tracking communities of spammers by evolutionary
play

Tracking Communities of Spammers by Evolutionary Clustering Kevin Xu - PowerPoint PPT Presentation

Jun 22, 2023 •334 likes •702 views

Tracking Communities of Spammers by Evolutionary Clustering Kevin Xu 1 , Mark Kliger 2 , Alfred O. Hero III 1 1 University of Michigan, Ann Arbor, MI, USA 2 Medasense Biometrics, Ofakim, Israel Presented by Mark Kliger K. Xu, M. Kliger, A.O. Hero

  1. Tracking Communities of Spammers by Evolutionary Clustering Kevin Xu 1 , Mark Kliger 2 , Alfred O. Hero III 1 1 University of Michigan, Ann Arbor, MI, USA 2 Medasense Biometrics, Ofakim, Israel Presented by Mark Kliger K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 1 / 25

  2. Outline Introduction 1 Networks of Spammers Tracking Communities of Spammers 2 Evolutionary Clustering with forgetting factor Preliminary Results 3 Discussion and Challenges 4 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 2 / 25

  3. Outline Introduction 1 Networks of Spammers Tracking Communities of Spammers 2 Evolutionary Clustering with forgetting factor Preliminary Results 3 Discussion and Challenges 4 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 3 / 25

  4. Communities in Social Networks School friendships Scientific collaborations Moody, 2001 Girvan and Newman, 2002 Detecting Communities in Social Networks is a popular subject. Various algorithms ◮ Leskovec et al. (2010) for empirical comparison of different algorithm K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 4 / 25

  5. Dynamic Social Networks Almost ALL social networks are changing in time. Objectives of the study:To track changes in community structure over time Trigger project: To reveal communities of spammers! K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 5 / 25

  6. Stages of SPAMming process Legal Illegal (almost...) First Stage: Harvesting - mass acquisition of email addresses using harvesters (bots, crawlers, web-spiders, etc.) Second Stage: Spamming - sending large amounts of spam emails using spam servers Observation: Spammers conceal their identity to a lesser degree when harvesting (Prince:CEAS2005) Spammers might be associated with their harvesting means K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 6 / 25

  7. www.projecthoneypot.org Distributed network of decoy web pages - “honey pots”. Honey Pot: text of a legal document with trap email address embedded inside HTML code K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 7 / 25

  8. Tracking Spammers Non-human visitor (bot, crawler, spider, harvester i.e. spammers) hit the honey pot and collect trap email address. Spammer IP address is stamped and tracked Unique email address generated each visit. Email addresses and all received messages associated with a single spammer. All messages are spam. K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 8 / 25

  9. Network of Spammers How do we characterize social networks and communities? ◮ Social interactions between members ◮ Sharing resources between members ◮ Similarity in members’ behaviors Ties between spammers by shared spam servers K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 9 / 25

  10. Strength of Ties Connect spammers by similarity in spam server usage Coincidence matrix H t between spammers and spam servers at time point t : � M , N � p t H t = ij e t i i , j = 1 p t ij : number of emails sent by spammer i using spam server j during time interval t e t i : total number of email addresses collected by spammer i up to time t Network of spammers is represented by dot product affinity matrix: W t = H t ( H t ) T K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 10 / 25

  11. Static Communities of Spammers (Xu et al, 2009) Oct. 2006 Multiclass Spectral Clustering (Yu and Shi, 2003): Relaxation of K x i T W t x i 1 � max x i T D t x i K X i = 1 s.t. X = [ x 1 · · · x K ] ∈ { 0 , 1 } M × K ; X 1 K = 1 M ; D t = diag ( W t 1 M ) K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 11 / 25

  12. Static Communities of Spammers (Xu et al, 2009) 0.0 Phishing level 1.0 Oct. 2006 Validation by phishing level spammer Phishing level = # of phishing emails sent total # of emails sent Email classified as phishing email if subject contains common phishing word (e-Bay, PayPal, Chase, passport, login, etc.) K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 12 / 25

  13. Dynamic Network of Spammers Project Honey Pot has grown exponentially with time As of June 2010 ◮ 45 million trap email addresses monitored ◮ 67 million spam servers identified ◮ more then billion spam messages received ◮ 79 thousands spammers identified Our goal: to identify and track communities of spammers over time K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 13 / 25

  14. Outline Introduction 1 Networks of Spammers Tracking Communities of Spammers 2 Evolutionary Clustering with forgetting factor Preliminary Results 3 Discussion and Challenges 4 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 14 / 25

  15. Community detection in dynamic social networks Ignore history and cluster only current data ◮ Clustering results are unstable Evolutionary Clustering ◮ Incorporate both past and present data W t = α t ¯ W t − 1 + ( 1 − α t ) W t ¯ W 0 = W 0 ) ( ¯ Forgetting factor α t controls the amount of smoothing Evolutionary Spectral Clustering - spectral clustering with ¯ W t (Chie et al, 2007) How to select α t ? K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 15 / 25

  16. Optimal forgetting factor Borrowing ideas from Shrinkage Estimation of Covariance matrices (Ledoit and Wolf, 2003) Assume that: True affinity matrix at any given time t to be the expected affinity matrix E ( W t ) . Optimum α t in Minimum Mean Square Error sense (MSE) ( α t ) ∗ = argmin � W t − 1 + ( 1 − α ) W t − E ( W t ) � 2 � � α ¯ E F α ∈ [ 0 , 1 ] � n � n j = 1 var ( w t ij ) i = 1 = � � ij )] 2 + var ( w t � n � n w t − 1 [ ¯ − E ( w t ij ) i = 1 j = 1 ij K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 16 / 25

  17. Oracle is on vacation.... ( α t ) ∗ is not implementable because it requires knowledge of the mean and variance of the entries of W t Replace unknowns with sample statistics Sample mean and sample variance of W t are dependent on clustering structure of G t We don’t know which samples belong to which cluster. This is the goal of clustering! K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 17 / 25

  18. Iterative estimation component memberships and α t Fix component memberships to be the most recent cluster 1 memberships Estimate sample mean and variance of W t by summing over each 2 cluster. Calculate α t and ¯ W t 3 Fix ¯ W t , and run clustering algorithm to obtain new cluster 4 memberships Repeat entire procedure (until α t converges...) 5 We haven’t proved that α t converges but empirically it “converges" after only a handful of iterations. K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 18 / 25

  19. Outline Introduction 1 Networks of Spammers Tracking Communities of Spammers 2 Evolutionary Clustering with forgetting factor Preliminary Results 3 Discussion and Challenges 4 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 19 / 25

  20. Estimation of α t (2006 monthly) Estimated forgetting factor α t Community memberships (240) α t changes around January, April, September, and December, suggesting changes in the community structure during these months No validation is available Difficult to visualize dynamic network K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 20 / 25

  21. Preliminary Results (2006 monthly) - 240 spammers 01.2006 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 21 / 25

  22. Preliminary Results (2006 monthly) - 240 spammers 02.2006 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 21 / 25

  23. Preliminary Results (2006 monthly) - 240 spammers 03.2006 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 21 / 25

  24. Preliminary Results (2006 monthly) - 240 spammers 04.2006 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 21 / 25

  25. Preliminary Results (2006 monthly) - 240 spammers 05.2006 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 21 / 25

  26. Preliminary Results (2006 monthly) - 240 spammers 06.2006 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 21 / 25

  27. Preliminary Results (2006 monthly) - 240 spammers 07.2006 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 21 / 25

  28. Preliminary Results (2006 monthly) - 240 spammers 08.2006 K. Xu, M. Kliger, A.O. Hero III () Tracking Communities of Spammers Presented by Mark Kliger 21 / 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Evolutionary Algorithms CS 478 - Evolutionary Algorithms 1 Evolutionary Computation/Algorithms

Evolutionary Algorithms CS 478 - Evolutionary Algorithms 1 Evolutionary Computation/Algorithms

Evolutionary Algorithms CS 478 - Evolutionary Algorithms 1 Evolutionary Computation/Algorithms Genetic Algorithms l Simulate natural evolution of structures via selection and reproduction, based on performance (fitness) l Type of

524 views • 30 slides
Detecting Spammers and Content Detecting Spammers and Content Detecting Spammers and Content

Detecting Spammers and Content Detecting Spammers and Content Detecting Spammers and Content

Detecting Spammers and Content Detecting Spammers and Content Detecting Spammers and Content Detecting Spammers and Content Promoters in Online Video Social Networks Promoters in Online Video Social Networks Promoters in Online Video Social

351 views • 21 slides
CSE CSE 460 460 Evolutionary Evolutionary Methods Methods In this section we will look at

CSE CSE 460 460 Evolutionary Evolutionary Methods Methods In this section we will look at

CSE CSE 460 460 Evolutionary Evolutionary Methods Methods In this section we will look at evolutionary methods Genetic Algorithms Evolution Strategies Genetic Programming Constraints in Evolutionary Methods References

871 views • 57 slides
E-mail trends in 2010: How do spammers get your address? Using distributed poisoned addresses to

E-mail trends in 2010: How do spammers get your address? Using distributed poisoned addresses to

Motivation How E-mail works Conventional Wisdom Previous Work Implementation Results Conclusion E-mail trends in 2010: How do spammers get your address? Using distributed poisoned addresses to track harvesting behavior Robert Marmorstein

447 views • 17 slides
TELLING EXPERTS FROM SPAMMERS: EXPERTISE RANKING IN FOLKSONOMIES Michael G. Noll, Ching-Man Au

TELLING EXPERTS FROM SPAMMERS: EXPERTISE RANKING IN FOLKSONOMIES Michael G. Noll, Ching-Man Au

TELLING EXPERTS FROM SPAMMERS: EXPERTISE RANKING IN FOLKSONOMIES Michael G. Noll, Ching-Man Au Yeung, Nicholas Gibbins, Christoph Meinel, Nigel Shadbolt (SIGIR09) Presenter: Xiang Gao (Vincent) Introduction Collaborative tagging

533 views • 24 slides
Understanding the Domain Registration Behavior of Spammers Shuang Hao, Matthew Thomas, Vern

Understanding the Domain Registration Behavior of Spammers Shuang Hao, Matthew Thomas, Vern

Understanding the Domain Registration Behavior of Spammers Shuang Hao, Matthew Thomas, Vern Paxson, Nick Feamster, Christian Kreibich, Chris Grier, Scott Hollenbeck Overview Domain Abuse Domain names represent valuable Internet resources

653 views • 25 slides
Evolutionary Design By: Dianna Fox and Dan Morris Review 4 main types of Evolutionary

Evolutionary Design By: Dianna Fox and Dan Morris Review 4 main types of Evolutionary

Evolutionary Design By: Dianna Fox and Dan Morris Review 4 main types of Evolutionary Algorithms Genetic Algorithm - John Holland Genetic Programming - John Koza Evolutionary Programming - Lawerence Fogel Evolutionary

1.25k views • 51 slides
Local Communities, and the Women within those Communities Rights and Resources Initiative (RRI)

Local Communities, and the Women within those Communities Rights and Resources Initiative (RRI)

Water Tenure for Indigenous Peoples, Local Communities, and the Women within those Communities Rights and Resources Initiative (RRI) Chloe Ginsburg Tenure Analyst, RRI RRI Tenure Data: Tracking Indigenous Peoples, local communities

320 views • 10 slides
Outline DM812 METAHEURISTICS Lecture 6 Evolutionary Algorithms 1. Evolutionary Algorithms

Outline DM812 METAHEURISTICS Lecture 6 Evolutionary Algorithms 1. Evolutionary Algorithms

Evolutionary Algorithms Outline DM812 METAHEURISTICS Lecture 6 Evolutionary Algorithms 1. Evolutionary Algorithms Marco Chiarandini Department of Mathematics and Computer Science University of Southern Denmark, Odense, Denmark

596 views • 6 slides
Detecting Product Review Spammers using Rating Behaviors Itay Dressler What is Spam? Why

Detecting Product Review Spammers using Rating Behaviors Itay Dressler What is Spam? Why

Detecting Product Review Spammers using Rating Behaviors Itay Dressler What is Spam? Why should you care? How to detect Spam? 2 What is Spam? What is Spam? All forms of malicious manipulation of user generated data so as to

943 views • 56 slides
1 20 July 2007 CERN Seminar 2 Introduction to evolutionary computation Evolutionary

1 20 July 2007 CERN Seminar 2 Introduction to evolutionary computation Evolutionary

1 20 July 2007 CERN Seminar 2 Introduction to evolutionary computation Evolutionary algorithms solution representation fitness function initial population generation genetic and selection operators Types of

601 views • 37 slides
GP & Push slides for Tom Evolutionary Computation Genetic Programming Evolutionary

GP & Push slides for Tom Evolutionary Computation Genetic Programming Evolutionary

GP & Push slides for Tom Evolutionary Computation Genetic Programming Evolutionary computing to produce executable computer programs. Programs are tested by executing them. Program Representations Lisp-style symbolic expressions

1.17k views • 104 slides
Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine Shuang

Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine Shuang

Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine Shuang Hao, Nadeem Ahmed Syed, Nick Feamster, Alexander G. Gray, Sven Krasser Motivation Spam: More than Just a Nuisance Spam: Ham: unsolicited bulk

523 views • 28 slides
Identifying Video Spammers in Online Social Networks Fabrcio Benevenuto 1 , Tiago Rodrigues 1 ,

Identifying Video Spammers in Online Social Networks Fabrcio Benevenuto 1 , Tiago Rodrigues 1 ,

Identifying Video Spammers in Online Social Networks Fabrcio Benevenuto 1 , Tiago Rodrigues 1 , Virglio Almeida 1 , Jussara Almeida 1 , Chao Zhang 2 , Keith Ross 2 1 Federal University of Minas Gerais Brazil 2 Polytechnic University New

311 views • 17 slides
Models of Language Evolution Session 04 : Evolutionary Game Theory: Evolutionary Dynamics Michael

Models of Language Evolution Session 04 : Evolutionary Game Theory: Evolutionary Dynamics Michael

Models of Language Evolution Session 04 : Evolutionary Game Theory: Evolutionary Dynamics Michael Franke Seminar f ur Sprachwissenschaft Eberhard Karls Universit at T ubingen Replicator Dynamics Other Evolutionary Dynamics Folk

432 views • 28 slides
Detecting Singleton Review Spammers Using Semantic Similarity Vlad Sandulescu, joint work with

Detecting Singleton Review Spammers Using Semantic Similarity Vlad Sandulescu, joint work with

Detecting Singleton Review Spammers Using Semantic Similarity Vlad Sandulescu, joint work with Martin Ester 2015.05.19 Online reviews 31% of consumers read online reviews before actually making a purchase (rising) by the end of 2014, 15%

200 views • 18 slides
1 & 2 Samuel Series Lesson #021 August 11, 2015 Dean Bible Ministries

1 & 2 Samuel Series Lesson #021 August 11, 2015 Dean Bible Ministries

1 & 2 Samuel Series Lesson #021 August 11, 2015 Dean Bible Ministries www.deanbibleministries.org Dr. Robert L. Dean, Jr. G OD P ROPHESIES J UDGMENT ON THE H OUSE OF E LI 1 S AMUEL 2:1236 E SSENCE OF G OD Sovereign Omniscient

661 views • 27 slides
Domain adaptation with optimal transport from mapping to learning with joint distribution R.

Domain adaptation with optimal transport from mapping to learning with joint distribution R.

Domain adaptation with optimal transport from mapping to learning with joint distribution R. Flamary - Lagrange, OCA, CNRS, Universit e C ote dAzur Joint work with N. Courty, A. Habrard, A. Rakotomamonjy and B. Bushan Damodoran Data

617 views • 51 slides
http://ecosequestrust.org/GAMA resilience.io programme Global Update Global Update Preliminary

http://ecosequestrust.org/GAMA resilience.io programme Global Update Global Update Preliminary

http://ecosequestrust.org/GAMA resilience.io programme Global Update Global Update Preliminary outcomes of the agent-based modelling and resource network optimisation for the WASH sector in GAMA, Ghana Resilience.IO platform Harry

593 views • 45 slides
1 8th Grade Thermal Energy Study Guide 20151009 www.njctl.org 2 Thermal Energy Study

1 8th Grade Thermal Energy Study Guide 20151009 www.njctl.org 2 Thermal Energy Study

1 8th Grade Thermal Energy Study Guide 20151009 www.njctl.org 2 Thermal Energy Study Guide www.njctl.org 3 Part 1 Define the following terms and/or concepts 4 Temperature 1 5 2 Kinetic Energy 6 3 Thermal expansion 7 4

906 views • 67 slides
Racetrack video Hangry is a clever portmanteau of hungry and angry, and an adjective that

Racetrack video Hangry is a clever portmanteau of hungry and angry, and an adjective that

Racetrack video Hangry is a clever portmanteau of hungry and angry, and an adjective that describes being irritable due to hunger. hours Robert Wang, PhD in Computer Science, particularly in Artificial Intelligence Laid off from

803 views • 68 slides
Extending the MHD ePortal Feng He Supervisors: Rob Baxter, Lindsay Pottage, Gavin Pringle Summer

Extending the MHD ePortal Feng He Supervisors: Rob Baxter, Lindsay Pottage, Gavin Pringle Summer

Extending the MHD ePortal Feng He Supervisors: Rob Baxter, Lindsay Pottage, Gavin Pringle Summer 2001 Extending the MHD ePortal 1 The Grid what is it? And why is it important? The Grid purports to offer a seamless, ubiquitous computing

800 views • 11 slides
Mrs. Carter (SCITT student) Support Staff: Mrs. Eckhardt Miss Waters Mrs.

Mrs. Carter (SCITT student) Support Staff: Mrs. Eckhardt Miss Waters Mrs.

5T St Teresa 5C St Catherine Mrs. Carney Mrs. Terry Mrs. Gordon Mrs. Carter (SCITT student) Support Staff: Mrs. Eckhardt Miss Waters Mrs. Williams Our Wonder Kindness Friendship Thankfulness Honesty

583 views • 42 slides
Motivation Laboratory work in TDDI04 Operating systems are nearly Introduction to Pintos

Motivation Laboratory work in TDDI04 Operating systems are nearly Introduction to Pintos

Motivation Laboratory work in TDDI04 Operating systems are nearly Introduction to Pintos everywhere Crucial piece of software Assignments 00, 0, 1 Perform concurrent tasks Viacheslav Izosimov Synchronization 2009-02-02 C is the main

649 views • 9 slides

More recommend