research-article

The Doppelgänger Bot Attack: Exploring Identity Impersonation in Online Social Networks

Authors:

Giridhari Venkatadri,

Krishna P. GummadiAuthors Info & Claims

IMC '15: Proceedings of the 2015 Internet Measurement Conference

Pages 141 - 153

https://doi.org/10.1145/2815675.2815699

Published: 28 October 2015 Publication History

Abstract

People have long been aware of malicious users that impersonate celebrities or launch identity theft attacks in social networks. However, beyond anecdotal evidence, there have been no in-depth studies of impersonation attacks in today's social networks. One reason for the lack of studies in this space is the absence of datasets about impersonation attacks. To this end, we propose a technique to build extensive datasets of impersonation attacks in current social networks and we gather 16,572 cases of impersonation attacks in the Twitter social network. Our analysis reveals that most identity impersonation attacks are not targeting celebrities or identity theft. Instead, we uncover a new class of impersonation attacks that clone the profiles of ordinary people on Twitter to create real-looking fake identities and use them in malicious activities such as follower fraud. We refer to these as the doppelgänger bot attacks. Our findings show (i) that identity impersonation attacks are much broader than believed and can impact any user, not just celebrities and (ii) that attackers are evolving and create real-looking accounts that are harder to detect by current systems. We also propose and evaluate methods to automatically detect impersonation attacks sooner than they are being detected in today's Twitter social network.

References

[1]

Bing Maps API. http://www.microsoft.com/maps/developers/web.aspx.

[2]

Get better results with less effort with Mechanical Turk Masters -- The Mechanical Turk blog. http://bit.ly/112GmQI.

[3]

F. Benevenuto, G. Magno, T. Rodrigues, and V. Almeida. Detecting spammers on Twitter. In CEAS'10.

[4]

P. Bhattacharya, M. B. Zafar, N. Ganguly, S. Ghosh, and K. P. Gummadi. Inferring user interests in the twitter social network. In RecSys '14.

Digital Library

[5]

L. Bilge, T. Strufe, D. Balzarotti, and E. Kirda. All your contacts are belong to us: Automated identity theft attacks on social networks. In WWW'09.

Digital Library

[6]

Q. Cao, M. Sirivianos, X. Yang, and T. Pregueiro. Aiding the detection of fake accounts in large scale social online services. In NSDI'12.

Digital Library

[7]

W. W. Cohen, P. Ravikumar, and S. E. Fienberg. A comparison of string distance metrics for name-matching tasks. In IJCAI'03.

[8]

S. Corpus, 2015. http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/backend/snowball/stopwords/.

[9]

O. Goga. Matching User Accounts Across Online Social Networks: Methods and Applications. PhD thesis, Université Pierre et Marie Curie, 2014.

[10]

O. Goga, P. Loiseau, R. Sommer, R. Teixeira, and K. Gummadi. On the reliability of profile matching across large online social networks. In KDD, 2015.

Digital Library

[11]

B.-Z. He, C.-M. Chen, Y.-P. Su, and H.-M. Sun. A defence scheme against identity theft attack based on multiple social networks. Expert Syst. Appl., 2014.

Digital Library

[12]

Internetnews. Microsoft survey: Online 'reputation' counts, 2010. http://www.internetnews.com/webcontent/article.php/3861241/Microsoft+Survey+Online+Reputation+Counts.htm.

[13]

L. Jin, H. Takabi, and J. B. Joshi. Towards active detection of identity clone attacks on online social networks. In CODASPY '11.

Digital Library

[14]

A. M. Kakhki, C. Kliman-Silver, and A. Mislove. Iolaus: Securing online content rating systems. In WWW'13.

[15]

M. Y. Kharaji, F. S. Rizi, and M. Khayyambashi. A new approach for finding cloned profiles in online social networks. International Journal of Network Security, 2014.

[16]

Klout. Klout, 2014. http://klout.com/.

[17]

G. Kontaxis, I. Polakis, S. Ioannidis, and E. Markatos. Detecting social network profile cloning. In PERCOM'11.

[18]

D. G. Lowe. Distinctive image features from scale-invariant keypoints. Int. J. Comput. Vision, 2004.

Digital Library

[19]

Mediabistro. Was twitter right to suspend 'christopher walken'?, 2009. https://www.mediabistro.com/alltwitter/was-twitter-right-to-suspend-christopher-walken_b5021.

[20]

A. Mislove, A. Post, K. P. Gummadi, and P. Druschel. Ostra: Leveraging trust to thwart unwanted communication. In NSDI'08.

Digital Library

[21]

M. Mondal, B. Viswanath, A. Clement, P. Druschel, K. P. Gummadi, A. Mislove, and A. Post. Defending against large-scale crawls in online social networks. In CoNEXT'12.

Digital Library

[22]

Nairobiwire. Sonko's facebook impersonator arrested, 2014. http://nairobiwire.com/2014/07/mike-sonko-arrested-swindling-public.html?utm_source=rss&utm_medium=rss&utm_campaign=mike-sonko-arrested-swindling-public.

[23]

D. Perito, C. Castelluccia, M. Ali Kâafar, and P. Manils. How unique and traceable are usernames? In Proceedings of the 11th Privacy Enhancing Technologies Symposium (PETS), 2011.

Digital Library

[24]

Phash. http://www.phash.org.

[25]

A. Post, V. Shah, and A. Mislove. Bazaar: Strengthening user reputations in online marketplaces. In NSDI'11.

Digital Library

[26]

Seattlepi. Racism and twitter impersonation prompt lawsuit for kirkland teen, 2010. http://www.seattlepi.com/local/sound/article/Racism-and-Twitter-impersonation-prompt-lawsuit-893555.php.

[27]

Social Intelligence Corp. http://www.socialintel.com/.

[28]

Spokeo. http://www.spokeo.com/.

[29]

T. Stein, E. Chen, and K. Mangla. Facebook immune system. In SNS'11.

Digital Library

[30]

Turnto23. Impersonator continuously creating fake facebook profiles of a well known bakersfield pastor. http://www.turnto23.com/news/local-news/impersonator-continuously-creating-fake-facebook-profiles-of-a-bakersfield-pastor.

[31]

Twitter. Explaining twitter's efforts to shut down spam. https://blog.twitter.com/2012/shutting-down-spammers, 2012.

[32]

Twitter. Twitter reporting impersonation accounts, 2014. https://support.twitter.com/articles/20170142-reporting-impersonation-accounts.

[33]

B. Viswanath, M. A. Bashir, M. Crovella, S. Guha, K. Gummadi, B. Krishnamurthy, and A. Mislove. Towards detecting anomalous user behavior in online social networks. In USENIX Security'14.

Digital Library

[34]

B. Viswanath, M. A. Bashir, M. B. Zafar, L. Espin, K. P. Gummadi, and A. Mislove. Trulyfollowing: Discover twitter accounts with suspicious followers. http://trulyfollowing.app-ns.mpi-sws.org/, April 2012. Last accessed Sept 6, 2015.

[35]

B. Viswanath, M. Mondal, A. Clement, P. Druschel, K. Gummadi, A. Mislove, and A. Post. Exploring the design space of social network-based sybil defenses. In COMSNETS'12.

[36]

B. Viswanath, A. Post, K. P. Gummadi, and A. Mislove. An analysis of social network-based sybil defenses. In SIGCOMM '10.

Digital Library

[37]

G. Wang, M. Mohanlal, C. Wilson, X. Wang, M. J. Metzger, H. Zheng, and B. Y. Zhao. Social turing tests: Crowdsourcing sybil detection. In NDSS'13.

[38]

Wikibin. Employers using social networks for screening applicants, 2008. http://wikibin.org/articles/employers-using-social-networks-for-screening-applicants.html.

[39]

H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. Sybilguard: Defending against sybil attacks via social networks. In SIGCOMM '06.

Digital Library

[40]

C. M. Zhang and V. Paxson. Detecting and analyzing automated activity on twitter. In PAM'11.

Digital Library

Cited By

Lepipas ABorovykh ADemetriou SQuek TGao DZhou JCardenas A(2024)Username Squatting on Online Social Networks: A Study on XProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637637(621-637)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637637
Harjani TBasol MRoozenbeek Jvan der Linden S(2023)Gamified Inoculation Against Misinformation in India: A Randomized Control TrialJournal of Trial and Error10.36850/e123:1(14-56)Online publication date: 27-Feb-2023
https://doi.org/10.36850/e12
CHEN ZOMOTE K(2023)Preventing SNS Impersonation: A Blockchain-Based ApproachIEICE Transactions on Information and Systems10.1587/transinf.2022ICP0003E106.D:9(1354-1363)Online publication date: 1-Sep-2023
https://doi.org/10.1587/transinf.2022ICP0003
Show More Cited By

Index Terms

The Doppelgänger Bot Attack: Exploring Identity Impersonation in Online Social Networks
1. Information systems
  1. World Wide Web
    1. Web applications
      1. Internet communications tools

Recommendations

Distributed denial of service attacks and its defenses in IoT: a survey
Abstract
A distributed denial of service (DDoS) attack is an attempt to partially or completely shut down the targeted server with a flood of internet traffic. The primary aim of this attack is to disrupt regular traffic flow to the victim’s server or ...
A defence scheme against Identity Theft Attack based on multiple social networks

Recently, on-line social networking sites become more and more popular. People like to share their personal information such as their name, birthday and photos on these public sites. However, personal information could be misused by attackers. One kind ...
Adv-Bot: Realistic adversarial botnet attacks against network intrusion detection systems
Abstract
Due to the numerous advantages of machine learning (ML) algorithms, many applications now incorporate them. However, many studies in the field of image classification have shown that MLs can be fooled by a variety of adversarial attacks. These ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

IMC '15: Proceedings of the 2015 Internet Measurement Conference

October 2015

550 pages

ISBN:9781450338486

DOI:10.1145/2815675

General Chairs:
Kenjiro Cho
IIJ/Keio University
,
Kensuke Fukuda
NII/Sokendai
,
Program Chairs:
Vivek Pai
Google
,
Neil Spring
University of Maryland

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMETRICS: ACM Special Interest Group on Measurement and Evaluation
SIGCOMM: ACM Special Interest Group on Data Communication
USENIX Assoc: USENIX Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 October 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

IMC '15

Sponsor:

SIGMETRICS
SIGCOMM
USENIX Assoc

IMC '15: Internet Measurement Conference

October 28 - 30, 2015

Tokyo, Japan

Acceptance Rates

IMC '15 Paper Acceptance Rate 31 of 96 submissions, 32%;

Overall Acceptance Rate 277 of 1,083 submissions, 26%

Upcoming Conference

IMC '24

Sponsor:
sigcomm
sigcomm

ACM Internet Measurement Conference

November 4 - 6, 2024

Madrid , AA , Spain

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

34
Total Citations
View Citations
677
Total Downloads

Downloads (Last 12 months)70
Downloads (Last 6 weeks)7

Reflects downloads up to 26 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lepipas ABorovykh ADemetriou SQuek TGao DZhou JCardenas A(2024)Username Squatting on Online Social Networks: A Study on XProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637637(621-637)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637637
Harjani TBasol MRoozenbeek Jvan der Linden S(2023)Gamified Inoculation Against Misinformation in India: A Randomized Control TrialJournal of Trial and Error10.36850/e123:1(14-56)Online publication date: 27-Feb-2023
https://doi.org/10.36850/e12
CHEN ZOMOTE K(2023)Preventing SNS Impersonation: A Blockchain-Based ApproachIEICE Transactions on Information and Systems10.1587/transinf.2022ICP0003E106.D:9(1354-1363)Online publication date: 1-Sep-2023
https://doi.org/10.1587/transinf.2022ICP0003
Hu BJu XLiu HWu HBi CLu C(2023)Game-based inoculation versus graphic-based inoculation to combat misinformation: a randomized controlled trialCognitive Research: Principles and Implications10.1186/s41235-023-00505-x8:1Online publication date: 31-Jul-2023
https://doi.org/10.1186/s41235-023-00505-x
Gong QLiu YZhang JChen YLi QXiao YWang XHui P(2023)Detecting Malicious Accounts in Online Developer Communities Using Deep LearningIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2023.323783835:10(10633-10649)Online publication date: 1-Oct-2023
https://doi.org/10.1109/TKDE.2023.3237838
Lu HGong DLi ZLiu FLiu F(2023)BotCS: A Lightweight Model for Large-Scale Twitter Bot Detection Comparable to GNN-Based ModelsICC 2023 - IEEE International Conference on Communications10.1109/ICC45041.2023.10278669(2870-2876)Online publication date: 28-May-2023
https://doi.org/10.1109/ICC45041.2023.10278669
Shafiei HDadlani A(2022)Detection of fickle trolls in large-scale online social networksJournal of Big Data10.1186/s40537-022-00572-99:1Online publication date: 19-Feb-2022
https://doi.org/10.1186/s40537-022-00572-9
Patro GPorcaro LMitchell LZhang QZehlike MGarg N(2022)Fair ranking: a critical review, challenges, and future directionsProceedings of the 2022 ACM Conference on Fairness, Accountability, and Transparency10.1145/3531146.3533238(1929-1942)Online publication date: 21-Jun-2022
https://dl.acm.org/doi/10.1145/3531146.3533238
Drury BDrury SRahman MUllah I(2022)A social network of crime: A review of the use of social networks for crime and the detection of crimeOnline Social Networks and Media10.1016/j.osnem.2022.10021130(100211)Online publication date: Jul-2022
https://doi.org/10.1016/j.osnem.2022.100211
Chen ZOmote K(2022)Building a Blockchain-Based Social Network Identification SystemAdvanced Information Networking and Applications10.1007/978-3-030-99587-4_39(468-479)Online publication date: 31-Mar-2022
https://doi.org/10.1007/978-3-030-99587-4_39
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents