我們開發了一個應用程式-Itus,目的是自動、即時地為使用者找出已經加入的社團中是否存在著惡意社團。除了使用Facebook API取得使用者的社團資訊、成員互動程度之外,更進一步地分析成員間的邀請紀錄,將被攻擊者濫用的邀請機制轉化為偵測方式。我們使用support vector machine進行資料訓練及預測,實驗結果顯示邀請紀錄能夠有效地改善Itus的準確率,且誤判率在目前存在的自動偵測惡意社團機制中是最低的。 ;Facebook is the largest online social network, and total number of daily active users on Facebook is more than 802 million in March 2014. Unfortunately, attackers are also expanding their territory to Facebook to propagate spam. One of the ways to propagate spam on Facebook is using Facebook Groups.
Group’s members can invite their friends to join the Group without invitees’ permission. However, questions then arise about the friendly invitation mechanism. Using fake or compromised accounts, attackers can spread invitation to all friends, that is, not only the compromised account, but all his friends become the victims. Then the victims start to receive notifications by default when any member posts in the Group’s Wall, even though they have not visited these Groups.
The Facebook report mechanism cannot effectively detect spamming Groups. Many active spamming Groups have survived for five months at least. In this paper, we develop Itus to identify spamming Groups and protect Facebook users from them. In addition to extracting the static features from Facebook Groups, we are concerned with relationship between members and social activities in a Group. This work is hard to implement because we have to crawl the Group’s invitation records manually to find out the relations of members which Facebook does not provide due to the privacy concern.
The invitation records are major contributors to improve accuracy of our mechanism. Experimental results employed a support vector machine (SVM) on identifying spamming Groups, showing that the best total error rate of Itus is 3.27%. In the future, we will try to cooperate with Facebook, accessing these sensitive data which have become anonymous to prevent users’ personal information from being breached and illegally used.
