Masarah Paquet-Clouston
ABSTRACT
The size of a social media account's audience -- in terms of followers or friends count -- is believed to be a good measure of its influence and popularity. To gain quick artificial popularity on online social networks (OSN), one can buy likes, follows and views, from social media fraud (SMF) services. SMF is the generation of likes, follows and views on OSN such as Facebook, Twitter, YouTube, and Instagram. Using a research method that combines computer sciences and social sciences, this paper provides a deeper understanding of the illicit market for SMF. It conducts a market price analysis for SMF, describes the operations of a supplier -- an Internet of things (IoT) botnet performing SMF -- and provides a profile of the potential customers of such fraud. The paper explains how an IoT botnet conducts social network manipulation and illustrates that the fraud is driven by OSN users, mainly entertainers, small online shops and private users. It also illustrates that OSN strategy to suspend fake accounts only cleans the networks a posteriori of the fraud and does not deter the crime -- the botnet -- or the fraud -- SMF -- from happening. Several solutions to deter the fraud are provided.
- Alsaleh, M., Alarifi A., Al-Salman, A. M., Alfayez, M. and Almuhaysin, A. 2014. TSD: Detecting Sybil Accounts in Twitter. In Proceedings of the 13th International Conference on Machine Learning and Applications. IEEE, Detroit, MI, 463--469. Google Scholar
Digital Library
- Beutel, A., Xu, W., Guruswami, V., Palow, C. and Faloutsos, C. 2013. CopyCatch: stopping group attacks by spotting lockstep behavior in social networks. In Proceedings of the 22nd international conference on World Wide Web. ACM, New York, NY, 119--130. Google ScholarDigital Library
- Bilge, L., Strufe T., Balzarotti, D. and Kirda E. 2009. All your contacts are belong to us: Automated identity theft attacks on social networks. In Proceedings of the 18th international conference on World wide web. WWW, Madrid, Spain, 551--560. Google ScholarDigital Library
- Bilodeau, O. 2015. Telnet Support for Cowrie. Cowrie GitHub Repository, available at: https://github.com/micheloosterhof/cowrie/pull/222.Google Scholar
- Bilodeau, O. and Dupuy, T. 2015. Dissecting Linux/Moose: The Analysis of a Linux Router-Based Worm Hungry for Social Networks. ESET Research Technical Report, Montreal, QC, available at: http://www.welivesecurity.com/2016/11/02/linuxmoose-still-breathing/.Google Scholar
- Boshmaf, Y., Muslukhov, I., Beznosov, K., and Ripeanu, M. 2011. The socialbot network: when bots socialize for fame and money. In Proceedings of the 27th annual computer security applications conference, ACM, Florida, USA, 93--102. Google ScholarDigital Library
- Cao, Q., Yang, X., Yu, J. and Palow, C. 2014. Uncovering large groups of active malicious accounts in online social networks. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. ACM, Scottsdale, Arizona, 477--488. Google ScholarDigital Library
- Cha, M., Haddadi, H., Benevenuto, F. and Gummadi, K. P. 2013. Measuring user influence in Twitter: The million follower fallacy. In Proceedings of the Fourth International Conference on Weblogs and Social Media. AAAI, Washington, DC, 30. Available at: http://www.aaai.org/Library/ICWSM/icwsm10contents.php.Google Scholar
- De Cristofaro, E., Friedman, A., Jourjon, G., Kaafar, M. A. and Shafiq, M. Z. 2014. Paying for likes?: Understanding Facebook like fraud using honeypots. In Proceedings of the 2014 Conference on Internet Measurement Conference. ACM, Vancouver, BC, 129--136. Google ScholarDigital Library
- De Vries, L., Gensler, S. and Leeflang, P. S. 2012. Popularity of brand posts on brand fan pages: an investigation of the effects of social media marketing. Journal of Interactive Marketing, 26 (01-04-2012), 83--91.Google ScholarCross Ref
- ESET Research. 2016. Linux/Moose: Still Breathing. Blog We Live Security, ESET, Montreal, QC, available at: http://www.welivesecurity.com/2016/11/02/linuxmoose-still-breathing/Google Scholar
- Forelle, M. C., Howard, P. N., Monroy-Hernández, A., and Savage, S. 2015. Political bots and the manipulation of public opinion in Venezuela. Available at SSRN: https://ssrn.com/abstract=2635800Google Scholar
- Freitas, C., Benevenuto, F., Ghosh, S. and Veloso, A. 2015. Reverse engineering socialbot infiltration strategies in Twitter. In Proceedings of the 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining 2015. ACM, Paris, France, 25--32. Google ScholarDigital Library
- Gurajala, S., White, J. S., Hudson, B. and Matthews, J. N., 2015. Fake Twitter accounts: profile characteristics obtained using an activity-based pattern detection approach. In Proceedings of the 2015 International Conference on Social Media & Society. ACM, Toronto, ON, 9. Google ScholarDigital Library
- Ikram, M., Onwuzurike, L., Farooqi, S., De Cristofaro, E., Friedman, A., Jourjon, G., Kaafar, M. A. and Shafiq, M. Z. 2015. Combating Fraud in Online Social Networks: Detecting Stealthy Facebook Like Farms. Available at: https://arxiv.org/abs/1506.00506v3.Google Scholar
- Nguyen, C. 2016. What Life for a Bangladeshi Click Farmer Looks Like. Motherboard--Vice. Published 30 March 2016 at: http://motherboard.vice.com/read/what-life-for-a-bangladeshi-click-farmer-looks-like.Google Scholar
- Paquet-Clouston M., Bilodeau, O., Décary-Hétu, D. and Dupuy, T. 2016. EGO MARKET: When Greed for Fame Benefits Large-Scale Botnets. GoSecure Technical Report, Montreal, QC, available at: http://gosecure.net/wpcontent/uploads/2016/11/Ego-Market_When-Greed-for-Fame-Benefits-Large-Scale-Botnets.pdf.Google Scholar
- SC Magazines. 2015. Global efforts take down 37,000 websites selling counterfeit goods, Published 4 December at: https://www.scmagazine.com/global-efforts-take-down-37000-websites-selling-counterfeit-goods/article/533253/Google Scholar
- Stringhini, G., Egele, M., Kruegel, C. and Vigna, G. 2012. Poultry markets: on the underground economy of Twitter followers. In Proceedings of the 2012 ACM Workshop on Online Social Networks. ACM, Helsinki, Finland, 1--6. Google ScholarDigital Library
- Thomas, K., Iatskiv, D., Bursztein, E., Pietraszek, T., Grier, C. and McCoy, D. 2014, November. Dialing back abuse on phone verified accounts. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, Scottsdale, AZ, 465--476. Google ScholarDigital Library
- Thomas, K., McCoy, D., Grier, C., Kolcz, A. and Paxson, V. 2013. Trafficking fraudulent accounts: the role of the underground market in Twitter spam and abuse. In Proceedings of the 22nd USENIX Security Symposium. USENIX Security, Washington, DC, 195--210. Google ScholarDigital Library
- Zhang, J., Zhang, R., Zhang, Y., and Yan, G. 2016. The rise of social botnets: Attacks and countermeasures. IEEE Transactions on Dependable and Secure Computing, 99 (06-04-2016), 1--14.Google Scholar
- Zhang, J., Zhang, R., Zhang, Y., and Yan, G. 2013. On the impact of social botnets for spam distribution and digital-influence manipulation. In Proceedings of the 2013 Communications and Network Security (CNS), Chicago, USA, 46--54.Google Scholar
Index Terms
- Can We Trust Social Media Data? Social Network Manipulation by an IoT Botnet
Recommendations
Social media user classification: based on social capital expectation, susceptibility, and compulsion loop
ICEC '17: Proceedings of the International Conference on Electronic CommerceSocial media such as Facebook, Instagram and Twitter are originally developed as communication tools among individuals for private conversations. Through the platforms, people share photos, stories and news with their social media friends to interact ...
Mining social media with social theories: a survey
The increasing popularity of social media encourages more and more users to participate in various online activities and produces data in an unprecedented rate. Social media data is big, linked, noisy, highly unstructured and in- complete, and differs ...
Comments