Slashdot Mirror

← Back to Stories (view on slashdot.org)

Graphing Internet Interaction To Spot Spammers

Posted by samzenpus on from the friends-don't-spam dept.

Gunkerty Jeb writes "Spammers, it turns out, aren't like everyone else: they have fewer friends. 'Social Graphs for Online Service Security,' a study done by researchers Yinglian Xie and Fang Yu, uses studies of legitimate and malicious social network usage to spot bogus email accounts that are used to push spam, malware, and otherwise malicious links. The researchers are analyzing natural social connections between users on the Web that are difficult for attackers or botnets to replicate. Spotting a spammer isn't hard, they say, when you look at his or her patterns of communication."

5 of 53 comments (clear)

  1. That's because it's not required yet. by JLennox · · Score: 5, Interesting

    I used to run a 200~400+ user IRC channel on DALnet over a decade ago and we would get spammers in there.

    So I made a bot that would rejoin the channel at a set interval and ban anyone who messaged it.

    Then they made them detect that it was an op's ip, even though the bot wasn't op. So I started using a different host name.

    Then they made it so that the bot used 2 connections, one to send the message and wasn't in the channel, and one to sit in the channel to tell the other connection who to spam. So I made my bot detect the identical hosts.

    Then they started using different hosts. So I made it log who has and hasn't talked in the channel and notify me. I'd whois those people and join the other channels they were in waiting to find a common channel getting spammed. I'm assuming if they realized the weak link in the chain was me detecting who has and hasn't talked, they'd of made it say hurf durf randomly.

    Once you require the spam bots to have friends, they'll have friends. Your solution is a temporary one.

    1. Re:That's because it's not required yet. by rm999 · · Score: 4, Insightful

      I work in preventing fraud, and I completely agree with your point. In any kind of maliciousness detection, there will be patterns you can find that will immediately stop a large % of the bad guys. But the bad guys won't retire, they will run to another corner, and you will have to chase them.

      That isn't to say it's not worth trying to stop them. Quite the opposite: the more you chase them around, the more robust your system becomes, and the harder it will be for casual bad guys to attack your system.

  2. Slippery slope by Tsar · · Score: 4, Insightful

    I'm starting to think that a social graph is going to be the 21st century version of the fingerprint, except it will describe WHAT you are rather than WHO you are. Botnet, AI, Muslim, Baptist, college-educated straight Irish-American middle-child female... Who'd like to guess what the total annual budget is already for this kind of research? How much money and manpower would the Department Homeland Security be willing to invest to keep Facebook et al popular with their target audience, so the cheap social graph data keeps flowing?

  3. According to Microsoft researchers by fatphil · · Score: 3, Funny

    Spam will be a thing of the past in two years' time.
            * BBC News (24 January 2004)

    --
    Also FatPhil on SoylentNews, id 863
  4. Chain emails? by psithurism · · Score: 5, Funny

    Don't you think this might incorrectly flag people who send out lots of chain emails to all their friends?

    I, for one, hope so.