Slashdot Mirror

← Back to Stories (view on slashdot.org)

Graphing Internet Interaction To Spot Spammers

Posted by samzenpus on from the friends-don't-spam dept.

Gunkerty Jeb writes "Spammers, it turns out, aren't like everyone else: they have fewer friends. 'Social Graphs for Online Service Security,' a study done by researchers Yinglian Xie and Fang Yu, uses studies of legitimate and malicious social network usage to spot bogus email accounts that are used to push spam, malware, and otherwise malicious links. The researchers are analyzing natural social connections between users on the Web that are difficult for attackers or botnets to replicate. Spotting a spammer isn't hard, they say, when you look at his or her patterns of communication."

13 of 53 comments (clear)

  1. That's because it's not required yet. by JLennox · · Score: 5, Interesting

    I used to run a 200~400+ user IRC channel on DALnet over a decade ago and we would get spammers in there.

    So I made a bot that would rejoin the channel at a set interval and ban anyone who messaged it.

    Then they made them detect that it was an op's ip, even though the bot wasn't op. So I started using a different host name.

    Then they made it so that the bot used 2 connections, one to send the message and wasn't in the channel, and one to sit in the channel to tell the other connection who to spam. So I made my bot detect the identical hosts.

    Then they started using different hosts. So I made it log who has and hasn't talked in the channel and notify me. I'd whois those people and join the other channels they were in waiting to find a common channel getting spammed. I'm assuming if they realized the weak link in the chain was me detecting who has and hasn't talked, they'd of made it say hurf durf randomly.

    Once you require the spam bots to have friends, they'll have friends. Your solution is a temporary one.

    1. Re:That's because it's not required yet. by rm999 · · Score: 4, Insightful

      I work in preventing fraud, and I completely agree with your point. In any kind of maliciousness detection, there will be patterns you can find that will immediately stop a large % of the bad guys. But the bad guys won't retire, they will run to another corner, and you will have to chase them.

      That isn't to say it's not worth trying to stop them. Quite the opposite: the more you chase them around, the more robust your system becomes, and the harder it will be for casual bad guys to attack your system.

  2. Slippery slope by Tsar · · Score: 4, Insightful

    I'm starting to think that a social graph is going to be the 21st century version of the fingerprint, except it will describe WHAT you are rather than WHO you are. Botnet, AI, Muslim, Baptist, college-educated straight Irish-American middle-child female... Who'd like to guess what the total annual budget is already for this kind of research? How much money and manpower would the Department Homeland Security be willing to invest to keep Facebook et al popular with their target audience, so the cheap social graph data keeps flowing?

  3. I am not a spammer! by Anonymous Coward · · Score: 2, Funny

    I'm just socially awkward is all...

    1. Re:I am not a spammer! by That+Guy+From+Mrktng · · Score: 2

      Or You can have a personality dissorder that makes you avoid any social interaction, maybe you joined Facebook with the hope of finding some friends and old classmates, but you quickly lose all interest in FB, Your social network fingerprint now depicts you as a Spammer?.

      I'm just waiting for the study (duh-science FTF) showing that top criminals are not in Facebook, hence, anybody not in Facebook is a potential criminal.

      "You must post at least 3 updates/hour in you FB wall to deserve our Victory Gin, citizen"

    2. Re:I am not a spammer! by Ihmhi · · Score: 2

      1 @M @ F@1R 8IT 5OCI@LLY @WKW@RD MYS3LF, 5O 1 UND3RST@ND. @ND FOR SOM3 R3@SON MY FRI3NDS N3V3R G3T MY 3-MAILS.

      --
      Random Thoughts From A Diseased Mind (Not For Dummies)
  4. Isn't this a lot like Google's PageRank? by Solandri · · Score: 2

    Except applied to email addresses instead of websites? It works great at first. Then the spammers start creating artificial networks between their bots and fake sites/emails, to make them look more like legit sites/email addresses. And soon you need a multi-billion dollar company constantly working to refine it to keep it one step ahead of the spammers.

  5. Friends don't let friend spam? by ackthpt · · Score: 2

    Perhaps another way of looking at it is it, some entrepeneurs are asocial - they don't mind enriching themselves at the expense of others - i.e. I'll sell "Hydrolizing Cream" to you to make money for myself, not minding that the stuff I bottle, label and sell is just a bulk cream containing lanolin and/or glycerin. If you're so stupid to buy it, I'm not going to lose sleep over it.

    --

    A feeling of having made the same mistake before: Deja Foobar
  6. According to Microsoft researchers by fatphil · · Score: 3, Funny

    Spam will be a thing of the past in two years' time.
            * BBC News (24 January 2004)

    --
    Also FatPhil on SoylentNews, id 863
  7. Chain emails? by psithurism · · Score: 5, Funny

    Don't you think this might incorrectly flag people who send out lots of chain emails to all their friends?

    I, for one, hope so.

  8. Re:Spam emails always have something misspelled by The+Archon+V2.0 · · Score: 2
    "Fascinating ass" just leaves the image of someone mooning a bar brawl and everyone stopping to stare, transfixed. Or, perhaps, a captivating donkey.

    (Sigh.) Oh, Spamusement, how I miss thee.

  9. Re:Stop fucking buying from them by GameboyRMH · · Score: 2

    I'd like to know who buys from spammers. I know old grannies fall for 419s but WHO BUYS FROM SPAMMERS!?

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  10. Plz mod me down. by 140Mandak262Jamuna · · Score: 2

    Responded without reading the posting in full. Running away shamefacedly.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact