Carlos A. Freitas,Fabrício Benevenuto,Saptarshi Ghosh,Adriano Veloso

DOI: https://doi.org/10.48550/arXiv.1405.4927

2014-05-20

Abstract:Data extracted from social networks like Twitter are increasingly being used to build applications and services that mine and summarize public reactions to events, such as traffic monitoring platforms, identification of epidemic outbreaks, and public perception about people and brands. However, such services are vulnerable to attacks from socialbots $-$ automated accounts that mimic real users $-$ seeking to tamper statistics by posting messages generated automatically and interacting with legitimate users. Potentially, if created in large scale, socialbots could be used to bias or even invalidate many existing services, by infiltrating the social networks and acquiring trust of other users with time. This study aims at understanding infiltration strategies of socialbots in the Twitter microblogging platform. To this end, we create 120 socialbot accounts with different characteristics and strategies (e.g., gender specified in the profile, how active they are, the method used to generate their tweets, and the group of users they interact with), and investigate the extent to which these bots are able to infiltrate the Twitter social network. Our results show that even socialbots employing simple automated mechanisms are able to successfully infiltrate the network. Additionally, using a $2^k$ factorial design, we quantify infiltration effectiveness of different bot strategies. Our analysis unveils findings that are key for the design of detection and counter measurements approaches.

Social and Information Networks,Physics and Society

Norah Abokhodair,Daisy Yoo,David W. McDonald

DOI: https://doi.org/10.1145/2675133.2675208

2016-04-13

Abstract:Social botnets have become an important phenomenon on social media. There are many ways in which social bots can disrupt or influence online discourse, such as, spam hashtags, scam twitter users, and astroturfing. In this paper we considered one specific social botnet in Twitter to understand how it grows over time, how the content of tweets by the social botnet differ from regular users in the same dataset, and lastly, how the social botnet may have influenced the relevant discussions. Our analysis is based on a qualitative coding for approximately 3000 tweets in Arabic and English from the Syrian social bot that was active for 35 weeks on Twitter before it was shutdown. We find that the growth, behavior and content of this particular botnet did not specifically align with common conceptions of botnets. Further we identify interesting aspects of the botnet that distinguish it from regular users.

Computers and Society,Computation and Language,Social and Information Networks

Juan Echeverria,Christoph Besel,Shi Zhou

DOI: https://doi.org/10.48550/arXiv.1709.06740

2017-10-09

Abstract:Many Twitter users are bots. They can be used for spamming, opinion manipulation and online fraud. Recently we discovered the Star Wars botnet, consisting of more than 350,000 bots tweeting random quotations exclusively from Star Wars novels. The bots were exposed because they tweeted uniformly from any location within two rectangle-shaped geographic zones covering Europe and the USA, including sea and desert areas in the zones. In this paper, we report another unusual behaviour of the Star Wars bots, that the bots were created in bursts or batches, and they only tweeted in their first few minutes since creation. Inspired by this observation, we discovered an even larger Twitter botnet, the Bursty botnet with more than 500,000 bots. Our preliminary study showed that the Bursty botnet was directly responsible for a large-scale online spamming attack in 2012. Most bot detection algorithms have been based on assumptions of `common' features that were supposedly shared by all bots. Our discovered botnets, however, do not show many of those features; instead, they were detected by their distinct, unusual tweeting behaviours that were unknown until now.

Social and Information Networks

K. Kiruthika Devi,G. A. Sathish Kumar

DOI: https://doi.org/10.1142/s0218488524500016

2024-02-22

International Journal of Uncertainty, Fuzziness and Knowlege-Based Systems

Abstract:International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, Volume 32, Issue 01, Page 1-20, January 2024. Currently, social media networks such as Facebook and Twitter have evolved into valuable platforms for global communication. However, due to their extensive user bases, Twitter is often misused by illegitimate users engaging in illicit activities. While there are numerous research papers available that delve into combating illegitimate users on Twitter, a common shortcoming in most of these works is the failure to address the issue of class imbalance, which significantly impacts the effectiveness of spam detection. Few other research works that have addressed class imbalance have not yet applied bio-inspired algorithms to balance the dataset. Therefore, we introduce PSOB-U, a particle swarm optimization-based undersampling technique designed to balance the Twitter dataset. In PSOB-U, various classifiers and metrics are employed to select majority samples and rank them. Furthermore, an ensemble learning approach is implemented to combine the base classifiers in three stages. During the training phase of the base classifiers, undersampling techniques and a cost-sensitive random forest (CS-RF) are utilized to address the imbalanced data at both the data and algorithmic levels. In the first stage, imbalanced datasets are balanced using random undersampling, particle swarm optimization-based undersampling, and random oversampling. In the second stage, a classifier is constructed for each of the balanced datasets obtained through these sampling techniques. In the third stage, a majority voting method is introduced to aggregate the predicted outputs from the three classifiers. The evaluation results demonstrate that our proposed method significantly enhances the detection of illegitimate users in the imbalanced Twitter dataset. Additionally, we compare our proposed work with existing models, and the predicted results highlight the superiority of our spam detection model over state-of-the-art spam detection models that address the class imbalance problem. The combination of particle swarm optimization-based undersampling and the ensemble learning approach using majority voting results in more accurate spam detection.

Yukun He,Guangyan Zhang,Jie Wu,Qiang Li

DOI: https://doi.org/10.1002/sec.1475

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:The security implications of social bots are evident in consideration of the fact that data sharing and propagation functionality are well integrated with social media sites. Existing social bots primarily use Really Simple Syndication and OSN online social network application program interface to communicate with OSN servers. Researchers have profiled their behaviors well and have proposed various mechanisms to defend against them. We predict that a web test automation rootkit WTAR is a prospective approach for designing malicious social bots. In this paper, we first present the principles of designing WTAR-based social bots. Second, we implement three WTAR-based bot prototypes on Facebook, Twitter, and Weibo. Third, we validate this new threat by analyzing behaviors of the prototypes in a lab environment and on the Internet, and analyzing reports from widely-used antivirus software. Our analyses show that WTAR-based social bots have the following features: i they do not connect to OSN directly, and therefore produce few network flows; ii they can log in to OSNs easily and perform a variety of social activities; iii they can mimic the behaviors of a human user on an OSN. Finally, we propose several possible mechanisms in order to defend against WTAR-based social bots. Copyright © 2016 John Wiley & Sons, Ltd.

Silvia Mitter,Claudia Wagner,Markus Strohmaier

DOI: https://doi.org/10.48550/arXiv.1402.6289

2014-02-26

Abstract:Online social networks (OSN) like Twitter or Facebook are popular and powerful since they allow reaching millions of users online. They are also a popular target for socialbot attacks. Without a deep understanding of the impact of such attacks, the potential of online social networks as an instrument for facilitating discourse or democratic processes is in jeopardy. In this extended abstract we present insights from a live lab experiment in which social bots aimed at manipulating the social graph of an online social network, in our case Twitter. We explored the link creation behavior between targeted human users and our results suggest that socialbots may indeed have the ability to shape and influence the social graph in online social networks. However, our results also show that external factors may play an important role in the creation of social links in OSNs.

Social and Information Networks,Physics and Society

Maryam Heidari,James H Jr Jones,Ozlem Uzuner

DOI: https://doi.org/10.48550/arXiv.2203.05966

IF: 5.414

2022-03-09

Machine Learning

Abstract:Social media platforms can expose influential trends in many aspects of everyday life. However, the movements they represent can be contaminated by disinformation. Social bots are one of the significant sources of disinformation in social media. Social bots can pose serious cyber threats to society and public opinion. This research aims to develop machine learning models to detect bots based on the extracted user's profile from a Tweet's text. Online users' profile shows the user's personal information, such as age, gender, education, and personality. In this work, the user's profile is constructed based on the user's online posts. This work's main contribution is three-fold: First, we aim to improve bot detection through machine learning models based on the user's personal information generated by the user's online comments. When comparing two online posts, the similarity of personal information makes it difficult to differentiate a bot from a human user. However, this research turns personal information similarity among two online posts into an advantage for the new bot detection model. The new proposed model for bot detection creates user profiles based on personal information such as age, personality, gender, education from users' online posts and introduces a machine learning model to detect social bots with high prediction accuracy based on personal information. Second, create a new public data set that shows the user's profile for more than 6900 Twitter accounts in the Cresci 2017 data set.

Aniket Chandrakant Devle,Julia Ann Jose,Abhay Shrinivas Saraswathula,Shubham Mehta,Siddhant Srivastava,Sirisha Kona,Sudheera Daggumalli

DOI: https://doi.org/10.48550/arXiv.2110.05661

2021-10-12

Social and Information Networks

Abstract:As our reliance on social media platforms and web services increase day by day, exploiters view these platforms as an opportunity to manipulate our thoughts ad actions. These platforms have become an open playground for social bot accounts. Social bots not only learn human conversations, manners, and presence but also manipulate public opinion, act as scammers, manipulate stock markets, and so on. There has been evidence of bots manipulating people's opinions and thoughts which can be a great threat to democracy. Identification and prevention of such campaigns that release or create these bots have become critical. Our goal in this paper is to leverage web mining techniques to help detect fake bots on social media platforms such as Twitter, thereby mitigating the spread of disinformation.

Christopher Braker,Stavros Shiaeles,Gueltoum Bendiab,Nick Savage,Konstantinos Limniotis

DOI: https://doi.org/10.1007/978-3-030-65726-0_16

2021-09-08

Abstract:The openness feature of Twitter allows programs to generate and control Twitter accounts automatically via the Twitter API. These accounts, which are known as bots, can automatically perform actions such as tweeting, re-tweeting, following, unfollowing, or direct messaging other accounts, just like real people. They can also conduct malicious tasks such as spreading of fake news, spams, malicious software and other cyber-crimes. In this paper, we introduce a novel bot detection approach using deep learning, with the Multi-layer Perceptron Neural Networks and nine features of a bot account. A web crawler is developed to automatically collect data from public Twitter accounts and build the testing and training datasets, with 860 samples of human and bot accounts. After the initial training is done, the Multilayer Perceptron Neural Networks achieved an overall accuracy rate of 92%, which proves the performance of the proposed approach.

Cryptography and Security,Artificial Intelligence,Social and Information Networks

Alexander Shevtsov Alexander Shevtsov,Maria Oikonomidou,Despoina Antonakaki,Polyvios Pratikakis,Alexandros Kanterakis,Sotiris Ioannidis,Paraskevi Fragopoulou

DOI: https://doi.org/10.1007/s42979-022-01154-5

2020-10-29

Abstract:A very large number of people use Online Social Networks daily. Such platforms thus become attractive targets for agents that seek to gain access to the attention of large audiences, and influence perceptions or opinions. Botnets, collections of automated accounts controlled by a single agent, are a common mechanism for exerting maximum influence. Botnets may be used to better infiltrate the social graph over time and to create an illusion of community behavior, amplifying their message and increasing persuasion. This paper investigates Twitter botnets, their behavior, their interaction with user communities and their evolution over time. We analyzed a dense crawl of a subset of Twitter traffic, amounting to nearly all interactions by Greek-speaking Twitter users for a period of 36 months. We detected over a million events where seemingly unrelated accounts tweeted nearly identical content at nearly the same time. We filtered these concurrent content injection events and detected a set of 1,850 accounts that repeatedly exhibit this pattern of behavior, suggesting that they are fully or in part controlled and orchestrated by the same software. We found botnets that appear for brief intervals and disappear, as well as botnets that evolve and grow, spanning the duration of our dataset. We analyze statistical differences between bot accounts and human users, as well as botnet interaction with user communities and Twitter trending topics.

Social and Information Networks

Onur Varol,Emilio Ferrara,Clayton A. Davis,Filippo Menczer,Alessandro Flammini

DOI: https://doi.org/10.48550/arXiv.1703.03107

2017-03-28

Abstract:Increasing evidence suggests that a growing amount of social media content is generated by autonomous entities known as social bots. In this work we present a framework to detect such entities on Twitter. We leverage more than a thousand features extracted from public data and meta-data about users: friends, tweet content and sentiment, network patterns, and activity time series. We benchmark the classification framework by using a publicly available dataset of Twitter bots. This training data is enriched by a manually annotated collection of active Twitter users that include both humans and bots of varying sophistication. Our models yield high accuracy and agreement with each other and can detect bots of different nature. Our estimates suggest that between 9% and 15% of active Twitter accounts are bots. Characterizing ties among accounts, we observe that simple bots tend to interact with bots that exhibit more human-like behaviors. Analysis of content flows reveals retweet and mention strategies adopted by bots to interact with different target groups. Using clustering analysis, we characterize several subclasses of accounts, including spammers, self promoters, and accounts that post content from connected applications.

Social and Information Networks

Lanjun Wang,Xinran Qiao,Yanwei Xie,Weizhi Nie,Yongdong Zhang,Anan Liu

DOI: https://doi.org/10.1145/3581783.3612396

2023-01-01

Abstract:Social platforms such as Twitter are under siege from a multitude of fraudulent users. In response, social bot detection tasks have been developed to identify such fake users. Due to the structure of social networks, the majority of methods are based on the graph neural network(GNN), which is susceptible to attacks. In this study, we propose a node injection-based adversarial attack method designed to deceive bot detection models. Notably, neither the target bot nor the newly injected bot can be detected when a new bot is added around the target bot. This attack operates in a black-box fashion, implying that any information related to the victim model remains unknown. To our knowledge, this is the first study exploring the resilience of bot detection through graph node injection. Furthermore, we develop an attribute recovery module to revert the injected node embedding from the graph embedding space back to the original feature space, enabling the adversary to manipulate node perturbation effectively. We conduct adversarial attacks on four commonly used GNN structures for bot detection on two widely used datasets: Cresci-2015 and TwiBot-22. The attack success rate is over 73% and the rate of newly injected nodes being detected as bots is below 13% on these two datasets.

Zhouhan Chen,Devika Subramanian

DOI: https://doi.org/10.48550/arXiv.1804.05232

2018-04-14

Abstract:In recent years, Twitter has seen a proliferation of automated accounts or bots that send spam, offer clickbait, compromise security using malware, and attempt to skew public opinion. Previous research estimates that around 9% to 17% of Twitter accounts are bots contributing to between 16% to 56% of tweets on the medium. This paper introduces an unsupervised approach to detect Twitter spam campaigns in real-time. The bot groups we detect tweet duplicate content with shortened embedded URLs over extended periods of time. Our experiments with the detection protocol reveal that bots consistently account for 10% to 50% of tweets generated from 7 popular URL shortening services on Twitter. More importantly, we discover that bots using shortened URLs are connected to large scale spam campaigns that control thousands of domains. There appear to be two distinct mechanisms used to control bot groups and we investigate both in this paper. Our detection system runs 24/7 and actively collects bots involved in spam campaigns and adds them to an evolving database of malicious bots. We make our database of detected bots available for query through a REST API so others can filter tweets from malicious bots to get high quality Twitter datasets for analysis.

Social and Information Networks

Emilio Ferrara,Onur Varol,Clayton Davis,Filippo Menczer,Alessandro Flammini

DOI: https://doi.org/10.1145/2818717

2017-03-07

Abstract:The Turing test aimed to recognize the behavior of a human from that of a computer algorithm. Such challenge is more relevant than ever in today's social media context, where limited attention and technology constrain the expressive power of humans, while incentives abound to develop software agents mimicking humans. These social bots interact, often unnoticed, with real people in social media ecosystems, but their abundance is uncertain. While many bots are benign, one can design harmful bots with the goals of persuading, smearing, or deceiving. Here we discuss the characteristics of modern, sophisticated social bots, and how their presence can endanger online ecosystems and our society. We then review current efforts to detect social bots on Twitter. Features related to content, network, sentiment, and temporal patterns of activity are imitated by bots but at the same time can help discriminate synthetic behaviors from human ones, yielding signatures of engineered social tampering.

Social and Information Networks,Computers and Society,Data Analysis, Statistics and Probability,Physics and Society

Daniel Alves de Sousa,Elaine Ribeiro de Faria,Rodrigo Sanches Miani

DOI: https://doi.org/10.48550/arXiv.2011.03113

2020-11-05

Cryptography and Security

Abstract:Patch prioritization is a crucial aspect of information systems security, and knowledge of which vulnerabilities were exploited in the wild is a powerful tool to help systems administrators accomplish this task. The analysis of social media for this specific application can enhance the results and bring more agility by collecting data from online discussions and applying machine learning techniques to detect real-world exploits. In this paper, we use a technique that combines Twitter data with public database information to classify vulnerabilities as exploited or not-exploited. We analyze the behavior of different classifying algorithms, investigate the influence of different antivirus data as ground truth, and experiment with various time window sizes. Our findings suggest that using a Light Gradient Boosting Machine (LightGBM) can benefit the results, and for most cases, the statistics related to a tweet and the users who tweeted are more meaningful than the text tweeted. We also demonstrate the importance of using ground-truth data from security companies not mentioned in previous works.

Clayton A. Davis,Onur Varol,Emilio Ferrara,Alessandro Flammini,Filippo Menczer

DOI: https://doi.org/10.1145/2872518.2889302

2016-02-02

Abstract:While most online social media accounts are controlled by humans, these platforms also host automated agents called social bots or sybil accounts. Recent literature reported on cases of social bots imitating humans to manipulate discussions, alter the popularity of users, pollute content and spread misinformation, and even perform terrorist propaganda and recruitment actions. Here we present BotOrNot, a publicly-available service that leverages more than one thousand features to evaluate the extent to which a Twitter account exhibits similarity to the known characteristics of social bots. Since its release in May 2014, BotOrNot has served over one million requests via our website and APIs.

Social and Information Networks

Kai-Cheng Yang,Emilio Ferrara,Filippo Menczer

DOI: https://doi.org/10.1007/s42001-022-00177-5

2022-08-22

Abstract:Social bots have become an important component of online social media. Deceptive bots, in particular, can manipulate online discussions of important issues ranging from elections to public health, threatening the constructive exchange of information. Their ubiquity makes them an interesting research subject and requires researchers to properly handle them when conducting studies using social media data. Therefore, it is important for researchers to gain access to bot detection tools that are reliable and easy to use. This paper aims to provide an introductory tutorial of Botometer, a public tool for bot detection on Twitter, for readers who are new to this topic and may not be familiar with programming and machine learning. We introduce how Botometer works, the different ways users can access it, and present a case study as a demonstration. Readers can use the case study code as a template for their own research. We also discuss recommended practice for using Botometer.

Social and Information Networks

Shaghayegh Najari,Davood Rafiee,Mostafa Salehi,Reza Farahbakhsh

2024-05-03

Abstract:Social bots play a significant role in many online social networks (OSN) as they imitate human behavior. This fact raises difficult questions about their capabilities and potential risks. Given the recent advances in Generative AI (GenAI), social bots are capable of producing highly realistic and complex content that mimics human creativity. As the malicious social bots emerge to deceive people with their unrealistic content, identifying them and distinguishing the content they produce has become an actual challenge for numerous social platforms. Several approaches to this problem have already been proposed in the literature, but the proposed solutions have not been widely evaluated. To address this issue, we evaluate the behavior of a text-based bot detector in a competitive environment where some scenarios are proposed: \textit{First}, the tug-of-war between a bot and a bot detector is examined. It is interesting to analyze which party is more likely to prevail and which circumstances influence these expectations. In this regard, we model the problem as a synthetic adversarial game in which a conversational bot and a bot detector are engaged in strategic online interactions. \textit{Second}, the bot detection model is evaluated under attack examples generated by a social bot; to this end, we poison the dataset with attack examples and evaluate the model performance under this condition. \textit{Finally}, to investigate the impact of the dataset, a cross-domain analysis is performed. Through our comprehensive evaluation of different categories of social bots using two benchmark datasets, we were able to demonstrate some achivement that could be utilized in future works.

Social and Information Networks,Artificial Intelligence,Human-Computer Interaction

Dennis Assenmacher,Leon Fröhling,Claudia Wagner

2024-03-31

Abstract:The characterization and detection of bots with their presumed ability to manipulate society on social media platforms have been subject to many research endeavors over the last decade. In the absence of ground truth data (i.e., accounts that are labeled as bots by experts or self-declare their automated nature), researchers interested in the characterization and detection of bots may want to tap into the wisdom of the crowd. But how many people need to accuse another user as a bot before we can assume that the account is most likely automated? And more importantly, are bot accusations on social media at all a valid signal for the detection of bots? Our research presents the first large-scale study of bot accusations on Twitter and shows how the term bot became an instrument of dehumanization in social media conversations since it is predominantly used to deny the humanness of conversation partners. Consequently, bot accusations on social media should not be naively used as a signal to train or test bot detection models.

Social and Information Networks,Computers and Society

Salvador Lopez-Joya,Jose A. Diaz-Garcia,M. Dolores Ruiz,Maria J. Martin-Bautista

2024-11-11

Abstract:The importance of social media in our daily lives has unfortunately led to an increase in the spread of misinformation, political messages and malicious links. One of the most popular ways of carrying out those activities is using automated accounts, also known as bots, which makes the detection of such accounts a necessity. This paper addresses that problem by investigating features based on the user account profile and its content, aiming to understand the relevance of each feature as a basis for improving future bot detectors. Through an exhaustive process of research, inference and feature selection, we are able to surpass the state of the art on several metrics using classical machine learning algorithms and identify the types of features that are most important in detecting automated accounts.

Social and Information Networks,Artificial Intelligence,Machine Learning