5 research outputs found
Are We All in a Truman Show? Spotting Instagram Crowdturfing through Self-Training
Influencer Marketing generated $16 billion in 2022. Usually, the more popular
influencers are paid more for their collaborations. Thus, many services were
created to boost profiles' popularity metrics through bots or fake accounts.
However, real people recently started participating in such boosting activities
using their real accounts for monetary rewards, generating ungenuine content
that is extremely difficult to detect. To date, no works have attempted to
detect this new phenomenon, known as crowdturfing (CT), on Instagram.
In this work, we propose the first Instagram CT engagement detector. Our
algorithm leverages profiles' characteristics through semi-supervised learning
to spot accounts involved in CT activities. Compared to the supervised
approaches used so far to identify fake accounts, semi-supervised models can
exploit huge quantities of unlabeled data to increase performance. We purchased
and studied 1293 CT profiles from 11 providers to build our self-training
classifier, which reached 95\% F1-score. We tested our model in the wild by
detecting and analyzing CT engagement from 20 mega-influencers (i.e., with more
than one million followers), and discovered that more than 20% was artificial.
We analyzed the CT profiles and comments, showing that it is difficult to
detect these activities based solely on their generated content
Digital fingerprinting for identifying malicious collusive groups on Twitter
Propagation of malicious code on online social networks (OSN) is often a coordinated effort by collusive groups of malicious actors hiding behind multiple online identities (or digital personas). Increased interaction in OSN have made them reliable for the efficient orchestration of cyber-attacks such as phishing click bait and drive-by downloads. URL shortening enables obfuscation of such links to malicious websites and massive interaction with such embedded malicious links in OSN guarantees maximum reach. These malicious links lure users to malicious endpoints where attackers can exploit system vulnerabilities. Identifying the organised groups colluding to spread malware is non-trivial owing to the fluidity and anonymity of criminal digital personas on OSN. This paper proposes a methodology for identifying such organised groups of criminal actors working together to spread malicious links on OSN. Our approach focuses on understanding malicious users as ‘digital criminal personas’ and characteristics of their online existence. We first identify those users engaged in propagating malicious links on OSN platforms, and further develop a methodology to create a digital fingerprint for each malicious OSN account/digital persona. We create similarity clusters of malicious actors based on these unique digital fingerprints to establish ‘collusive’ behaviour. We evaluate the ability of a cluster-based approach on OSN digital fingerprinting to identify collusive behaviour in OSN by estimating within-cluster similarity measures and testing it on a ground truth dataset of five known colluding groups on Twitter. Our results show that our digital fingerprints can identify 90% of cyber-personas engaged in collusive behaviour 75% of collusion in a given sample set