The socialbot network
-
Upload
william-chui -
Category
Education
-
view
106 -
download
0
Transcript of The socialbot network
Authors:Yazan Boshmaf, Lldar Muslukhov, Konstantin Beznosov, Matei Ripeanu
University of British ColumbiaAnnual Computer Security Applications Conference (ACSAC) 2011
Presented By:Gavin Grant
http://en.wikipedia.org/wiki/CAPTCHA
http://developers.facebook.com/docs/reference/api/
Abstract OSN Vulnerabilities Socialbot Network The Attack Findings FIS effectiveness
Social Networks have millions of users
Illustrate that Online Social Networks (OSN) are vulnerable to infiltrations by socialbots In particular Facebook 80% success rate
Socialbots – computer programs that control OSN accounts and mimic real users
Ineffective CAPTCHAs Hiring cheap labor ($1 per 1,000 broken) Reusing session IDs of known CAPTCHAs
Fake User Accounts and Profiles Email and profile
Crawlable Social Graphs Traversing linked profiles
Exploitable Platforms and APIs Use APIs to automate the execution of activities
Set of socialbots owned and maintained by human controller called the botherder
Made up of socialbots, botmaster, and command and control channel
Socialbot controls a profile Data collected called botcargo Capable of executing commands
Botmaster is software botherder uses to send commands through C & C channel
C & C facilitates transfer of botcargo and commands
Read, write, connect, disconnect
Set of commands used to mimic a real user Native commands
Master commands
Botworker builds and maintains profiles Botupdater pushes new software updates C & C engine maintains a repository of master commands Master commands needed
Cluster Rand_connect(k) Decluster Crawl_extneighborhood Mutual_connect Harvest‐data
Communication model
Works with socialbot‐OSN Channel Only OSN‐specific API calls and HTTP traffic
Helps in non detection
Socialbot has to hide its real identity
Botmaster should be able to perform large‐scale infiltration
C & C channel traffic has to look benign
Facebook Immune System (FIS) 8 week process Exploited Facebook’s Graph API to carry out social‐interaction operations
Used HTTP request to send friendship request Iheartquotes.com, decaptcher.com, hotornot.com, mail.ru
102 socialbots created and 1 botmaster Users were created manually 49 males 53 females 5053 valid profile IDs 25 request per day per socialbot Harvested data
First 2 weeks 2 days t send 5043 request (2,391 male , 2.662 female) 976 accepted (381 M, 595 F)
Next 6 weeks 3,517 more users added 2,079 infiltrated successfully Generated 250 GB inbound and 3 GB outbound traffic
Acceptance rate increase to 80% as mutual friends increased
News feeds Profile info Wall messages 3,055 direct neighborhoods 1,085,785 extended neighborhoods
Real time learning system used to protect its users
Only 20 bots were flagged by system
Doesn’t consider fake accounts a real threat
OSN vulnerability to a large‐scale socialbot network infiltration
Defense social networks have against social bots that mimic human behavior
Prayed on common user behavior
Only Facebook was attacked
Didn’t provide any prevention techniques
Try on other social networking sites
Not create socialbots manually