Application of System Calls in Abnormal User Behavioral Detection in Social Networks
Abnormal user detection is one of the key issues in online social network security research. Attackers spread advertising and other malicious messages through stolen accounts, and malicious actions seriously threaten the information security of normal users with the credit system of social networks. For this reason, in the literature, there are a considerable amount of research work which detect abnormal accounts in social networks, however, these efforts ignore the problem of the seamless integration of machine learning with human behaviour-based analysis. This paper reviews the main achievements of abnormal account detection in online social networks in recent years from three aspects: behavioral characteristics, content-based, graph-based, and proposes a new social network abnormal user detection method based on system calls in computer’s kernel. Using enumeration sequence and hidden semi-Markov method, a hierarchical model of anomaly user detection in social networks is established.
KeywordsCoupled Behavior Analysis Coupled hidden Semi-Markov model Abnormal behavior detection System call
We applied system calls and investigated their relations to the detection of abnormal behaviors of social network users for the first time. It is a completely new approach. The article has only described the fundamental work in this direction, more work will be reported in the next stage on the new progress on this basis. The authors would like to thank the support of National Natural Science Foundation of China (61762018), the Guangxi 100 Youth Talent Program (F-KA16016) and the Colleges and Universities Key Laboratory of Intelligent Integrated Automation, Guilin University of Electronic Technology, China (GXZDSY2016-03), the research fund of Guangxi Key Lab of Multi-source Information Mining & Security (18-A-02-02), Natural Science Foundation of Guangxi (2018JJA170109).
- 2.Caviglione, L., Fire, M., Goldschmidt, R., Elovici, Y.: Online social networks: threats and solutions survey. IEEE Commun. Surv. Tutor. 16(4), 2019–2036 (2013)Google Scholar
- 3.Merlo, M.A.: A taxonomy-based model of security and privacy in online social networks. Int. J. Comput. Sci. Eng. 9(4), 325–338 (2014)Google Scholar
- 4.Thomas, K., McCoy, D., Grier, C., Kolcz, A., Paxson, V.: Trafficking fraudulent accounts: The role of the underground market in Twitter spam and abuse. In: Usenix Security Symposium, pp. 195–210 (2013)Google Scholar
- 5.Huang, T.K., Rahman, M.S., Madhyastha, H.V., Faloutsos, M., Ribeiro, B.: An analysis of socware cascades in online social networks. In: International Conference on World Wide Web, Riode Janeiro, Brazi1, pp. 619–630 (2013)Google Scholar
- 6.Chu, Z., Gianvecchio, S., Wang, H.: Who is tweeting on Twitter: Human, bot, or cyborg? In: Proceedings of the 26th Annual Computer Security Applications Conference, Austin, USA, pp. 21–30 (2010)Google Scholar
- 7.Kanich, C., Kreibich, C., Levchenko, K.: Spamalytics: an empirical analysis of spam marketing conversion. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, Alexandria, USA, pp. 3–14 (2008)Google Scholar
- 8.Amleshwaram, A.A., Reddy, N., Yadav, S.: CATS: characterizing automation of Twitter spammer. In: Proceedings of the 5th International Conference on Communication Systems and Networks, Bangalore, India, pp. 1–10 (2013)Google Scholar
- 9.Stringhini, G., Kruegel, C., Vigna, G.: Detecting spammers on social networks. In: Proceedings of the 26th Annual Computer Security Applications Conference, Austin, USA, pp. 1–9 (2010)Google Scholar
- 10.Yang, Z., Wilson, C., Wang, X.: Uncovering social network Sybils in the wild. ACM Trans. Knowl. Discov. 8(1), 2 (2014)Google Scholar
- 11.Gao, H., Hu, J., Wilson, C.: Detecting and characterizing social spam campaigns. In: Proceedings of the 10th ACM SIGC0MM Conference on Internet Measurement, Melbourne, Australia, pp. 35–47 (2010)Google Scholar
- 14.Brand, M., Oliver, N., Pentland, A.: Coupled hidden markov models for complex action recognition. In: Proceedings of the 1997 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, pp. 994–999 (1997)Google Scholar