UbCadet: detection of compromised accounts in twitter based on user behavioural profiling

Abstract

Online Social Networks(OSNs) are generally at the risk of many potential dangers. Malicious attackers use compromised OSN accounts to spread fake news, to send spam messages and to promote malicious applications which in turn lead to substantial financial and reputation loss. The current scenario in the world is that heavily funded and sophisticated criminal groups execute these malicious activities. Numerous Twitter accounts are either fake or compromised as they are victims of these attacks. Detecting these compromised accounts is a challenging task due to various reasons, including the dynamic behaviour of OSN services and its users. A new framework titled User Behaviour Analytics based Compromised Account Detection(UbCadet) proposed in this paper. Some of the significant derived attributes proposed in this work to profile a Twitter user are Similarity of tweet text, Similarity of hashtag, time of tweeting and Geo-location information. In this work, User Behavioural Profile builds with derived attributes of a Twitter user. Based on this user profile, the tweets of each user converts to individual tweet patterns. These patterns are classified as normal or anomalous using k-Nearest Neighbour machine learning algorithm. Additionally, the ensemble method and Random Forest classifier has also experimented for pattern classification. An account classifies as compromised or benign based on the frequency of normal or anomalous tweets from that account. The dataset collected from Yelp, which is a popular crowd-sourced review forum is also used for the experiment in addition to the Twitter dataset, to examine the applicability of the proposed approach in other OSNs. Experimental results show that the proposed UbCadet achieves a high accuracy and reduced false-positive rate.