IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Monte Carlo Statistical Methods (Springer Texts in Statistics)
Monte Carlo Statistical Methods (Springer Texts in Statistics)
Communications of the ACM
Measurement and analysis of online social networks
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
A model of a trust-based recommendation system on a social network
Autonomous Agents and Multi-Agent Systems
Planetary-scale views on a large instant-messaging network
Proceedings of the 17th international conference on World Wide Web
SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Social networks and context-aware spam
Proceedings of the 2008 ACM conference on Computer supported cooperative work
Research ethics in the facebook era: privacy, anonymity, and oversight
CHI '09 Extended Abstracts on Human Factors in Computing Systems
All your contacts are belong to us: automated identity theft attacks on social networks
Proceedings of the 18th international conference on World wide web
Can Friends Be Trusted? Exploring Privacy in Online Social Networks
ASONAM '09 Proceedings of the 2009 International Conference on Advances in Social Network Analysis and Mining
CAPTCHA: using hard AI problems for security
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
CAPTCHA smuggling: hijacking web browsing sessions to create CAPTCHA farms
Proceedings of the 2010 ACM Symposium on Applied Computing
Walking in facebook: a case study of unbiased sampling of OSNs
INFOCOM'10 Proceedings of the 29th conference on Information communications
An analysis of social network-based Sybil defenses
Proceedings of the ACM SIGCOMM 2010 conference
@spam: the underground on 140 characters or less
Proceedings of the 17th ACM conference on Computer and communications security
Detecting spammers on social networks
Proceedings of the 26th Annual Computer Security Applications Conference
Re: CAPTCHAs: understanding CAPTCHA-solving services in an economic context
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Truthy: mapping the spread of astroturf in microblog streams
Proceedings of the 20th international conference companion on World wide web
Proceedings of the 4th Workshop on Social Network Systems
Stegobot: a covert social network botnet
IH'11 Proceedings of the 13th international conference on Information hiding
Socialbots: voices from the fronts
interactions
Revisiting link privacy in social networks
Proceedings of the second ACM conference on Data and Application Security and Privacy
C4PS: colors for privacy settings
Proceedings of the 21st international conference companion on World Wide Web
Aiding the detection of fake accounts in large scale social online services
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Key challenges in defending against malicious socialbots
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
Understanding factors that affect response rates in twitter
Proceedings of the 23rd ACM conference on Hypertext and social media
Innocent by association: early recognition of legitimate users
Proceedings of the 2012 ACM conference on Computer and communications security
The devil is in the (implementation) details: an empirical analysis of OAuth SSO systems
Proceedings of the 2012 ACM conference on Computer and communications security
All your face are belong to us: breaking Facebook's social authentication
Proceedings of the 28th Annual Computer Security Applications Conference
C4PS - helping facebookers manage their privacy settings
SocInfo'12 Proceedings of the 4th international conference on Social Informatics
Computer Networks: The International Journal of Computer and Telecommunications Networking
Two new economic models for privacy
ACM SIGMETRICS Performance Evaluation Review
Like prediction: modeling like counts by bridging facebook pages with linked data
Proceedings of the 22nd international conference on World Wide Web companion
Detection of StegoBot: a covert social network botnet
Proceedings of the First International Conference on Security of Internet of Things
Graph-based Sybil detection in social and information systems
Proceedings of the 2013 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining
REPLOT: REtrieving profile links on Twitter for suspicious networks detection
Proceedings of the 2013 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining
Social engineering attacks on the knowledge worker
Proceedings of the 6th International Conference on Security of Information and Networks
SGor: Trust graph based onion routing
Computer Networks: The International Journal of Computer and Telecommunications Networking
Leveraging Social Feedback to Verify Online Identity Claims
ACM Transactions on the Web (TWEB)
Hi-index | 0.00 |
Online Social Networks (OSNs) have become an integral part of today's Web. Politicians, celebrities, revolutionists, and others use OSNs as a podium to deliver their message to millions of active web users. Unfortunately, in the wrong hands, OSNs can be used to run astroturf campaigns to spread misinformation and propaganda. Such campaigns usually start off by infiltrating a targeted OSN on a large scale. In this paper, we evaluate how vulnerable OSNs are to a large-scale infiltration by socialbots: computer programs that control OSN accounts and mimic real users. We adopt a traditional web-based botnet design and built a Socialbot Network (SbN): a group of adaptive socialbots that are orchestrated in a command-and-control fashion. We operated such an SbN on Facebook---a 750 million user OSN---for about 8 weeks. We collected data related to users' behavior in response to a large-scale infiltration where socialbots were used to connect to a large number of Facebook users. Our results show that (1) OSNs, such as Facebook, can be infiltrated with a success rate of up to 80%, (2) depending on users' privacy settings, a successful infiltration can result in privacy breaches where even more users' data are exposed when compared to a purely public access, and (3) in practice, OSN security defenses, such as the Facebook Immune System, are not effective enough in detecting or stopping a large-scale infiltration as it occurs.