Presentation is loading. Please wait.

Presentation is loading. Please wait.

Date: 2015/11/19 Author: Reza Zafarani, Huan Liu Source: CIKM '15

Published byMerry Oliver Modified over 8 years ago

Similar presentations

Presentation on theme: "Date: 2015/11/19 Author: Reza Zafarani, Huan Liu Source: CIKM '15"— Presentation transcript:

1 10 Bits of Surprise: Detecting Malicious Users with Minimum Information
Date: 2015/11/19 Author: Reza Zafarani, Huan Liu Source: CIKM '15 Advisor: Jia-ling Koh Spearker: LIN,CI-JIE

2 Outline Introduction Method Experiment Conclusion

3 Introduction Malicious users are a threat to many sites and defending against them demands innovative countermeasures In June 2012, Facebook reported that 8.7% of its user accounts are fake Twitter claims that 5% of its users are fake

4 Challenges Malicious users need to be detected using their often limited content or link (i.e. friends) information Existing techniques assume that a good amount of information about malicious users has been gathered

5 Introduction Goal: develop a methodology that identifies malicious users with limited information using usernames as the minimum information available on all sites

6 Outline Introduction Method Experiment Conclusion

7 Malicious Users are Complex and Diverse
Malicious users often generate (1) complex and (2) diverse information to ensure their anonymity

8 Complexity Information surprise
For a rare username u with a small observation probability p(u), information surprise I(u) is much higher than that of a common username To estimate the probability of a username using an n-gram model

9 Diversity The number of digits in the username
The proportion of digits in the username

10 Malicious Users are Demographically Biased
Malicious User Gender decomposes a username into character n-grams estimates the gender likelihood based on these n-grams the classifier's confidence in the predicted gender as the feature Malicious User Language detect the language of the username train an n-gram statistical language detector over the European Parliament Proceedings Parallel Corpus, which consists of text in 21 European languages the alphabet distribution of the username

11 Malicious Users are Demographically Biased
Malicious User Knowledge the vocabulary size can be computed by counting the number of words in a large dictionary that are substrings of the username

12 Malicious Users are Anonymous
entropy of the alphabet distribution of the username normalize entropy the number of unique letters used in the username divided by the username length

13 Malicious Users are Similar
Language Patterns the normalized character-level bigrams of usernames the number of digits at the beginning of the username the maximum number of times a letter has been repeated in the username

14 Malicious Users are Similar
Word Patterns two dictionaries, one containing keywords related to malicious activities and the other for offensive key-words count the number of words in the dictionary that appear as the substring of the username

15 Malicious Users are Efficient
the username length the number of unique alphabet letters in usernames

16 Malicious Users are Efficient
DVORAK and QWERTY keyboards The percentage of keys typed using the same hand that was used for the previous key The percentage of keys typed using the same finger that was used for the previous key The percentage of keys typed using each finger The percentage of keys pressed on rows: Top Row, Home Row, Bottom Row, and Number Row The approximate distance (in meters) traveled for typing a username

17 Malicious user detection with minimum information
Supervised learning can be performed using classification or regression

18 Outline Introduction Method Experiment Conclusion

19 DataSet Malicious Users (negative examples)
Collect malicious usernames from sites such as dronebl.org, ahbl.org 32 million usernames Normal Users (positive examples) Collect normal users usernames from Twitter 45,953 usernames Facebook Users (positive+negative examples) 158 million usernames Facebook expects around 1.5% to be malicious Gender Dataset 4 million Facebook usernames for which we have the gender information

20

21

22

23

24 Outline Introduction Method Experiment Conclusion

25 Conclusion Introduced a methodology that can identify malicious users with minimum information Identify five general characteristics of malicious users

26 Thanks for listening

Download ppt "Date: 2015/11/19 Author: Reza Zafarani, Huan Liu Source: CIKM '15"

Similar presentations

Mustafa Cayci INFS 795 An Evaluation on Feature Selection for Text Clustering.

Mustafa Cayci INFS 795 An Evaluation on Feature Selection for Text Clustering.
Huffman code and ID3 Prof. Sin-Min Lee Department of Computer Science.

Huffman code and ID3 Prof. Sin-Min Lee Department of Computer Science.
Large-Scale Entity-Based Online Social Network Profile Linkage.

Large-Scale Entity-Based Online Social Network Profile Linkage.
Sensor-Based Abnormal Human-Activity Detection Authors: Jie Yin, Qiang Yang, and Jeffrey Junfeng Pan Presenter: Raghu Rangan.

Sensor-Based Abnormal Human-Activity Detection Authors: Jie Yin, Qiang Yang, and Jeffrey Junfeng Pan Presenter: Raghu Rangan.
TI: An Efficient Indexing Mechanism for Real-Time Search on Tweets Chun Chen 1, Feng Li 2, Beng Chin Ooi 2, and Sai Wu 2 1 Zhejiang University, 2 National.

TI: An Efficient Indexing Mechanism for Real-Time Search on Tweets Chun Chen 1, Feng Li 2, Beng Chin Ooi 2, and Sai Wu 2 1 Zhejiang University, 2 National.
Date : 2014/04/01 Author : Zhung-Xun Liao, Yi-Chin Pan, Wen-Chih Peng, Po-Ruey Lei Source : CIKM’13 Advisor : Jia-ling Koh Speaker : Shao-Chun Peng.

Date : 2014/04/01 Author : Zhung-Xun Liao, Yi-Chin Pan, Wen-Chih Peng, Po-Ruey Lei Source : CIKM’13 Advisor : Jia-ling Koh Speaker : Shao-Chun Peng.
Linear Model Incorporating Feature Ranking for Chinese Documents Readability Gang Sun, Zhiwei Jiang, Qing Gu and Daoxu Chen State Key Laboratory for Novel.

Linear Model Incorporating Feature Ranking for Chinese Documents Readability Gang Sun, Zhiwei Jiang, Qing Gu and Daoxu Chen State Key Laboratory for Novel.
Bring Order to Your Photos: Event-Driven Classification of Flickr Images Based on Social Knowledge Date: 2011/11/21 Source: Claudiu S. Firan (CIKM’10)

Bring Order to Your Photos: Event-Driven Classification of Flickr Images Based on Social Knowledge Date: 2011/11/21 Source: Claudiu S. Firan (CIKM’10)
Searchable Web sites Recommendation Date : 2012/2/20 Source : WSDM’11 Speaker : I- Chih Chiu Advisor : Dr. Koh Jia-ling 1.

Searchable Web sites Recommendation Date : 2012/2/20 Source : WSDM’11 Speaker : I- Chih Chiu Advisor : Dr. Koh Jia-ling 1.
An Approach to Evaluate Data Trustworthiness Based on Data Provenance Department of Computer Science Purdue University.

An Approach to Evaluate Data Trustworthiness Based on Data Provenance Department of Computer Science Purdue University.
Unsupervised Transfer Classification Application to Text Categorization Tianbao Yang, Rong Jin, Anil Jain, Yang Zhou, Wei Tong Michigan State University.

Unsupervised Transfer Classification Application to Text Categorization Tianbao Yang, Rong Jin, Anil Jain, Yang Zhou, Wei Tong Michigan State University.
Service Discrimination and Audit File Reduction for Effective Intrusion Detection by Fernando Godínez (ITESM) In collaboration with Dieter Hutter (DFKI)

Service Discrimination and Audit File Reduction for Effective Intrusion Detection by Fernando Godínez (ITESM) In collaboration with Dieter Hutter (DFKI)
Connecting Users across Social Media Sites: A Behavioral-Modeling Approach Jingchi Zhang.

Connecting Users across Social Media Sites: A Behavioral-Modeling Approach Jingchi Zhang.
Project  Now it is time to think about the project  It is a team work Each team will consist of 2 people  It is better to consider a project of your.

Project  Now it is time to think about the project  It is a team work Each team will consist of 2 people  It is better to consider a project of your.
1 LM Approaches to Filtering Richard Schwartz, BBN LM/IR ARDA 2002 September 11-12, 2002 UMASS.

1 LM Approaches to Filtering Richard Schwartz, BBN LM/IR ARDA 2002 September 11-12, 2002 UMASS.
Presented by Zeehasham Rasheed

Presented by Zeehasham Rasheed
Author Identification for LiveJournal Alyssa Liang.

Author Identification for LiveJournal Alyssa Liang.
1 Unsupervised Discovery of Morphemes Presented by: Miri Vilkhov & Daniel Feinstein linja-autonautonkuljettajallakaan linja-auton auto kuljettajallakaan.

1 Unsupervised Discovery of Morphemes Presented by: Miri Vilkhov & Daniel Feinstein linja-autonautonkuljettajallakaan linja-auton auto kuljettajallakaan.
Introduction to Language Models Evaluation in information retrieval Lecture 4.

Introduction to Language Models Evaluation in information retrieval Lecture 4.
Typewriter Keyboards via Simulated Annealing Reporter: En-ping Su Date: 3.2 2006.

Typewriter Keyboards via Simulated Annealing Reporter: En-ping Su Date:

Similar presentations

Ads by Google