Multilevel k-way partitioning scheme for irregular graphs
Journal of Parallel and Distributed Computing
Fast training of support vector machines using sequential minimal optimization
Advances in kernel methods
Separating the swarm: categorization methods for user sessions on the web
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Clustering Web Sessions by Sequence Alignment
DEXA '02 Proceedings of the 13th International Workshop on Database and Expert Systems Applications
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Web usage mining: discovery and applications of usage patterns from Web data
ACM SIGKDD Explorations Newsletter
Clustering of Web Users Using Session-Based Similarity Measures
ICCNMC '01 Proceedings of the 2001 International Conference on Computer Networks and Mobile Computing (ICCNMC'01)
A Web page prediction model based on click-stream tree representation of user behavior
Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining
UBB Mining: Finding Unexpected Browsing Behaviour in Clickstream Data to Improve a Web Site's Design
WI '05 Proceedings of the 2005 IEEE/WIC/ACM International Conference on Web Intelligence
SybilGuard: defending against sybil attacks via social networks
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Web page revisitation revisited: implications of a long-term click-stream study of browser usage
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Characterizing typical and atypical user sessions in clickstreams
Proceedings of the 17th international conference on World Wide Web
SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Time-Aware Web Users' Clustering
IEEE Transactions on Knowledge and Data Engineering
User interactions in social networks and their implications
Proceedings of the 4th ACM European conference on Computer systems
Sybil-resilient online content voting
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Understanding online social network usage from a network perspective
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Characterizing user behavior in online social networks
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
An analysis of social network-based Sybil defenses
Proceedings of the ACM SIGCOMM 2010 conference
@spam: the underground on 140 characters or less
Proceedings of the 17th ACM conference on Computer and communications security
Detecting and characterizing social spam campaigns
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Understanding latent interactions in online social networks
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Measuring the mixing time of social graphs
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Detecting spammers on social networks
Proceedings of the 26th Annual Computer Security Applications Conference
Re: CAPTCHAs: understanding CAPTCHA-solving services in an economic context
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Reverse social engineering attacks in online social networks
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
Dirty jobs: the role of freelance labor in web service abuse
SEC'11 Proceedings of the 20th USENIX conference on Security
Suspended accounts in retrospect: an analysis of twitter spam
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Uncovering social network sybils in the wild
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Mining significant usage patterns from clickstream data
WebKDD'05 Proceedings of the 7th international conference on Knowledge Discovery on the Web: advances in Web Mining and Web Usage Analysis
Serf and turf: crowdturfing for fun and profit
Proceedings of the 21st international conference on World Wide Web
Aiding the detection of fake accounts in large scale social online services
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Follow the green: growth and dynamics in twitter follower markets
Proceedings of the 2013 conference on Internet measurement conference
Using naive bayes to detect spammy names in social networks
Proceedings of the 2013 ACM workshop on Artificial intelligence and security
Uncovering social network Sybils in the wild
ACM Transactions on Knowledge Discovery from Data (TKDD) - Casin special issue
| Hi-index | 0.00 |
Fake identities and Sybil accounts are pervasive in today's online communities. They are responsible for a growing number of threats, including fake product reviews, malware and spam on social networks, and astroturf political campaigns. Unfortunately, studies show that existing tools such as CAPTCHAs and graph-based Sybil detectors have not proven to be effective defenses. In this paper, we describe our work on building a practical system for detecting fake identities using server-side clickstream models. We develop a detection approach that groups "similar" user clickstreams into behavioral clusters, by partitioning a similarity graph that captures distances between clickstream sequences. We validate our clickstream models using ground-truth traces of 16,000 real and Sybil users from Renren, a large Chinese social network with 220M users. We propose a practical detection system based on these models, and show that it provides very high detection accuracy on our clickstream traces. Finally, we worked with collaborators at Renren and LinkedIn to test our prototype on their server-side data. Following positive results, both companies have expressed strong interest in further experimentation and possible internal deployment.