research-article

Strengthening Weak Identities Through Inter-Domain Trust Transfer

Authors:

Giridhari Venkatadri,

Changtao Zhong,

Bimal Viswanath,

Krishna P. Gummadi,

Nishanth SastryAuthors Info & Claims

WWW '16: Proceedings of the 25th International Conference on World Wide Web

Pages 1249 - 1259

https://doi.org/10.1145/2872427.2883015

Published: 11 April 2016 Publication History

Abstract

On most current websites untrustworthy or spammy identities are easily created. Existing proposals to detect untrustworthy identities rely on reputation signals obtained by observing the activities of identities over time within a single site or domain; thus, there is a time lag before which websites cannot easily distinguish attackers and legitimate users. In this paper, we investigate the feasibility of leveraging information about identities that is aggregated across multiple domains to reason about their trustworthiness. Our key insight is that while honest users naturally maintain identities across multiple domains (where they have proven their trustworthiness and have acquired reputation over time), attackers are discouraged by the additional effort and costs to do the same. We propose a flexible framework to transfer trust between domains that can be implemented in today's systems without significant loss of privacy or significant implementation overheads.

We demonstrate the potential for inter-domain trust assessment using extensive data collected from Pinterest, Facebook, and Twitter. Our results show that newer domains such as Pinterest can benefit by transferring trust from more established domains such as Facebook and Twitter by being able to declare more users as likely to be trustworthy much earlier on (approx. one year earlier).

References

[1]

http://oauth.net.

[2]

http://klout.com/home.

[3]

https://trustcloud.com.

[4]

Advogato trust metric. http://www.advogato.org/trust-metric.html.

[5]

Black-market for old twitter accounts. http://buybulkaccounts.blogspot.de/p/5-years-old.html.

[6]

Black-market website. http://addmefast.com.

[7]

Black-market website. http://www.purchasesocial.com.

[8]

Black-market website. https://socioblend.com.

[9]

Facebook anonymous login. http://newsroom.fb.com/news/2014/04/f8-introducing-anonymous-login-and-an-updated-facebook-login.

[10]

Facebook login. https://developers.facebook.com/docs/facebook-login/v2.3.

[11]

Pinterest introductory guide. https://help.pinterest.com/en/guide/all-about-pinterest.

[12]

Reddit faq. http://www.reddit.com/r/help/wiki/faq.

[13]

Social login market. http://www.gigya.com/blog/the-landscape-of-social-login-facebook-makes-a-comeback.

[14]

Tech blog post about facebook integration. http://royal.pingdom.com/2012/06/18/how-many-sites-have-facebook-integration-youd-be-surprised.

[15]

Web of trust. https://www.mywot.com.

[16]

F. Benevenuto, G. Magno, T. Rodrigues, and V. Almeida. Detecting spammers on twitter. In CEAS'10.

[17]

A. Beutel, W. Xu, V. Guruswami, C. Palow, and C. Faloutsos. Copycatch: stopping group attacks by spotting lockstep behavior in social networks. In WWW'13.

Digital Library

[18]

Q. Cao, X. Yang, J. Yu, and C. Palow. Uncovering large groups of active malicious accounts in online social networks. In ACM CCS'14.

Digital Library

[19]

G. Danezis and P. Mittal. SybilInfer: Detecting Sybil Nodes Using Social Networks. In NDSS'09.

[20]

S. Feng, L. Xing, A. Gogar, and Y. Choi. Distributional footprints of deceptive product reviews. In AAAI ICWSM'12.

[21]

S. Ghosh, N. Sharma, F. Benevenuto, N. Ganguly, and K. Gummadi. Cognos: Crowdsourcing search for topic experts in microblogs. In ACM SIGIR'12.

Digital Library

[22]

S. Ghosh, M. B. Zafar, P. Bhattacharya, N. Sharma, N. Ganguly, and K. Gummadi. On sampling the wisdom of crowds: Random vs. expert sampling of the twitter stream. In ACM CIKM'13.

Digital Library

[23]

O. Goga, P. Loiseau, R. Sommer, R. Teixeira, and K. P. Gummadi. On the reliability of profile matching across large online social networks. In ACM KDD'15.

Digital Library

[24]

C. Grier, K. Thomas, V. Paxson, and C. M. Zhang. @spam: the underground on 140 characters or less. In ACM CCS'10.

Digital Library

[25]

T. Grinshpoun, N. Gal-Oz, A. Meisels, and E. Gudes. Ccr: A model for sharing reputation knowledge across virtual communities. In WI-IAT'09.

Digital Library

[26]

R. Heatherly, M. Kantarcioglu, and B. Thuraisingham. Preventing private information inference attacks on social networks. IEEE Trans. on Knowl. and Data Eng., 2013.

Digital Library

[27]

A. M. Kakhki, C. Kliman-Silver, and A. Mislove. Iolaus: Securing online content rating systems. In WWW'13.

[28]

A. Leontjeva, M. Goldszmidt, Y. Xie, F. Yu, and M. Abadi. Early security classification of skype users via machine learning. In AISec'13.

Digital Library

[29]

N. Li and T. Li. t-closeness: Privacy beyond k-anonymity and l-diversity. In IEEE ICDE'07.

[30]

E.-P. Lim, V.-A. Nguyen, N. Jindal, B. Liu, and H. W. Lauw. Detecting product review spammers using rating behaviors. In ACM CIKM'10.

Digital Library

[31]

M. McGlohon, N. S. Glance, and Z. Reiter. Star quality: Aggregating reviews to rank products and merchants. In AAAI ICWSM'10.

[32]

A. Mislove, A. Post, K. P. Gummadi, and P. Druschel. Ostra: Leveraging trust to thwart unwanted communication. In NSDI'08.

Digital Library

[33]

M. Mondal, B. Viswanath, A. Clement, P. Druschel, K. P. Gummadi, A. Mislove, and A. Post. Defending against large-scale crawls in online social networks. In ACM CoNEXT'12.

Digital Library

[34]

S. J. Pan and Q. Yang. A survey on transfer learning. IEEE Trans. on Knowl. and Data Eng., 2010.

Digital Library

[35]

A. Post, V. Shah, and A. Mislove. Bazaar: Strengthening user reputations in online marketplaces. In NSDI'11.

Digital Library

[36]

D. Quercia and S. Hailes. Sybil Attacks Against Mobile Users: Friends and Foes to the Rescue. In IEEE INFOCOM'10.

Digital Library

[37]

T. Stein, E. Chen, and K. Mangla. Facebook immune system. In SNS'11.

Digital Library

[38]

K. Thomas, D. McCoy, C. Grier, A. Kolcz, and V. Paxson. Trafficking fraudulent accounts: The role of the underground market in twitter spam and abuse. In USENIX Security'13.

Digital Library

[39]

N. Tran, J. Li, L. Subramanian, and S. S. Chow. Optimal Sybil-resilient Node Admission Control. In IEEE INFOCOM'11.

[40]

N. Tran, B. Min, J. Li, and L. Subramanian. Sybil-resilient online content voting. In USENIX NSDI '09.

Digital Library

[41]

B. Viswanath, M. A. Bashir, M. Crovella, S. Guha, K. P. Gummadi, B. Krishnamurthy, and A. Mislove. Towards detecting anomalous user behavior in online social networks. In USENIX Security'14.

Digital Library

[42]

B. Viswanath, M. A. Bashir, M. B. Zafar, S. Bouget, S. Guha, K. P. Gummadi, A. Kate, and A. Mislove. Strength in numbers: Robust tamper detection in crowd computations. In ACM COSN'15.

Digital Library

[43]

G. Wang, T. Konolige, C. Wilson, X. Wang, H. Zheng, and B. Y. Zhao. You Are How You Click: Clickstream Analysis for Sybil Detection. In USENIX Security'14.

Digital Library

[44]

G. Wang, M. Mohanlal, C. Wilson, X. Wang, M. Metzger, H. Zheng, and B. Y. Zhao. Social turing tests: Crowdsourcing sybil detection. In NDSS'13.

[45]

G. Wang, T. Wang, H. Zheng, and B. Y. Zhao. Man vs. machine: Practical adversarial detection of malicious crowdsourcing workers. In USENIX Security'14.

Digital Library

[46]

G. Wu, D. Greene, B. Smyth, and P. Cunningham. Distortion as a validation criterion in the identification of suspicious reviews. In SOMA'10.

Digital Library

[47]

H. Yu, P. B. Gibbons, M. Kaminsky, and F. Xiao. SybilLimit: A Near-optimal Social Network Defense Against Sybil Attacks. In IEEE S&P'08.

Digital Library

[48]

H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. SybilGuard: Defending Against Sybil Attacks via Social Networks. In ACM SIGCOMM'06.

Digital Library

[49]

Z. Zhao, J. Cheng, F. Wei, M. Zhou, W. Ng, and Y. Wu. Socialtransfer: Transferring social knowledge for cold-start crowdsourcing. In ACM CIKM'14.

Digital Library

[50]

C. Zhong, M. Salehi, S. Shah, M. Cobzarenco, N. Sastry, and M. Cha. Social bootstrapping: how pinterest and last. fm social communities benefit by borrowing links from facebook. In WWW'14.

Digital Library

[51]

E. Zhong, W. Fan, J. Wang, L. Xiao, and Y. Li. Comsoc: Adaptive transfer of user behaviors over composite social network. In ACM KDD'12.

Digital Library

Cited By

Gong QChen YHe XXiao YHui PWang XFu X(2021)Cross-site Prediction on Social Influence for Cold-start Users in Online Social NetworksACM Transactions on the Web10.1145/340910815:2(1-23)Online publication date: 12-May-2021
https://dl.acm.org/doi/10.1145/3409108
Liu HDeng SWu LJian MYang BZhang D(2020)Recommendations for Different Tasks Based on the Uniform Multimodal Joint RepresentationApplied Sciences10.3390/app1018617010:18(6170)Online publication date: 4-Sep-2020
https://doi.org/10.3390/app10186170
Papadamou KGevers SXenakis CSirivianos MZannettou SChifor BTeican SGugulea GCaponi ARecupero APisa CBianchi G(2020)Killing the Password and Preserving Privacy With Device-Centric and Attribute-Based AuthenticationIEEE Transactions on Information Forensics and Security10.1109/TIFS.2019.295876315(2183-2193)Online publication date: 2020
https://doi.org/10.1109/TIFS.2019.2958763
Show More Cited By

Index Terms

Strengthening Weak Identities Through Inter-Domain Trust Transfer
1. Security and privacy
  1. Software and application security
    1. Social network security and privacy

Recommendations

Partial identities as a foundation for trust and reputation

This paper explores the relationships between the hard security concepts of identity and privacy on the one hand, and the soft security concepts of trust and reputation on the other hand. We specifically focus on two vulnerabilities that current trust ...
The Role of Reputation on Trust and Loyalty: A Cross-Cultural Analysis of Tablet E-Tailing

The purpose of this article is to empirically examine the role of online retailer's website reputation on tablet commerce and to compare the trust arbitration between reputation and loyalty in two cultures-Finland and Nigeria. Data was collected from ...
Adaptive trust-based anonymous network

A novel Adaptive Trust-based Anonymous Network (ATAN) is proposed. The distributed and decentralised network management in ATAN does not require a central authority so that ATAN alleviates the problem of a single point of failure. In some existing ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

WWW '16: Proceedings of the 25th International Conference on World Wide Web

April 2016

1482 pages

ISBN:9781450341431

General Chairs:
Jacqueline Bourdeau
Tele-university (TELUQ), Montreal, QC, Canada
,
Jim A. Hendler
Rensselaer Polytechnic Institute, Troy, NY, USA
,
Roger Nkambou Nkambou
Université du Québec à Montréal, Montreal, QC, Canada
,
Program Chairs:
Ian Horrocks
University of Oxford, UK
,
Ben Y. Zhao
University of California at Santa Barbara, CA, USA

Copyright © 2016 Copyright is held by the International World Wide Web Conference Committee (IW3C2).

Sponsors

IW3C2: International World Wide Web Conference Committee

In-Cooperation

SIGWEB: ACM Special Interest Group on Hypertext, Hypermedia, and Web

Publisher

International World Wide Web Conferences Steering Committee

Republic and Canton of Geneva, Switzerland

Publication History

Published: 11 April 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Space for Sharing project (S4S) http://www.space4sharingstudy.org/?page_id=78

Conference

WWW '16

Sponsor:

IW3C2

WWW '16: 25th International World Wide Web Conference

April 11 - 15, 2016

Québec, Montréal, Canada

Acceptance Rates

WWW '16 Paper Acceptance Rate 115 of 727 submissions, 16%;

Overall Acceptance Rate 1,899 of 8,196 submissions, 23%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
259
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gong QChen YHe XXiao YHui PWang XFu X(2021)Cross-site Prediction on Social Influence for Cold-start Users in Online Social NetworksACM Transactions on the Web10.1145/340910815:2(1-23)Online publication date: 12-May-2021
https://dl.acm.org/doi/10.1145/3409108
Liu HDeng SWu LJian MYang BZhang D(2020)Recommendations for Different Tasks Based on the Uniform Multimodal Joint RepresentationApplied Sciences10.3390/app1018617010:18(6170)Online publication date: 4-Sep-2020
https://doi.org/10.3390/app10186170
Papadamou KGevers SXenakis CSirivianos MZannettou SChifor BTeican SGugulea GCaponi ARecupero APisa CBianchi G(2020)Killing the Password and Preserving Privacy With Device-Centric and Attribute-Based AuthenticationIEEE Transactions on Information Forensics and Security10.1109/TIFS.2019.295876315(2183-2193)Online publication date: 2020
https://doi.org/10.1109/TIFS.2019.2958763
Teubner TAdam MHawlitschek F(2019)Unlocking Online ReputationBusiness & Information Systems Engineering10.1007/s12599-019-00620-462:6(501-513)Online publication date: 16-Oct-2019
https://doi.org/10.1007/s12599-019-00620-4
Teubner THawlitschek FAdam M(2019)Reputation TransferBusiness & Information Systems Engineering10.1007/s12599-018-00574-zOnline publication date: 2-Jan-2019
https://doi.org/10.1007/s12599-018-00574-z
Hesse MTeubner T(2019)Reputation portability – quo vadis?Electronic Markets10.1007/s12525-019-00367-630:2(331-349)Online publication date: 13-Sep-2019
https://doi.org/10.1007/s12525-019-00367-6
Hernandez NRahman MRecabarren RCarbunar BLie DMannan MBackes MWang X(2018)Fraud De-Anonymization for Fun and ProfitProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243770(115-130)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243770
Gong QChen YHu JCao QHui PWang X(2018)Understanding Cross-Site Linking in Online Social NetworksACM Transactions on the Web10.1145/321389812:4(1-29)Online publication date: 27-Sep-2018
https://dl.acm.org/doi/10.1145/3213898
Sang JYan MXu C(2018)Understanding Dynamic Cross-OSN Associations for Cold-Start RecommendationIEEE Transactions on Multimedia10.1109/TMM.2018.283953020:12(3439-3451)Online publication date: 1-Dec-2018
https://dl.acm.org/doi/10.1109/TMM.2018.2839530
Gong QChen YYu XXu CGuo ZXiao YBen Abdesslem FWang XHui P(2018)Exploring the power of social hub servicesWorld Wide Web10.1007/s11280-018-0633-722:6(2825-2852)Online publication date: 25-Sep-2018
https://doi.org/10.1007/s11280-018-0633-7
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents