Automatic Sybil attack method for online social network

doi:10.7523/j.issn.2095-6134.2014.04.016

Abstract

Abstract:

The Sybil attack has become a serious threat to the online social networks(OSN). We analyze the main threats of Sybil accounts to the OSN and the methods for detecting them. We find out that all the detection methods have their weaknesses. Based on those we propose a set of strategies to avoid the OSN's detection and accomplish a tool called OSNBP, which uses strategies to infiltrate into the OSN. After we used this tool in infiltration tests into the two largest social networks, Facebook.com and RenRen.com, we conclude that our infiltration strategies are effective and the existing methods of detecting Sybil accounts are imperfect.

Key words: ocial networks, Sybil account, privacy, Sybil attack

CLC Number:

TP393

XIONG Kai, ZHANG Yuqing, LÜ Shaiqing. Automatic Sybil attack method for online social network[J]. , 2014, 31(4): 548-554.

References

[1] Wikipedia.Facebook[EB/OL].(2012-06-05) . http://en.wikipedia.org/wiki/Facebook.

[2] Stein T, Chen E, Mangla K. Facebook immune system[C]//Proceedings of the 4th Workshop on Social Network Systems. Salzburg, Austria, 2011.

[3] Yang Z, Wilson C, Wang X, et al. Uncovering social network sybils in the wild[C]//Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference. Berlin, Germany, 2011:259-268.

[4] Bilge L, Strufe T, Balzarotti D, et al. Automated ldentity theft attacks on social networks[C]//Proceedings of the 18th International Conference on World Wide Web. New York: ACM, 2009:551-560.

[5] Mondal M, Viswanath B, Clement A, et al. Limiting arge-scale crawls of social networking sites[C]//Proceedings of the ACM SIGCOMM 2011 Conference. New York: ACM, 2011:398-399.

[6] Philip WLF. Preventing Sybil attacks by privilege attenuation: A design principle for social network systems[C]//Security and Privacy (SP), 2011 IEEE Symposium on. Berkeley, CA, 2011:263-278.

[7] Zha D, Jing J, Kang L. Mitigating the malicious trust expansion in social network service[J]. Information Security, Practice and Experience, 2010(6047):264-275.

[8] Matt Jurek. Google explorer +1 button to influence search results[EB/OL]. (2011-08-29) . http://tinyurl.com/7g927oy.

[9] Gao H, Hu J, Wilson C, et al. Detecting and characterizing social spam campaigns[C]//Proceedings of the 10th ACM SIGCOMM. AFairfax, VA, USA, 2010:35-47.

[10] Thomas K, Grier C, Paxson V, et al. Suspended accounts in retrospect: An analysis of twitter spam[C]//Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference. Berlin, Germany, 2011:243-258.

[11] Yu H, Kaminsky M, Gibbons P B, et al. SybilGuard: defending against sybil attacks via social networks[C]//Proceedings of the 2006 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. Pisa, Italy, 2006:267-278.

[12] Yu H, Gibbons P, Kaminsky M, et al. SybilLimit: A near-optimal social metwork defense against sybil attacks[C]//Security and Privacy, IEEE Symposium on. 2008:3-17.

[13] Danezis G, Mittal P. SybilInfer: detecting SybilNodes using social networks[C]//NDSS. 2009.

[14] Tran N, Min B, Li J, et al. Sybil-resilient online content voting[C]//NSDI. 2009.

[15] Tran N, Li J, Subramanian, et al. Optimal Sybil-resilient node admission control[C]//INFOCOM, 2011 Proceedings IEEE. 2011:3218-3226.

[16] Viswanath B, Post A, Gummadi K P. An analysis of social network-based Sybil defenses[C]//Proceedings of the ACM SIGCOMM 2010 Conference. New Delhi, India, 2010:363-374.

[17] Gao H, Hu J, Wilson C, et al. Detecting and characterizing social spam campaigns[C]//Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement. Melbourne, Australia, 2010:35-47.

[18] Antonio L, Cliff E, Reynold X. Detecting spam on social networking site: related work[EB/OL]. (2012-03-14) . http://bid.berkeley.edu/cs294-1-spring12/images/b/b9/Spam-related-work.pdf.

[19] Boshmaf Y, Muslukhov I, Beznosov K, et al. The socialbot network: when bots socialize for fame and money[C]//Proceedings of the 27th Annual Computer Security Applications Conferencetions Conference. Orlando, FL, USA, 2011:93-102.

[20] Stringhini G, Kruegel C, Vigna G, et al. Detecting spammers on social networks[C]//Proceedings of the 26th Annual Computer Security Applications Conference. Austin, TX, USA, 2010:1-9.

[21] Cao Q, Yang X W. SybilFence: improving social-graph-based sybil defenses with user negative feedback[EB/OL]. (2013-04-13) .[2013-05-28]http://arxiv.org/abs/1304.3819.

[22] Cao Q, Sirivianos M, Yang X, et al. Aiding the detection of fake accounts in large scale social online services[C]//USENIX Networked Systems Design and Implementation. 2012.

[23] Ahn Y, Han S, Kwak H, et al. Analysis of topological characteristics of huge online social networking services[C]//Proceedings of the 16th International Conference on World Wide Web. Banff, AB, Canada, 2007:835-844.

[24] Fielding R T. Architectural styles and the design of network-based software architectures[D].Irvine: University of California, Irvine, 2000.