The small-world phenomenon: an algorithmic perspective
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
MailRank: using ranking for spam detection
Proceedings of the 14th ACM international conference on Information and knowledge management
SybilGuard: defending against sybil attacks via social networks
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Analysis of topological characteristics of huge online social networking services
Proceedings of the 16th international conference on World Wide Web
Measurement and analysis of online social networks
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Spamming botnets: signatures and characteristics
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Computing with Social Trust
User interactions in social networks and their implications
Proceedings of the 4th ACM European conference on Computer systems
Sybil-resilient online content voting
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
BotGraph: large scale spamming botnet detection
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
How Good Are Humans at Solving CAPTCHAs? A Large Scale Evaluation
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
An analysis of social network-based Sybil defenses
Proceedings of the ACM SIGCOMM 2010 conference
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Detecting spammers with SNARE: spatio-temporal network-level automatic reputation engine
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
A geometric model for on-line social networks
WOSN'10 Proceedings of the 3rd conference on Online social networks
@spam: the underground on 140 characters or less
Proceedings of the 17th ACM conference on Computer and communications security
Measuring the mixing time of social graphs
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Re: CAPTCHAs: understanding CAPTCHA-solving services in an economic context
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Bazaar: strengthening user reputations in online marketplaces
Proceedings of the 8th USENIX conference on Networked systems design and implementation
Uncovering social network sybils in the wild
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
The socialbot network: when bots socialize for fame and money
Proceedings of the 27th Annual Computer Security Applications Conference
Aiding the detection of fake accounts in large scale social online services
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
SocialWatch: detection of online service abuse via large-scale social graphs
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Hi-index | 0.00 |
This paper presents the design and implementation of Souche, a system that recognizes legitimate users early in online services. This early recognition contributes to both usability and security. Souche leverages social connections established over time. Legitimate users help identify other legitimate users through an implicit vouching process, strategically controlled within vouching trees. Souche is lightweight and fully transparent to users. In our evaluation on a real dataset of several hundred million users, Souche can efficiently identify 85% of legitimate users early, while reducing the percentage of falsely admitted malicious users from 44% to 2.4%. Our evaluation further indicates that Souche is robust in the presence of compromised accounts. It is generally applicable to enhance usability and security for a wide class of online services.