATS: characterizing automation of Twitter spammer. In: Proceedings of the 5th International Conference on Communication Systems and Networks, Bangalore, India, pp. 1–10 (2013)Google Scholar
  9. 9.
    Stringhini, G., Kruegel, C., Vigna, G.: Detecting spammers on social networks. In: Proceedings of the 26th Annual Computer Security Applications Conference, Austin, USA, pp. 1–9 (2010)Google Scholar
  10. 10.
    Yang, Z., Wilson, C., Wang, X.: Uncovering social network Sybils in the wild. ACM Trans. Knowl. Discov. 8(1), 2 (2014)Google Scholar
  11. 11.
    Gao, H., Hu, J., Wilson, C.: Detecting and characterizing social spam campaigns. In: Proceedings of the 10th ACM SIGC0MM Conference on Internet Measurement, Melbourne, Australia, pp. 35–47 (2010)Google Scholar
  12. 12.
    Yu, H., Kaminsky, M., Gibbons, P.B.: Sybilguard: defending against Sybil attacks via social networks. IEEE Trans. Netw. 16(3), 576–589 (2008)CrossRefGoogle Scholar
  13. 13.
    Cao, L., Ou, Y., Yu, P.: Coupled behavior analysis with applications. IEEE Trans. Knowl. Data Eng. 24, 1378–1392 (2011)CrossRefGoogle Scholar
  14. 14.
    Brand, M., Oliver, N., Pentland, A.: Coupled hidden markov models for complex action recognition. In: Proceedings of the 1997 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, pp. 994–999 (1997)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Guangxi Normal UniversityGuilinChina

Personalised recommendations