Towards Detecting Compromised Accounts on Social Networks

Towards Detecting Compromised Accounts on Social Networks

Towards Detecting Compromised Accounts on Social Networks


Compromising social network accounts have become a profitable course of action for cyber criminals.By hijacking control of a popular media or business account, attackers can distribute their malicious messages to a large user base or distribute false information.The impacts of these incidents range from a tarnished reputation on financial markets to multi-billion dollar monetary losses.We demonstrated in our previous work how we can detect large-scale compromises (i.e., so-called campaigns) of regular online users of social networks.In this work, we show how we can use similar techniques to identify individual high-profile accounts compromises.


Towards Detecting Compromised Accounts Over the past few years, online social networks such as Facebook and Twitter have become increasingly popular.People use social networks to keep families in touch, chat with friends, and share news. Over time,projects on Towards Detecting Compromised the users of a social network build connections with their friends, colleagues, and people they consider interesting or trustworthy in general.

These connections form a social graph that controls how information spreads within the social network.Users typically receive user-related messages in the form of wall posts, tweets or status updates.These social network sh’s large user base as attracted cyber criminals attention.According to a 2008 study, that year, 83 percent of social network users received at least one unwanted message on such networks.


We presented COMPA in this Towards Detecting Compromised Social Network Accounts, a system for detecting compromised social network accounts.COMPA uses statistical models to characterize the behavior of social network users and to use sanomaly detection techniques to identify sudden changes in their behaviour.projects on Towards Detecting The results show that our approach can reliably detect compromises affecting high- profile social network accounts, and can detect compromises of regular accounts, whose behavior is typically more variable, by aggregating together similar malicious messages.