||Facebook is the largest online social network, and total number of daily active users on Facebook is more than 802 million in March 2014. Unfortunately, attackers are also expanding their territory to Facebook to propagate spam. One of the ways to propagate spam on Facebook is using Facebook Groups. |
Group’s members can invite their friends to join the Group without invitees’ permission. However, questions then arise about the friendly invitation mechanism. Using fake or compromised accounts, attackers can spread invitation to all friends, that is, not only the compromised account, but all his friends become the victims. Then the victims start to receive notifications by default when any member posts in the Group’s Wall, even though they have not visited these Groups.
The Facebook report mechanism cannot effectively detect spamming Groups. Many active spamming Groups have survived for five months at least. In this paper, we develop Itus to identify spamming Groups and protect Facebook users from them. In addition to extracting the static features from Facebook Groups, we are concerned with relationship between members and social activities in a Group. This work is hard to implement because we have to crawl the Group’s invitation records manually to find out the relations of members which Facebook does not provide due to the privacy concern.
The invitation records are major contributors to improve accuracy of our mechanism. Experimental results employed a support vector machine (SVM) on identifying spamming Groups, showing that the best total error rate of Itus is 3.27%. In the future, we will try to cooperate with Facebook, accessing these sensitive data which have become anonymous to prevent users’ personal information from being breached and illegally used.
|| Facebook Newsroom. Company Info. http://newsroom.fb.com/company-info/|
 Ya-Shan You. A Study on Facebook for Spamming Group Detection. National Tsing Hua University, August, 2013.
 Criminal Investigation Bureau. Fraud uncovered on Facebook Group. http://www.cib.gov.tw/english/News/Detail/29461
 Criminal Investigation Bureau. Fraud on Facebook Group increased. http://www.cib.gov.tw/News/BulletinDetail/2642
 Facebook. What is Facebook doing to protect me from spam? https://www.facebook.com/help/637109102992723/
 Christian Kreibich, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage. Spamcraft: an inside look at spam campaign orchestration. In Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more, 2009
 Yinglian Xie, Fang Yu, Kannan Achan, Rina Panigrahy, Geoff Hulten, and Ivan Osipkov. Spamming botnets: signatures and characteristics. In Proceedings of the ACM SIGCOMM conference on Data communication, 2008.
 Md Sazzadur Rahman, Ting-Kai Huang, Harsha V. Madhyastha, Michalis Faloutsos. Efficient and Scalable Socware Detection in Online Social Networks. USENIX Security Symposium, 2012.
 TonyQ. Facebook Advertisement Checker. http://spamGroup.tonyq.org/
 Hongyu Gao, Jun Hu, Christo Wilson, Zhichun Li, Yan Chen, Ben Y. Zhao. Detecting and characterizing social spam campaigns. ACM Conference on Computer and Communications Security, 2010.
 Facebook. Facebook Developers. https://developers.facebook.com/
 Gang Wang, Tristan Konolige, Christo Wilson, Xiao Wang, Haitao Zheng and Ben Y. Zhao. You are How You Click: Clickstream Analysis for Sybil Detection. USENIX Security Symposium, 2013.
 Chrome. What are extensions?
 Chih-Chung Chang and Chih-Jen Lin. LIBSVM -- A Library for Support Vector Machines. http://www.csie.ntu.edu.tw/~cjlin/libsvm/
 Facebook. Platform Status. https://developers.facebook.com/status/
 TonyQ. Open-source Code of Facebook Advertisement Checker. https://github.com/tony1223/spam-group