Shailendra Rathore

Social network security: Issues, challenges, threats, and solutions

Abstract Social networks are very popular in todays world. Millions of people use various forms of social networks as they allow individuals to connect with friends and family, and share private information. However, issues related to maintaining the privacy and security of a users information can occur, especially when the users uploaded content is multimedia, such as photos, videos, and audios. Uploaded multimedia content carries information that can be transmitted virally and almost instantaneously within a social networking site and beyond. In this paper, we present a comprehensive survey of different security and privacy threats that target every user of social networking sites. In addition, we separately focus on various threats that arise due to the sharing of multimedia content within a social networking site. We also discuss current state-of- the-art defense solutions that can protect social network users from these threats. We then present future direction and discuss some easy-to-apply response techniques to achieve the goal of a trustworthy and secure social network ecosystem.

XSSClassifier: An Efficient XSS Attack Detection Approach Based on Machine Learning Classifier on SNSs

Social networking services (SNSs) such as Twitter, MySpace, and Facebook have become progressively significant with its billions of users. Still, alongside this increase is an increase in security threats such as crosssite scripting (XSS) threat. Recently, a few approaches have been proposed to detect an XSS attack on SNSs. Due to the certain recent features of SNSs webpages such as JavaScript and AJAX, however, the existing approaches are not efficient in combating XSS attack on SNSs. In this paper, we propose a machine learningbased approach to detecting XSS attack on SNSs. In our approach, the detection of XSS attack is performed based on three features: URLs, webpage, and SNSs. A dataset is prepared by collecting 1,000 SNSs webpages and extracting the features from these webpages. Ten different machine learning classifiers are used on a prepared dataset to classify webpages into two categories: XSS or non-XSS. To validate the efficiency of the proposed approach, we evaluated and compared it with other existing approaches. The evaluation results show that our approach attains better performance in the SNS environment, recording the highest accuracy of 0.972 and lowest false positive rate of 0.87.

SpamSpotter: An efficient spammer detection framework based on intelligent decision support system on Facebook

Abstract Facebook is one of the most popular and leading social network services online. With the increasing amount of users on Facebook, the probability of broadcasting spam content on it is also escalating day by day. There are a few existing techniques to combat spam on Facebook. However, due to the public unavailability of critical pieces of Facebook information, like profiles, network information, an unlimited number of posts and more, the existing techniques do not work efficiently for detecting many spammers. In this paper, we propose an efficient spammer detection framework (we called as SpamSpotter) that distinguishes spammers from legitimate users on Facebook. Based on Facebooks recent characteristics, the framework introduces a novel feature set to facilitate spammer detection. We use a baseline dataset from Facebook that included 300 spammers and 700 legitimate user profiles. The baseline dataset contains a set of features for each profile, which are extracted using a novel dataset construction mechanism. In addition, an intelligent decision support system that uses eight different machine learning classifiers on the baseline dataset is designed to distinguish spammers from legitimate users. To evaluate the efficiency and accuracy of our proposed framework, we implemented and compared it with existing frameworks. The evaluation results demonstrate that our proposed framework is accurate and efficient to deliver first-rate performance. It attains a higher accuracy of 0.984 and Mathew correlation coefficient of 0.977.

MTD-Spamguard: a moving target defense-based spammer detection system in social network

Machine learning classifiers are currently the state of the art for spammer detection tasks in SNSs. Note, however, that these classifiers fail to detect adaptive spammers that dynamically change their spamming strategies or behaviors and attempt to pose as legitimate users. In this paper, we propose an efficient spammer detection system (which we call MTD-Spamguard) wherein the notion of MTD is applied to increase the robustness of well-known machine learning classifiers against the adaptive spammers in SNSs. The system introduces a new method of MTD wherein the concept of differential immunity of different classifiers is employed to detect the spammers. To classify a single user in the test dataset, we pick one of the appropriate trained classifiers from multiple classifiers and then use its classification output. To choose the appropriate classifier, we design an effective classifier switching strategy by formulating the interaction of users (normal users and spammers) and detector (which hosts the machine learning classifier) as a repeated Bayesian Stackelberg game. The classifier switching strategy provides strong Stackelberg equilibrium between users and detector, maximizing the accuracy of classification and reducing the misclassification of spammers. The system achieves 30% gain in classification accuracy over the Facebook dataset (constructed in our recent work).

A novel framework for internet of knowledge protection in social networking services

Abstract With the increasing number of users on Social Networking Service (SNS), the Internet of knowledge shared on it is also increasing. Given such enhancement of Internet of knowledge on SNS, the probability of spreading spammers on it is also increasing day by day. Several traditional machine-learning methods, such as support vector machines and naive Bayes, have been proposed to detect spammers on SNS. Note, however, that these methods are not efficient due to some issues, such as lower generalization performance and higher training time. An Extreme Learning Machine (ELM) is an efficient classification method that can provide good generalization performance at higher training speed. Nonetheless, it suffers from overfitting and ill-posed problem that can degrade its generalization performance. In this paper, we propose a Bagging ELM-based spammer detection framework that identifies spammers in SNSs with the help of multiple ELMs that we combined using the bagging method. We constructed a labeled dataset of the two most prominent SNSs -- Twitter and Facebook -- to evaluate the performance of our framework. The evaluation results show that our framework obtained higher generalization performance rate of 99.01% for the Twitter dataset and 99.02% for the Facebook datasets, while required a lower training time of 1.17u202fs and 1.10s, respectively.

Semi-supervised learning based distributed attack detection framework for IoT

Abstract Alongside the development of Internet of Things (IoT), security attacks are also increasing day by day. A number of centralized attack detection mechanisms have been proposed to detect attacks in IoT, wherein an attack detection system is deployed at the central point in the network that collects data from the network and classifies it as “attack” or “normal” using a supervised machine learning algorithm. Note, however, that these mechanisms have failed to achieve significant results due to the distinct requirements of IoT devices, such as scalability, distribution, resource limitations, and low latency. Moreover, the application of supervised machine learning for classification needs a significant amount of labeled data. In this paper, we introduce a fog-based attack detection framework that relies on the fog computing paradigm and a newly proposed ELM-based Semi-supervised Fuzzy C-Means (ESFCM) method. As an extension of cloud computing, fog computing enables attack detection at the network edge and supports distributed attack detection. The ESFCM method uses a semi-supervised fuzzy c-means algorithm to handle the labeled data issue and an Extreme Learning Machine (ELM) algorithm to provide good generalization performance at a faster detection rate. The evaluation was performed on the NSL-KDD dataset, demonstrating that the proposed framework achieved better performance than the centralized attack detection framework. More specifically, it recorded a lower detection time of 11 milliseconds and an accuracy rate of 86.53%.