Social spammer detection: A multi-relational embedding approach

© Springer International Publishing AG, part of Springer Nature 2018. Since the relation is the main data shape of social networks, social spammer detection desperately needs a relation-dependent but content-independent framework. Some recent detection method transforms the social relations into a set of topological features, such as degree, k-core, etc. However, the multiple heterogeneous relations and the direction within each relation have not been fully explored for identifying social spammers. In this paper, we make an attempt to adopt the Multi-Relational Embedding (MRE) approach for learning latent features of the social network. The MRE model is able to fuse multiple kinds of different relations and also learn two latent vectors for each relation indicating both sending role and receiving role of every user, respectively. Experimental results on a real-world multi-relational social network demonstrate the latent features extracted by our MRE model can improve the detection performance remarkably

On the mark? Responses to a sting

A series of responses to John Bohannon's "sting" operation on OA journals

Spam Works: Evidence from Stock Touts and Corresponding Market Activity

We assess the impact of spam that touts stocks upon the trading activity of those stocks and sketch how profitable such spamming might be for spammers and how harmful it is to those who heed advice in stock-touting e-mails. We find convincing evidence that stock prices are being manipulated through spam. We suggest that the effectiveness of spammed stock touting calls into question prevailing models of securities regulation that rely principally on the proper labeling of information and disclosure of conflicts of interest as means of protecting consumers, and we propose several regulatory and industry interventions. Based on a large sample of touted stocks listed on the Pink Sheets quotation system and a large sample of spam emails touting stocks, we find that stocks experience a significantly positive return on days prior to heavy touting via spam. Volume of trading responds positively and significantly to heavy touting. For a stock that is touted at some point during our sample period, the probability of it being the most actively traded stock in our sample jumps from 4% on a day when there is no touting activity to 70% on a day when there is touting activity. Returns in the days following touting are significantly negative. The evidence accords with a hypothesis that spammers "buy low and spam high," purchasing penny stocks with comparatively low liquidity, then touting them - perhaps immediately after an independently occurring upward tick in price, or after having caused the uptick themselves by engaging in preparatory purchasing - in order to increase or maintain trading activity and price enough to unload their positions at a profit. We find that prolific spamming greatly affects the trading volume of a targeted stock, drumming up buyers to prevent the spammer's initial selling from depressing the stock's price. Subsequent selling by the spammer (or others) while this buying pressure subsides results in negative returns following touting. Before brokerage fees, the average investor who buys a stock on the day it is most heavily touted and sells it 2 days after the touting ends will lose close to 5.5%. For those touted stocks with above-average levels of touting, a spammer who buys on the day before unleashing touts and sells on the day his or her touting is the heaviest, on average, will earn 4.29% before transaction costs. The underlying data and interactive charts showing price and volume changes are also made available

Marketing Privacy: A Solution for the Blight of Telemarketing (and Spam and Junk Mail)

Unsolicited solicitations in the form of telemarketing calls, email spam and junk mail impose in aggregate a substantial negative externality on society. Telemarketers do not bear the full costs of their marketing because they do not compensate recipients for the hassle of, say, being interrupted during dinner. Current regulatory responses that give consumers the all-or-nothing option of registering on the Internet to block all unsolicited telemarketing calls are needlessly both over- and underinclusive. A better solution is to allow individual consumers to choose the price per minute they would like to receive as compensation for listening to telemarketing calls. Such a name your own price mechanism could be easily implemented technologically by crediting consumers\u27 phone bills (a method analogous to the current debits to bills from 1-900 calls). Compensated calling is also easily implemented within current don\u27t call statutes simply by giving don\u27t-call households the option to authorize intermediaries to connect calls that meet their particular manner or compensation prerequisites. Under this rule, consumers are presumptively made better off by a regime that gives them greater freedom. Telemarketing firms facing higher costs of communication are likely to better screen potential contacts. Consumers having the option of choosing an intermediate price will receive fewer calls, which will be better tailored to their interests, and will be compensated for those calls they do receive. Giving consumers the right to be compensated may also benefit some telemarketers. Once consumers are voluntarily opting to receive telemarketing calls (in return for tailored compensation), it becomes possible to deregulate the telemarketers—lifting current restrictions on the time (no night time calls) and manner (no recorded calls). And faced with increasing caller resistance, we imagine that survey groups, such as the Gallop Poll, might welcome the opportunity to compensate survey respondents so that they might be able to produce more representative samples

What Happens After You Are Pwnd: Understanding The Use Of Leaked Webmail Credentials In The Wild

Cybercriminals steal access credentials to online accounts and then misuse them for their own profit, release them publicly, or sell them on the underground market. Despite the importance of this problem, the research community still lacks a comprehensive understanding of what these stolen accounts are used for. In this paper, we aim to shed light on the modus operandi of miscreants accessing stolen Gmail accounts. We developed an infrastructure that is able to monitor the activity performed by users on Gmail accounts, and leaked credentials to 100 accounts under our control through various means, such as having information-stealing malware capture them, leaking them on public paste sites, and posting them on underground forums. We then monitored the activity recorded on these accounts over a period of 7 months. Our observations allowed us to devise a taxonomy of malicious activity performed on stolen Gmail accounts, to identify differences in the behavior of cybercriminals that get access to stolen accounts through different means, and to identify systematic attempts to evade the protection systems in place at Gmail and blend in with the legitimate user activity. This paper gives the research community a better understanding of a so far understudied, yet critical aspect of the cybercrime economy

Adversarial behaviours knowledge area

The technological advancements witnessed by our society in recent decades have brought improvements in our quality of life, but they have also created a number of opportunities for attackers to cause harm. Before the Internet revolution, most crime and malicious activity generally required a victim and a perpetrator to come into physical contact, and this limited the reach that malicious parties had. Technology has removed the need for physical contact to perform many types of crime, and now attackers can reach victims anywhere in the world, as long as they are connected to the Internet. This has revolutionised the characteristics of crime and warfare, allowing operations that would not have been possible before. In this document, we provide an overview of the malicious operations that are happening on the Internet today. We first provide a taxonomy of malicious activities based on the attacker’s motivations and capabilities, and then move on to the technological and human elements that adversaries require to run a successful operation. We then discuss a number of frameworks that have been proposed to model malicious operations. Since adversarial behaviours are not a purely technical topic, we draw from research in a number of fields (computer science, criminology, war studies). While doing this, we discuss how these frameworks can be used by researchers and practitioners to develop effective mitigations against malicious online operations.Published versio

Ipsographing the Dubject; or, The Contradictions of Twitter

Precise control of self-renewal and differentiation of progenitor cells into the cranial neural crest (CNC) pool ensures proper head development, guided by signaling pathways such as BMPs, FGFs, Shh and Notch. Here, we show that murine Sox2 plays an essential role in controlling progenitor cell behavior during craniofacial development. A "Conditional by Inversion" Sox2 allele (Sox2(COIN) ) has been employed to generate an epiblast ablation of Sox2 function (Sox2(EpINV) ). Sox2 (EpINV/+(H)) haploinsufficient and conditional (Sox2(EpINV/mosaic) ) mutant embryos proceed beyond gastrulation and die around E11. These mutant embryos exhibit severe anterior malformations, with hydrocephaly and frontonasal truncations, which could be attributed to the deregulation of CNC progenitor cells during their epithelial to mesenchymal transition. This irregularity results in an exacerbated and aberrant migration of Sox10(+) NCC in the branchial arches and frontonasal process of the Sox2 mutant embryos. These results suggest a novel role for Sox2 as a regulator of the epithelial to mesenchymal transitions (EMT) that are important for the cell flow in the developing head