Abstract
With the fast-growing popularity of online social networks (OSN), maintaining the security of OSN ecosystems becomes essential for the public. Among all the security threats facing OSN, malicious social bots have become the most common and detrimental. These bot programs are often employed to violate users' privacy, distribute spam, and disturb the financial market, posing a compelling need for effective social bot detection solutions. Unlike traditional bot detection approaches that have strict requirements on data sources (e.g., private payload information, social relationships, or activity histories), this paper proposes a detection method called BotFlowMon that relies only on NetFlow data as input to identify OSN bot traffic, where every NetFlow record is a summary of a traffic flow on the Internet and contains no payload content. BotFlowMon introduces several new algorithms and techniques to help use machine learning to classify the social bot traffic from the real OSN user traffic, including aggregating NetFlow records to obtain transaction data, fusing transaction data to extract features and visualize flows, as well as subdividing transactions into basic actions. Our evaluation shows that with 535GB raw NetFlow records as input, BotFlowMon can efficiently classify the traffic from social bots, including chatbot, amplification bot, post bot, crawler bot, and hybrid bot, with 92.33-93.61 % accuracy.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
