Mitigating Colluding Attacks in Online Social Networks and Crowdsourcing Platforms

Online Social Networks (OSNs) have created new ways for people to communicate, and for companies to engage their customers -- with these new avenues for communication come new vulnerabilities that can be exploited by attackers. This dissertation aims to investigate two attack models: Identity Clone Attacks (ICA) and Reconnaissance Attacks (RA). During an ICA, attackers impersonate users in a network and attempt to infiltrate social circles and extract confidential information. In an RA, attackers gather information on a target\u27s resources, employees, and relationships with other entities over public venues such as OSNs and company websites. This was made easier for the RA to be efficient because well-known social networks, such as Facebook, have a policy to force people to use their real identities for their accounts. The goal of our research is to provide mechanisms to defend against colluding attackers in the presence of ICA and RA collusion attacks. In this work, we consider a scenario not addressed by previous works, wherein multiple attackers collude against the network, and propose defense mechanisms for such an attack. We take into account the asymmetric nature of social networks and include the case where colluders could add or modify some attributes of their clones. We also consider the case where attackers send few friend requests to uncover their targets. To detect fake reviews and uncovering colluders in crowdsourcing, we propose a semantic similarity measurement between reviews and a community detection algorithm to overcome the non-adversarial attack. ICA in a colluding attack may become stronger and more sophisticated than in a single attack. We introduce a token-based comparison and a friend list structure-matching approach, resulting in stronger identifiers even in the presence of attackers who could add or modify some attributes on the clone. We also propose a stronger RA collusion mechanism in which colluders build their own legitimacy by considering asymmetric relationships among users and, while having partial information of the networks, avoid recreating social circles around their targets. Finally, we propose a defense mechanism against colluding RA which uses the weakest person (e.g., the potential victim willing to accept friend requests) to reach their target

Arming the public with artificial intelligence to counter social bots

The increased relevance of social media in our daily life has been accompanied by efforts to manipulate online conversations and opinions. Deceptive social bots -- automated or semi-automated accounts designed to impersonate humans -- have been successfully exploited for these kinds of abuse. Researchers have responded by developing AI tools to arm the public in the fight against social bots. Here we review the literature on different types of bots, their impact, and detection methods. We use the case study of Botometer, a popular bot detection tool developed at Indiana University, to illustrate how people interact with AI countermeasures. A user experience survey suggests that bot detection has become an integral part of the social media experience for many users. However, barriers in interpreting the output of AI tools can lead to fundamental misunderstandings. The arms race between machine learning methods to develop sophisticated bots and effective countermeasures makes it necessary to update the training data and features of detection tools. We again use the Botometer case to illustrate both algorithmic and interpretability improvements of bot scores, designed to meet user expectations. We conclude by discussing how future AI developments may affect the fight between malicious bots and the public.Comment: Published in Human Behavior and Emerging Technologie

Big Networks: Analysis and Optimal Control

The study of networks has seen a tremendous breed of researches due to the explosive spectrum of practical problems that involve networks as the access point. Those problems widely range from detecting functionally correlated proteins in biology to finding people to give discounts and gain maximum popularity of a product in economics. Thus, understanding and further being able to manipulate/control the development and evolution of the networks become critical tasks for network scientists. Despite the vast research effort putting towards these studies, the present state-of-the-arts largely either lack of high quality solutions or require excessive amount of time in real-world `Big Data\u27 requirement. This research aims at affirmatively boosting the modern algorithmic efficiency to approach practical requirements. That is developing a ground-breaking class of algorithms that provide simultaneously both provably good solution qualities and low time and space complexities. Specifically, I target the important yet challenging problems in the three main areas: Information Diffusion: Analyzing and maximizing the influence in networks and extending results for different variations of the problems. Community Detection: Finding communities from multiple sources of information. Security and Privacy: Assessing organization vulnerability under targeted-cyber attacks via social networks

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Twitter and social bots : an analysis of the 2021 Canadian election

Les médias sociaux sont désormais des outils de communication incontournables, notamment lors de campagnes électorales. La prévalence de l’utilisation de plateformes de communication en ligne suscite néanmoins des inquiétudes au sein des démocraties occidentales quant aux risques de manipulation des électeurs, notamment par le biais de robots sociaux. Les robots sociaux sont des comptes automatisés qui peuvent être utilisés pour produire ou amplifier le contenu en ligne tout en se faisant passer pour de réels utilisateurs. Certaines études, principalement axées sur le cas des États-Unis, ont analysé la propagation de contenus de désinformation par les robots sociaux en période électorale, alors que d’autres ont également examiné le rôle de l’affiliation partisane sur les comportements et les tactiques favorisées par les robots sociaux. Toutefois, la question à savoir si l'orientation partisane des robots sociaux a un impact sur la quantité de désinformation politique qu’ils propagent demeure sans réponse. Par conséquent, l’objectif principal de ce travail de recherche est de déterminer si des différences partisanes peuvent être observées dans (i) le nombre de robots sociaux actifs pendant la campagne électorale canadienne de 2021, (ii) leurs interactions avec les comptes réels, et (iii) la quantité de contenu de désinformation qu’ils ont propagé. Afin d’atteindre cet objectif de recherche, ce mémoire de maîtrise s’appuie sur un ensemble de données Twitter de plus de 11,3 millions de tweets en anglais provenant d’environ 1,1 million d'utilisateurs distincts, ainsi que sur divers modèles pour distinguer les comptes de robots sociaux des comptes humains, déterminer l’orientation partisane des utilisateurs et détecter le contenu de désinformation politique véhiculé. Les résultats de ces méthodes distinctes indiquent des différences limitées dans le comportement des robots sociaux lors des dernières élections fédérales. Il a tout de même été possible d'observer que les robots sociaux de tendance conservatrice étaient plus nombreux que leurs homologues de tendance libérale, mais que les robots sociaux d’orientation libérale étaient ceux qui ont interagi le plus avec les comptes authentiques par le biais de retweets et de réponses directes, et qui ont propagé le plus de contenu de désinformation.Social media have now become essential communication tools, including within the context of electoral campaigns. However, the prevalence of online communication platforms has raised concerns in Western democracies about the risks of voter manipulation, particularly through social bot accounts. Social bots are automated computer algorithms which can be used to produce or amplify online content while posing as authentic users. Some studies, mostly focused on the case of the United States, analyzed the propagation of disinformation content by social bots during electoral periods, while others have also examined the role of partisanship on social bots’ behaviors and activities. However, the question of whether social bots’ partisan-leaning impacts the amount of political disinformation content they generate online remains unanswered. Therefore, the main goal of this study is to determine whether partisan differences could be observed in (i) the number of active social bots during the 2021 Canadian election campaign, (ii) their interactions with humans, and (iii) the amount of disinformation content they propagated. In order to reach this research objective, this master’s thesis relies on an original Twitter dataset of more than 11.3 million English tweets from roughly 1.1 million distinct users, as well as diverse models to distinguish between social bot and human accounts, determine the partisan-leaning of users, and detect political disinformation content. Based on these distinct methods, the results indicate limited differences in the behavior of social bots in the 2021 federal election. It was however possible to observe that conservative-leaning social bots were more numerous than their liberal-leaning counterparts, but liberal-leaning accounts were those who interacted more with authentic accounts through retweets and replies and shared the most disinformation content