Design and analysis of a social botnet

Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, Matei Ripeanu

Research output: Contribution to journalArticle

79 Citations (Scopus)

Abstract

Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today's web ecosystem. Unfortunately, in the wrong hands, OSNs can be used to harvest private user data, distribute malware, control botnets, perform surveillance, spread misinformation, and even influence algorithmic trading. Usually, an adversary starts off by running an infiltration campaign using hijacked or adversary-owned OSN accounts, with an objective to connect with a large number of users in the targeted OSN. In this article, we evaluate how vulnerable OSNs are to a large-scale infiltration campaign run by socialbots: bots that control OSN accounts and mimic the actions of real users. We adopted the design of a traditional web-based botnet and built a prototype of a Socialbot Network (SbN): a group of coordinated programmable socialbots. We operated our prototype on Facebook for 8 weeks, and collected data about user behavior in response to a large-scale infiltration campaign. Our results show that (1) by exploiting known social behaviors of users, OSNs such as Facebook can be infiltrated with a success rate of up to 80%, (2) subject to user profile privacy settings, a successful infiltration can result in privacy breaches where even more private user data are exposed, (3) given the economics of today's underground markets, running a large-scale infiltration campaign might be profitable but is still not particularly attractive as a sustainable and independent business, (4) the security of socially-aware systems that use or integrate OSN platforms can be at risk, given the infiltration capability of an adversary in OSNs, and (5) defending against malicious socialbots raises a set of challenges that relate to web automation, online-offline identity binding, and usable security.

Original languageEnglish
Pages (from-to)556-578
Number of pages23
JournalComputer Networks
Volume57
Issue number2
DOIs
Publication statusPublished - 4 Feb 2013
Externally publishedYes

Fingerprint

Infiltration
Ecosystems
Botnet
Automation
Economics
Industry

Keywords

  • Automated social engineering
  • Botnets
  • Online privacy
  • Online social networks
  • Social network security
  • Socialbots

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this

Design and analysis of a social botnet. / Boshmaf, Yazan; Muslukhov, Ildar; Beznosov, Konstantin; Ripeanu, Matei.

In: Computer Networks, Vol. 57, No. 2, 04.02.2013, p. 556-578.

Research output: Contribution to journalArticle

Boshmaf, Y, Muslukhov, I, Beznosov, K & Ripeanu, M 2013, 'Design and analysis of a social botnet', Computer Networks, vol. 57, no. 2, pp. 556-578. https://doi.org/10.1016/j.comnet.2012.06.006
Boshmaf, Yazan ; Muslukhov, Ildar ; Beznosov, Konstantin ; Ripeanu, Matei. / Design and analysis of a social botnet. In: Computer Networks. 2013 ; Vol. 57, No. 2. pp. 556-578.
@article{9469f61666b84481a69306cf7726bc37,
title = "Design and analysis of a social botnet",
abstract = "Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today's web ecosystem. Unfortunately, in the wrong hands, OSNs can be used to harvest private user data, distribute malware, control botnets, perform surveillance, spread misinformation, and even influence algorithmic trading. Usually, an adversary starts off by running an infiltration campaign using hijacked or adversary-owned OSN accounts, with an objective to connect with a large number of users in the targeted OSN. In this article, we evaluate how vulnerable OSNs are to a large-scale infiltration campaign run by socialbots: bots that control OSN accounts and mimic the actions of real users. We adopted the design of a traditional web-based botnet and built a prototype of a Socialbot Network (SbN): a group of coordinated programmable socialbots. We operated our prototype on Facebook for 8 weeks, and collected data about user behavior in response to a large-scale infiltration campaign. Our results show that (1) by exploiting known social behaviors of users, OSNs such as Facebook can be infiltrated with a success rate of up to 80{\%}, (2) subject to user profile privacy settings, a successful infiltration can result in privacy breaches where even more private user data are exposed, (3) given the economics of today's underground markets, running a large-scale infiltration campaign might be profitable but is still not particularly attractive as a sustainable and independent business, (4) the security of socially-aware systems that use or integrate OSN platforms can be at risk, given the infiltration capability of an adversary in OSNs, and (5) defending against malicious socialbots raises a set of challenges that relate to web automation, online-offline identity binding, and usable security.",
keywords = "Automated social engineering, Botnets, Online privacy, Online social networks, Social network security, Socialbots",
author = "Yazan Boshmaf and Ildar Muslukhov and Konstantin Beznosov and Matei Ripeanu",
year = "2013",
month = "2",
day = "4",
doi = "10.1016/j.comnet.2012.06.006",
language = "English",
volume = "57",
pages = "556--578",
journal = "Computer Networks",
issn = "1389-1286",
publisher = "Elsevier",
number = "2",

}

TY - JOUR

T1 - Design and analysis of a social botnet

AU - Boshmaf, Yazan

AU - Muslukhov, Ildar

AU - Beznosov, Konstantin

AU - Ripeanu, Matei

PY - 2013/2/4

Y1 - 2013/2/4

N2 - Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today's web ecosystem. Unfortunately, in the wrong hands, OSNs can be used to harvest private user data, distribute malware, control botnets, perform surveillance, spread misinformation, and even influence algorithmic trading. Usually, an adversary starts off by running an infiltration campaign using hijacked or adversary-owned OSN accounts, with an objective to connect with a large number of users in the targeted OSN. In this article, we evaluate how vulnerable OSNs are to a large-scale infiltration campaign run by socialbots: bots that control OSN accounts and mimic the actions of real users. We adopted the design of a traditional web-based botnet and built a prototype of a Socialbot Network (SbN): a group of coordinated programmable socialbots. We operated our prototype on Facebook for 8 weeks, and collected data about user behavior in response to a large-scale infiltration campaign. Our results show that (1) by exploiting known social behaviors of users, OSNs such as Facebook can be infiltrated with a success rate of up to 80%, (2) subject to user profile privacy settings, a successful infiltration can result in privacy breaches where even more private user data are exposed, (3) given the economics of today's underground markets, running a large-scale infiltration campaign might be profitable but is still not particularly attractive as a sustainable and independent business, (4) the security of socially-aware systems that use or integrate OSN platforms can be at risk, given the infiltration capability of an adversary in OSNs, and (5) defending against malicious socialbots raises a set of challenges that relate to web automation, online-offline identity binding, and usable security.

AB - Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today's web ecosystem. Unfortunately, in the wrong hands, OSNs can be used to harvest private user data, distribute malware, control botnets, perform surveillance, spread misinformation, and even influence algorithmic trading. Usually, an adversary starts off by running an infiltration campaign using hijacked or adversary-owned OSN accounts, with an objective to connect with a large number of users in the targeted OSN. In this article, we evaluate how vulnerable OSNs are to a large-scale infiltration campaign run by socialbots: bots that control OSN accounts and mimic the actions of real users. We adopted the design of a traditional web-based botnet and built a prototype of a Socialbot Network (SbN): a group of coordinated programmable socialbots. We operated our prototype on Facebook for 8 weeks, and collected data about user behavior in response to a large-scale infiltration campaign. Our results show that (1) by exploiting known social behaviors of users, OSNs such as Facebook can be infiltrated with a success rate of up to 80%, (2) subject to user profile privacy settings, a successful infiltration can result in privacy breaches where even more private user data are exposed, (3) given the economics of today's underground markets, running a large-scale infiltration campaign might be profitable but is still not particularly attractive as a sustainable and independent business, (4) the security of socially-aware systems that use or integrate OSN platforms can be at risk, given the infiltration capability of an adversary in OSNs, and (5) defending against malicious socialbots raises a set of challenges that relate to web automation, online-offline identity binding, and usable security.

KW - Automated social engineering

KW - Botnets

KW - Online privacy

KW - Online social networks

KW - Social network security

KW - Socialbots

UR - http://www.scopus.com/inward/record.url?scp=84875215273&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84875215273&partnerID=8YFLogxK

U2 - 10.1016/j.comnet.2012.06.006

DO - 10.1016/j.comnet.2012.06.006

M3 - Article

AN - SCOPUS:84875215273

VL - 57

SP - 556

EP - 578

JO - Computer Networks

JF - Computer Networks

SN - 1389-1286

IS - 2

ER -