Social networks protection against fake profiles and social bots attacks
1. SRGE 2017 Intelligent Systems and Data Mining: Applications and Trends, 6 Dec. 2017
1
Social Networks Protection against
Fake Profiles and Social Bots Attacks
Presented By
Mohamed Torky
Assistant Lecturer in (HICIS) Institute, and a PHD candidate in Computer Science, Faculty of
Science, Menoufyia University, Egypt. Member in Scientific Research Group in Egypt (SRGE)
2. Agenda
2
1
• Introduction
2
• Identity Verification and Detecting Fake Profiles in OSNs
3
• Protection against Social Bots in OSNs
4
• Conclusion
5
• Acknowledgment
3. Agenda
3
1
• Introduction
2
• Identity Verification and Detecting Fake Profiles in OSNs
3
• Protection against Social Bots in OSNs
4
• Conclusion
5
• Acknowledgment
4. 1- Introduction
4
Security and Privacy in Social Networks
Preserving security and privacy is an
important aspect of OSNs systems . The open
nature of OSNs platforms motivates the
adversaries to launch several attack patterns.
Hence, protecting users' profiles and
safeguarding its privacy represent a vital
security issue in online social networks.
6. 1- Introduction
6
(1) Fake Profiles and Identity Verification Problem
Since Many OSN platforms lack of proper
authentication mechanisms, The attacker can
easily create set of fake profiles , then send fake
requests to several users in the social graph. The
intruders are exploiting the tendency of users to
accept friend requests with out verifying the
identity of requesting profiles.
Facebook has announced that there are 170
million Fake profiles among 1.3 billion profiles.
7. 1- Introduction
7
(2) Social Bot Problem
Social Bots are automated software tools able to
simulates human behavior in automated
interactions on social network sites such as
Facebook and Twitter. Social bots are designed to
pass Turing Tests (e.g. CAPTCHA puzzles) in order
to performing malicious activities such as :
Creating Fake Profiles, Sending fake requests,
Harvesting Personal Information, Auto Posting and
Sharing, etc.
8. 12/7/2017
What is the novel way for
creating profiles identities
and detecting Fake Profiles
in OSNs??
What the novel anti-Bot
mechanism for Protecting
OSNs against the current
generation of Social Bots??
Research Questions
9. Agenda
9
1
• Introduction
2
• Identity Verification and Detecting Fake Profiles in OSNs
3
• Protection against Social Bots in OSNs
4
• Conclusion
5
• Acknowledgment
28. 3-1 Necklace CAPTCHA Mechanism
28
DEFFINITION: (A Necklace Graph)
A Necklace graph of order n is a cyclic Graph G consist of n
Vertices. Such that the Cyclic (Right OR Left) Shifts rotation of n
vertices, Produce n Binary Strings of Length n
01010
00101
10010
01001
10100
29. 3-1 Necklace CAPTCHA Mechanism
29
R-WordsL-Words
G4K@8
8G4K@
@8G4K
K@8G4
4K@8G
G8@K4
4G8@K
K4G8@
@K4G8
8@K4G
DEFFINITION: (The Modified Necklace Graph)
A Necklace graph of order n is a cyclic Graph G consist of n Vertices that labeled
with (numeric, alphabetic, or symbolic characters) Such that the Cyclic (Right AND
Left) Shifts rotation of n vertices, Produce 2n numeric, alphabetic ,or symbolic words
of Length n
30. 3-1 Necklace CAPTCHA Mechanism
30
The Differences between the Classical Necklace Graph and the modified One
Classical Necklace Graph Modified Necklace Graph
34. 3-2 Usability Results
34
Effectiveness Efficiency Satisfaction
ISO/IEC 9126-4
Standard
100.
N
SU
Eff 100.
1 1
1 1
R
i
N
J
ij
R
i
N
J
ijij
t
tn
Effcy
Questionnaire and
System Usability Scale
(SUS) Algorithm
T1
T2
T3T4T5T6T7
173 Participants
against SEVEN
Tests
37. 3-3 Security Results
37
XNX
QP
XNX
N
XP
)!(!
!
)(
!
)(
)(*
X
XP
XP
(1)
(2)
Necklace Graph of order (3) 6 Words Necklace Graph of order (4) 8 Words
Necklace Graph of order (5) Necklace Graph of order (6)10 Words 12 Words
42. Agenda
42
1
• Introduction
2
• Identity Verification and Detecting Fake Profiles in OSNs
3
• Protection against Social Bots in OSNs
4
• Conclusion
5
• Acknowledgment
43. 43
In this study, We introduced a novel detection mechanism
called Fake Profiles Recognizer (FPR) for detecting fake
profiles in OSNs. The functionality of FPR depends on
Regular Expression approach for generating and
representing users’ identities. In addition the Deterministic
Finite Automaton (DFA) is used to verify the identities of
profiles for detecting the fake ones. Our approach is
simulated on three types of social networks, the results
clarified Accuracy (94.91%) and low False Positive Rate
(4.71%) in detecting Fake Profiles .Compared with other
mechanisms in the literature, FPR is a competitive
mechanism in detecting fake profiles in OSNs.
44. 44
In this Study We designed an developed a novel anti-bot
mechanism called Necklace CAPTCHA for protecting OSNs
against the smart generation of social bots. The major functionality
of Necklace CAPTCHA has depended on employing Necklace
graph model for generating the CAPTCHA tests. Our CAPTCHA
is evaluated against Usability and Robustness metrics, and the
results clarified that Necklace CAPTCHA is usable CAPTCHA to
solve by the human users , such that it achieved Effectiveness rate
80.6 % . It achieved efficiency rate 93.33% and can be solved
within 24s. In addition, the robustness results demonstrated that
Necklace CAPTCHA is a robust mechanism against social bots
compared with other CAPTCHAs in the literature, such that it
achieved low breaking rate about 1.65 %.