Abstract

Abstract: Online Social Networks rely heavily on networks of trust and on user popularity. Users believe to content that is posted by people they know in real life, or by famous people they admire and respect. Cybercriminals who want to misuse social networks for their nefarious goals need to gain trust from their victims as well. Miscreants can do this in two ways: first, they can hijack a reputable account and use it to spread malicious content. This way, users who trust this account will be more likely to re-share this content, or to click on the links that are posted by it. Second, they can build a fake reputation for accounts they control, by purchasing fake followers, fake likes, or fake retweets for example. In this talk I will provide an overview of our work in detecting malicious activity on online social networks. First, I will present COMPA , a system that is able to detect and block messages that have been sent by a social network account but that were not authored by the legitimate owner of the account, but by an attacker who hijacked it. Then I will provide an overview of our efforts in detecting accounts that built a fake reputation on Twitter by purchasing followers. I will then discuss some open research areas in the field of fighting cybercriminal activity on social networks.

Bio: Dr Gianluca Stringhini is a lecturer in the Departments of Computer Science and Security and Crime Science at UCL . His research interests include network security, cybercrime measurement, social network security, and malware analysis. His work was awarded a Best Paper Award at ACSAC in 2010 and the Outstanding Dissertation Award from the Department of Computer Science at UC Santa Barbara in 2014. He was one of the recipients of the Symantec Research Labs Graduate Fellowship in 2012.