Encyclopedia of Social Network Analysis and Mining

2018 Edition
| Editors: Reda Alhajj, Jon Rokne


  • Abigail ParadiseEmail author
  • Rami Puzis
  • Asaf Shabtai
Reference work entry
DOI: https://doi.org/10.1007/978-1-4939-7131-2_110212



Advanced persistent threat (APT)

A class of sophisticated cyber-attacks that target organizations


A means of compromising the social network graph by connecting with a large number of users; socialbots can be executed to infiltrate social networks

Influence bots

A bot that tries to influence conversation on a specific topic


An artificial, machine-operated profile in a social network that mimics human users, looks genuine, and behaves in a sophisticated manner


A computer program designed to help send spam

Sybil attack

A type of attack in which a malicious user creates multiple fake identities (Sybils) in order to unfairly increase power and influence within a target community


In recent years, online social networks (OSNs) are becoming an essential part of our lives. However, OSNs have also been abuses by cyber criminals that exploit the platform for malicious purposes...

This is a preview of subscription content, log in to check access.


  1. Abokhodair N, Yoo D, McDonald DW (2015) Dissecting a social botnet: growth, content and influence in Twitter. In: Proceedings of the 18th ACM conference on computer supported cooperative work & social computing, pp 839–851Google Scholar
  2. Ahmad I (2015) How many internet and #SocialMedia users are fake? http://www.digitalinformationworld.com/2015/04/infographic-how-many-internets-users-are-fake.html. Accessed 2 Apr 2015
  3. Aiello LM, Deplano M, Schifanella R, Ruffo G (2012) People are strange when you’re a stranger: impact and influence of bots on social networks. Links 697(483,151):1–566Google Scholar
  4. Ask M, Bondarenko P, Rekdal JE, Nordbø A, Bloemerus P, Piatkivskyi D (2013) Advanced persistent threat (APT) beyond the hype. Project report in IMT4582 Network security at GjoviN University College, SpringerGoogle Scholar
  5. Benevenuto F, Magno G, Rodrigues T, Almeida V (2010) Detecting spammers on twitter. In: CEAS, The seventh annual collaboration, electronic messaging, anti-abuse and spam conference, July 2010, vol 6, p 12Google Scholar
  6. Berger JM, Morgan J (2015) The ISIS Twitter census: defining and describing the population of ISIS supporters on Twitter. The Brookings project on US relations with the Islamic World 3(20)Google Scholar
  7. Beutel A, Xu W, Guruswami V, Palow C, Faloutsos C (2013) Copycatch: stopping group attacks by spotting lockstep behavior in social networks. In: Proceedings of the 22nd international conference on World Wide Web, pp 119–130Google Scholar
  8. Bilge L, Strufe T, Balzarotti D, Kirda E (2009) All your contacts are belong to us: automated identity theft attacks on social networks. In: Proceedings of the 18th international conference on World wide web, pp 551–560Google Scholar
  9. Bokobza Y, Paradise A, Rapaport G, Puzis R, Shapira B, Shabtai A (2015) Leak sinks: the threat of targeted social eavesdropping. In: 2015 IEEE/ACM international conference on advances in social networks analysis and mining, pp 375–382Google Scholar
  10. Boshmaf Y, Muslukhov I, Beznosov K, Ripeanu M (2011) The socialbot network: when bots socialize for fame and money. In: Proceedings of the 27th annual computer security applications conference, pp 93–102Google Scholar
  11. Boshmaf Y, Muslukhov I, Beznosov K, Ripeanu M (2012) Key challenges in defending against malicious socialbots. In: Presented as part of the 5th USENIX workshop on large-scale exploits and emergent threatsGoogle Scholar
  12. Boshmaf Y, Muslukhov I, Beznosov K, Ripeanu M (2013) Design and analysis of a social botnet. Comput Netw 57(2):556–578CrossRefGoogle Scholar
  13. Boshmaf Y, Ripeanu M, Beznosov K, Santos-Neto E (2015) Thwarting fake OSN profiles by predicting their victims. In: Proceedings of the 8th ACM workshop on artificial intelligence and security, pp 81–89Google Scholar
  14. Burghouwt P, Spruit M, Sips H (2011) Towards detection of botnet communication through social media by monitoring user activity. In: International conference on information systems security. Springer, Berlin/Heidelberg, pp 131–143CrossRefGoogle Scholar
  15. Cao Q, Sirivianos M, Yang X, Pregueiro T (2012) Aiding the detection of fake profiles in large scale social online services. In: Proceedings of the 9th USENIX conference on networked systems design and implementation, pp 15–15Google Scholar
  16. Cao Q, Yang X, Yu J, Palow C (2014) Uncovering large groups of active malicious profiles in online social networks. In: Proceedings of the 2014 ACM SIGSAC conference on computer and communications security, pp 477–488Google Scholar
  17. Chen P, Desmet L, Huygens C (2014) A study on advanced persistent threats. In: Communications and multimedia security, pp 63–72Google Scholar
  18. Chu Z, Gianvecchio S, Wang H, Jajodia S (2010) Who is tweeting on Twitter: human, bot, or cyborg? In: Proceedings of the 26th annual computer security applications conference, pp 21–30Google Scholar
  19. Danezis G, Mittal P (2009) SybilInfer: detecting sybil nodes using social networks. In: NDSS, presented at NDSS, California, 8–11 Feb 2009Google Scholar
  20. Davis CA, Varol O, Ferrara E, Flammini A, Menczer F (2016) Botornot: a system to evaluate social bots. In: Proceedings of the 25th international conference companion on World Wide Web, pp 273–274Google Scholar
  21. Dickerson JP, Kagan V, Subrahmanian VS (2014) Using sentiment to detect bots on Twitter: are humans more opinionated than bots? In: Advances in social networks analysis and mining (ASONAM), 2014 IEEE/ACM international conference on, pp 620–627Google Scholar
  22. Douceur JR (2002) The sybil attack. In: International workshop on peer-to-peer systems, pp 251–260Google Scholar
  23. Egele M, Stringhini G, Kruegel C, Vigna G (2015) Towards detecting compromised profiles on social networks. IEEE Trans Dependable Secure ComputGoogle Scholar
  24. Elyashar A, Fire M, Kagan D, Elovici Y (2013) Homing socialbots: intrusion on a specific organization’s employee using Socialbots. In: Proceedings of the 2013 IEEE/ACM international conference on ASONAM, pp 1358–1365Google Scholar
  25. Elyashar A, Fire M, Kagan D, Elovici Y (2014) Guided socialbots: infiltrating the social networks of specific organizations’ employees. AI Commun 29(1):87–106MathSciNetCrossRefGoogle Scholar
  26. Ferrara E (2015) Manipulation and abuse on social media by Emilio Ferrara with Ching-man Au Yeung as coordinator. ACM SIGWEB Newsletter, (Spring):4Google Scholar
  27. Ferrara E, Varol O, Davis C, Menczer F, Flammini A (2014) The rise of social bots. arXiv preprint arXiv:1407.5225Google Scholar
  28. Finkle J (2014) “Pony” botnet steals bitcoins, digital currencies: Trustwave. http://www.reuters.com/article/us-bitcoin-security-idUSBREA1N1JO20140224. Accessed 1 Jan 2014
  29. Fire M, Puzis R (2012) Organization mining using online. Netw Spatial Econ 16(2):545–578MathSciNetzbMATHCrossRefGoogle Scholar
  30. Freitas CA, Benevenuto F, Ghosh S, Veloso A (2014) Reverse engineering socialbot infiltration strategies in twitter. arXiv preprint arXiv:1405.4927Google Scholar
  31. Gee G, Teh H (2010) Twitter spammer profile detection. UnpublishedGoogle Scholar
  32. Gilbert E, Karahalios K (2009) Predicting tie strength with social media. In: Proceedings of the SIGCHI conference on human factors in computing systems, pp 211–220Google Scholar
  33. Holz T, Steiner M, Dahl F, Biersack E, Freiling FC (2008) Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm. LEET 8(1):1–9Google Scholar
  34. Hwang T, Pearce I, Nanis M (2012) Socialbots: voices from the fronts. Interactions 19(2):38–45CrossRefGoogle Scholar
  35. Ji Y, He Y, Jiang X, Li Q (2014) Towards social botnet behavior detecting in the end host. In: 2014 20th IEEE international conference on parallel and distributed systems (ICPADS), pp 320–327Google Scholar
  36. Ji Y, He Y, Jiang X, Cao J, Li Q (2016) Combating the evasion mechanisms of social bots. Computers & Security 58:230–249CrossRefGoogle Scholar
  37. Jin X, Lin C, Luo J, Han J (2011) A data mining-based spam detection system for social media networks. Proceedings VLDB Endowment 4(12):1458–1461Google Scholar
  38. Jin L, Joshi JB, Anwar M (2013) Mutual-friend based attacks in social network systems. Comput Secur 37:15–30CrossRefGoogle Scholar
  39. Jurgens D (2013) That’s what friends are for: inferring location in online social media platforms based on social relationships. ICWSM 13:273–282Google Scholar
  40. Karlinsky A (2014) How cybercriminals monetize information obtained from social networks. https://securityintelligence.com/how-cybercriminals-monetize-information-obtained-from-social-networks/. Accessed 3 Sep 2014
  41. Kim Y, Kim I, Park N (2014) Analysis of cyber attacks and security intelligence. In: Mobile, ubiquitous, and intelligent computing, pp 489–494Google Scholar
  42. Krombholz K, Merkl D, Weippl E (2012) Fake identities in social media: a case study on the sustainability of the Facebook business model. J Serv Sci Res 4(2):175–212CrossRefGoogle Scholar
  43. Kwak H, Lee C, Park H, Moon S (2010) What is Twitter, a social network or a news media? In: Proceedings of the 19th international conference on World wide web, pp 591–600Google Scholar
  44. Lee K, Caverlee J, Webb S (2010) Uncovering social spammers: social honeypots+ machine learning. In: Proceedings of the 33rd international ACM SIGIR conference on research and development in information retrieval, pp 435–442Google Scholar
  45. Lee K, Eoff BD, Caverlee J (2011) Seven months with the devils: a long-term study of content polluters on Twitter. Paper presented at the ICWSM, Barcelona, 17–21 Jul 2011Google Scholar
  46. Magdon-Ismail M, Orecchio B (2012) Guard your connections: infiltration of a trust/reputation based network. In: Proceedings of the 4th annual ACM web science conference, pp 195–204Google Scholar
  47. Mahmoud M, Nir M, Matrawy A (2015) A survey on botnet architectures, detection and defences. Int J Network Security 17(3):264–281Google Scholar
  48. Mccord M, Chuah M (2011) Spam detection on twitter using traditional classifiers. In: Autonomic and trusted computing, pp 175–186Google Scholar
  49. Messias J, Schmidt L, Oliveira R, Benevenuto F (2013) You followed my bot! Transforming robots into influential users in Twitter. First Monday, 18, 7–1 July 2013Google Scholar
  50. Mitter CW, Strohmaier M (2013) Understanding the impact of socialbot attacks in online social networks. arXiv preprint arXiv:1402.6289Google Scholar
  51. Mitter S, Wagner C, Strohmaier M (2014) A categorization scheme for socialbot attacks in online social networks. arXiv preprint arXiv:1402.6288Google Scholar
  52. Mohaisen A, Yun A, Kim Y (2010) Measuring the mixing time of social graphs. In: Proceedings of the 10th ACM SIGCOMM conference on internet measurement, pp 383–389Google Scholar
  53. Molok NA, Ahmad A, Chang S (2011) Information leakage through online social networking: opening the doorway for advanced persistence threats. J Aust Ins Profess Intellig Officer 19(2):38Google Scholar
  54. Mustafaraj E, Metaxas PT (2010) From obscurity to prominence in minutes: political speech and real-time search. UnpublishedGoogle Scholar
  55. Nazario J (2009) Twitter-based Botnet Command Channel. https://www.arbornetworks.com/blog/asert/twitter-based-botnet-command-channel/. Accessed 13 Aug 2009
  56. Osterman Research Consultants (2016) The need to manage social media properly. http://ostermanresearch.com/wordpress/?p=138. Accessed 17 Mar 2016
  57. Paradise A, Puzis R, Shabtai A (2014) Anti-reconnaissance tools: detecting targeted socialbots. IEEE Internet Comput 18(5):11–19CrossRefGoogle Scholar
  58. Paradise A, Shabtai A, Puzis R (2015) Hunting organization-targeted socialbots. In: Proceedings of the 2015 IEEE/ACM international conference on advances in social networks analysis and mining 2015, pp 537–540Google Scholar
  59. Pernet C (2015) Reconnaissance via professional social networks. http://blog.trendmicro.com/trendlabs-security-intelligence/reconnaissance-via-professional-social-networks/. Accessed 2 Jun 2015
  60. Pham CV, Hoang HX, Vu MM (2015) Preventing and detecting infiltration on online social networks. In: Computational social networks, pp 60–73Google Scholar
  61. Polakis I, Kontaxis G, Antonatos S, Gessiou E, Petsas T, Markatos EP (2010) Using social networks to harvest email addresses. In: Proceedings of the 9th annual ACM workshop on privacy in the electronic society, pp 11–20Google Scholar
  62. Puri R (2003) Bots & botnet: an overview. SANS Institute, 3:58Google Scholar
  63. Ratkiewicz J, Conover M, Meiss M, Gonçalves B, Patil S, Flammini A, Menczer F (2011) Truthy: mapping the spread of astroturf in microblog streams. In: Proceedings of the 20th international conference companion on World wide web, pp 249–252Google Scholar
  64. Ryan T, Mauch G (2010) Getting in bed with Robin Sage. Presented at Black Hat conference, Las Vegas, 24–27 Jul 2010Google Scholar
  65. Section 9 lab (2014) Automated linkedIn social engineering attacks. https://medium.com/section-9-lab/automated-linkedin-social-engineering-attacks-1c88573c577e. Accessed 1 Sep 2014
  66. Song J, Lee S, Kim J (2011) Spam filtering in twitter using sender-receiver relationship. In: International workshop on recent advances in intrusion detection, pp 301–317Google Scholar
  67. Sophos Press Release (2007) Sophos Facebook ID probe shows 41% of users happy to reveal all to potential identity thieves. http://www.sophos.com/en-us/press-office/press-releases/2007/08/facebook.aspx. Accessed 14 Aug 2007
  68. Stein T, Chen E, Mangla K (2011) Facebook immune system. In: Proceedings of the 4th workshop on social network systems, p 8Google Scholar
  69. Stringhini G, Kruegel C, Vigna G (2010) Detecting spammers on social networks. In: Proceedings of the 26th annual computer security applications conference, pp 1–9Google Scholar
  70. Stringhini G, Wang G, Egele M, Kruegel C, Vigna G, Zheng H, Zhao BY (2013) Follow the green: growth and dynamics in twitter follower markets. In: Proceedings of the 2013 conference on internet measurement conference, pp 163–176, ACMGoogle Scholar
  71. Subrahmanian VS, Azaria A, Durst S, Kagan V, Galstyan A, Lerman K, Waltzman R (2016) The darpa twitter bot challenge. arXiv preprint arXiv:1601.05140Google Scholar
  72. Sulick M (2016) Espionage and social media. https://www.thecipherbrief.com/article/espionage-and-social-media. Accessed 30 Jan 2016
  73. The Web Ecology Project (2011) The 2011 socialbots competition. http://www.webecologyproject.org/category/competition
  74. Thomas K, Grier C, Paxson V (2012) Adapting social spam infrastructure for political censorship. In: Presented as part of the 5th USENIX workshop on large-scale exploitsGoogle Scholar
  75. Trend Micro (2015) Social media malware on the rise. http://blog.trendmicro.com/social-media-malware-on-the-rise/. Accessed 24 Feb 2015
  76. Turing AM (1950) Computing machinery and intelligence. Mind 59(236):433–460MathSciNetCrossRefGoogle Scholar
  77. Vogt R, Aycock J Jacobson MJ Jr (2007) Army of botnets. Presented at NDSS, California, 28 Feb–2 Mar 2007Google Scholar
  78. Wagner C, Mitter S, Körner C, Strohmaier M (2012) When social bots attack: modeling susceptibility of users in online social networks. In: Proceedings of the 2nd workshop on making sense of microposts (#MSM2012), pp 46–48Google Scholar
  79. Wang AH (2010) Detecting spam bots in online social networking sites: a machine learning approach. In: IFIP annual conference on data and applications security and privacy, pp 335–342Google Scholar
  80. Wang D, Irani D, Pu C (2011) A social-spam detection framework. In: 8th annual conference on collaboration, Electronic messaging, Anti-Abuse and Spam, pp 46–54Google Scholar
  81. Wang G, Mohanlal M, Wilson C, Wang X, Metzger M, Zheng H, Zhao BY (2012) Social turing tests: crowdsourcing sybil detection. arXiv preprint arXiv:1205.3856Google Scholar
  82. Wang G, Konolige T, Wilson C, Wang X, Zheng H, Zhao BY (2013) You are how you click: clickstream analysis for sybil detection. In: Presented as part of the 22nd USENIX security symposium (USENIX security 13), pp 241–256Google Scholar
  83. Webb S, Caverlee J, Pu C (2008) Social honeypots: making friends with a spammer near You. Presented at the CEAS, CaliforniaGoogle Scholar
  84. Wei W, Xu F, Tan CC, Li Q (2012) Sybildefender: defend against sybil attacks in large social networks. In: INFOCOM, 2012 proceedings IEEE, pp 1951–1959Google Scholar
  85. Wuest C (2010) The risks of social networking. https://www.symantec.com/content
  86. Xie Y, Yu F, Ke Q, Abadi M, Gillum E, Vitaldevaria K, Mao ZM (2012) Innocent by association: early recognition of legitimate users. In: Proceedings of the 2012 ACM conference on computer and communications security, pp 353–364Google Scholar
  87. Xue J, Yang, Z, Yang X, Wang X, Chen L, Dai Y (2013) Votetrust: leveraging friend invitation graph to defend against social network sybils. In: INFOCOM, 2013 proceedings IEEE, pp 2400–2408Google Scholar
  88. Yang Z, Wilson C, Wang X, Gao T, Zhao B, Dai Y (2011) Uncovering social network sybils in the wild. arXiv preprint arXiv:1106.5321Google Scholar
  89. Yu H, Kaminsky M, Gibbons PB, Flaxman AD (2006) Sybilguard: defending against sybil attacks via social networks. IEEE/ACM Trans Networking 16(3):576–589CrossRefGoogle Scholar
  90. Yu H et al (2008) Sybillimit: a near-optimal social network defense against sybil attacks. IEEE symposium on security and privacyGoogle Scholar
  91. Zhang X, Zhu S, Liang W (2012) Detecting spam and promoting campaigns in the twitter social network. In: 2012 I.E. 12th international conference on data mining, pp 1194–1199Google Scholar

Copyright information

© Springer Science+Business Media LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Department of Software and Information Systems EngineeringBen-Gurion University of the NegevBeer-ShevaIsrael
  2. 2.University of Maryland Institute for Advanced Computer Studies (UMIACS)College ParkUSA

Section editors and affiliations

  • V. S. Subrahmanian
    • 1
  • Jeffrey Chan
    • 2
  1. 1.University of MarylandCollege ParkUSA
  2. 2.RMIT (Royal Melbourne Institute of Technology)MelbourneAustralia