Combating Friend Spam Using Social Rejections
2015 IEEE 35th International Conference on Distributed Computing Systems
Unwanted friend requests in online social networks, also known as friend spam, have proven to be among the most evasive malicious activities. This is evident by the fact that most OSN users experience friend spam on a substantially more frequent basis than they experience spam on their newsfeeds or other types of unwanted traffic. Besides directly annoying users, friend spam can be used to undermine social-graph-based defense schemes, which effectively bind the number of accepted Sybils to the
... otal number of social connections between Sybils and non-Sybil users. Hence, allowing malicious accounts to effortlessly solicit friend requests to unsuspected users who may accept them, can lead to the collapse of a major defense line. We propose Rejecto, a system that leverages social rejections to throttle friend spam. Rejecto stems from the observation that even well-maintained fake accounts inevitably receive a significant number of social rejections, namely they have their friend requests rejected or they are reported by users. Our key insight is to partition the social graph into two regions such that the aggregate acceptance rate of the friend requests from one region to the other is minimized. We argue that our design, which leverages the aforementioned graph cut, can reliably detect a region that comprises friend spammers. At the same time, it is resilient to the collusion and self-rejection evasion strategies. To efficiently obtain the graph cut, we extend the Kernighan-Lin heuristic and use it to iteratively detect and remove the accounts that send out friend spam. Through extensive simulations, we show that Rejecto can discern friend spammers under a broad range of scenarios and that it is resilient to strategic attackers.