TWC: Medium: Collaborative: Online Social Network Fraud and Attack Research and Identification

TWC：媒介：协作：在线社交网络欺诈和攻击研究与识别

• 批准号: 1564039
• 负责人: Aidong Lu
• 金额: $ 34.34万
• 依托单位: University of North Carolina at Charlotte
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-07-01 至 2022-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1564039&HistoricalAwards=false
• 关键词: TWC; Medium; Collaborative; Online; Social

Online social networks (OSNs) face various forms of fraud and attacks, such as spam, denial of service, Sybil attacks, and viral marketing. In order to build trustworthy and secure OSNs, it has become critical to develop techniques to analyze and detect OSN fraud and attacks. Existing OSN security approaches usually target a specific type of OSN fraud or attack and often fall short of detecting more complex attacks such as collusive attacks that involve many fraudulent OSN accounts, or dynamic attacks that encompass multiple attack phases over time. This research, dubbed oSAFARI (Online SociAl network Fraud and Attack Research and Identification), models, analyzes and characterizes OSN frauds and attacks; designs, develops, and evaluates a new approach to detecting static OSN frauds and attacks; and further enhances the approach to handle dynamic attacks with multiple phases. The research team plans to develop a new course focused on OSN attacks and defenses, which has the potential to be offered across many institutions. To increase public security awareness, the team also plans to develop tutorial courses on typical OSN attacks and their defense and offer them at popular public events and in freshman classes. The research team will broadly disseminate their results, tools, software, and documents to the research community, IT industries, and to OSN companies. This project embraces a systematic, comprehensive study of OSN frauds and attacks. It models OSN threats by viewing an OSN as a graph embedded with attacker nodes and edges, identifies and analyzes specific forms of frauds and attacks, and evaluates state-of-the-art attack analysis and defense approaches. It develops a spectral-analysis-based framework for OSN fraud and attack detection. The framework transforms topological information of an OSN graph into patterns formed by spectral coordinates in the spectral space, and introduces the use of the spectral graph perturbation theory to more easily model and capture changes of spectral coordinates for attacker, victim, and regular nodes. Further, this research develops spectral-analysis-based detection approaches for complex networks where nodes can carry attributes and edges can be negative, weighted, or asymmetric. Through a novel combination of the network dynamics and the vector autoregressive model, it develops an automatic spectral-analysis-based approach to detecting dynamic attacks while avoiding the high cost and low accuracy of traditional approaches. It also transforms attack characteristics from high-dimensional spectral spaces into distinctive visual patterns, and develops interactive mechanisms for analysts to incorporate domain knowledge and flexibly handle attacks. The research team will build a simulation framework to evaluate the detection approaches against different types of OSN attacks, where one can plug in different OSN datasets to evaluate and compare different detection approaches. Moreover, the research team will build a prototype oSAFARI on top of an OSN, and evaluate how oSAFARI can withstand various attacks in a real setting.

在线社交网络（osn）面临各种形式的欺诈和攻击，例如垃圾邮件、拒绝服务、Sybil攻击和病毒式营销。为了构建可靠、安全的OSN，开发OSN欺诈和攻击的分析和检测技术已成为关键。现有的OSN安全方法通常针对特定类型的OSN欺诈或攻击，往往无法检测更复杂的攻击，例如涉及多个欺诈OSN账户的合谋攻击，或者包含多个攻击阶段的动态攻击。这项研究被称为oSAFARI（在线社交网络欺诈和攻击研究与识别），对OSN欺诈和攻击进行建模、分析和表征；设计、开发和评估一种检测静态OSN欺诈和攻击的新方法；进一步增强了处理多阶段动态攻击的方法。研究小组计划开发一门以OSN攻击和防御为重点的新课程，这门课程有可能在许多机构中提供。为了提高公众的安全意识，该团队还计划开发关于典型OSN攻击及其防御的教程，并在受欢迎的公共活动和新生课程中提供这些课程。研究小组将向研究界、IT行业和OSN公司广泛传播他们的研究成果、工具、软件和文档。该项目包括对OSN欺诈和攻击进行系统、全面的研究。通过将OSN视为嵌入攻击者节点和边的图，对OSN的威胁进行建模，识别和分析特定的欺诈和攻击形式，并评估最新的攻击分析和防御方法。开发了基于频谱分析的OSN欺诈和攻击检测框架。该框架将OSN图的拓扑信息转换为光谱空间中由谱坐标构成的模式，并引入谱图摄动理论，更方便地建模和捕捉攻击者、受害者和规则节点的谱坐标变化。此外，本研究开发了基于频谱分析的复杂网络检测方法，其中节点可以携带属性，边缘可以是负的、加权的或不对称的。通过网络动力学与向量自回归模型的新颖结合，开发了一种基于自动频谱分析的动态攻击检测方法，避免了传统方法成本高、准确率低的问题。该方法还将攻击特征从高维光谱空间转化为独特的视觉模式，并开发了交互机制，便于分析人员整合领域知识，灵活应对攻击。研究团队将构建一个仿真框架来评估针对不同类型OSN攻击的检测方法，其中可以插入不同的OSN数据集来评估和比较不同的检测方法。此外，研究团队将在OSN之上构建oSAFARI原型，并评估oSAFARI如何在真实环境中抵御各种攻击。