SAFER: Social Capital-based Friend Recommendation to Defend Against Phishing Attacks

Abstract

The tremendous growth of social media has been accompanied by highly advanced online social network (OSN) technologies. Such advanced technologies have been heavily utilized by perpetrators as convenient tools for deceiving people in online worlds. Social capital has been discussed as a powerful mechanism to leverage interpersonal relationships in social networks in order for an individual to achieve his/her goal. The beauty of social capital is the ability to materialize non-monetary, less costly, and non-economic resources into tools to solve social problems. In this paper, we aim to leverage social capital (SC) to minimize online users' vulnerabilities to online deception. In particular, we propose a Social cApital-based FriEnd Recommendation scheme, called SAFER, that can protect OSN users from phishing attacks. We quantify three dimensions of social capital, namely, structural, cognitive, and relational, based on user features obtained from real datasets and model a user's friending behavior based on their social capital. In addition, to model a user's behavior upon being attacked by phishing attacker, we developed the so-called SER-SEIR (Susceptible, Exposed, Recovered-Susceptible, Exposed, Infected, and Recovered) model as a variant of the SEIR model. Via extensive simulation experiments based on two real datasets considering bot-based and human-based attackers performing phishing attacks, we demonstrate the performance of four SC-based friend recommendation schemes with three non-SC-based comparable counterparts in terms of the ratio of detecting attackers and the fraction of users in the states of S, E, I, and R. Based on the performance comparison, we analyze the overall trends of their performance in terms of the extent of resistance against phishing attacks by bot or human attackers.