Graphing Internet Interaction To Spot Spammers

Gunkerty Jeb writes "Spammers, it turns out, aren't like everyone else: they have fewer friends. 'Social Graphs for Online Service Security,' a study done by researchers Yinglian Xie and Fang Yu, uses studies of legitimate and malicious social network usage to spot bogus email accounts that are used to push spam, malware, and otherwise malicious links. The researchers are analyzing natural social connections between users on the Web that are difficult for attackers or botnets to replicate. Spotting a spammer isn't hard, they say, when you look at his or her patterns of communication."

Slippery slope

[Tsar]

I'm starting to think that a social graph is going to be the 21st century version of the fingerprint, except it will describe WHAT you are rather than WHO you are. Botnet, AI, Muslim, Baptist, college-educated straight Irish-American middle-child female... Who'd like to guess what the total annual budget is already for this kind of research? How much money and manpower would the Department Homeland Security be willing to invest to keep Facebook et al popular with their target audience, so the cheap social graph data keeps flowing?

Re:That's because it's not required yet.

[rm999]

I work in preventing fraud, and I completely agree with your point. In any kind of maliciousness detection, there will be patterns you can find that will immediately stop a large % of the bad guys. But the bad guys won't retire, they will run to another corner, and you will have to chase them.

That isn't to say it's not worth trying to stop them. Quite the opposite: the more you chase them around, the more robust your system becomes, and the harder it will be for casual bad guys to attack your system.