Georges A. Kamhoua
Florida International University
Georges A. Kamhoua is a Ph.D. candidate at Florida International University’s School of Computing and Information Sciences under the supervision of Dr. Niki Pissinou. He joined FIU in Fall 2014. He received his B.S. degree in Electrical Engineering and a M.S degree in Electronics from University of Dschang, Cameroon in 2007 and 2012, respectively. His current research interests include Cybersecurity, online social networks, mobile wireless sensor networks, mobile computing, and crowdsourcing.
Most people view Online Social Networks (OSNs) as platforms for communicating and sharing information, while organizations use OSNs to engage the masses. Information sharing between users or organizations gives rise to new threats and attacks to the network, such as Identity Clone and Reconnaissance Attacks. The Identity Clone Attack (ICA) clones users in a network and impersonates them to infiltrate social circles. Another type of attack, the Reconnaissance Attack (RA), gathers information about a target’s resources, employees, and relationships with other entities that make it easy to reach the target from OSNs. To defend against ICA, researchers have used string matching and IP address mapping to locations. On the other hand, for RA, researchers have developed an alternative infiltration based on sequential friend requests which may be impractical in a real-world setting. Previous research on ICA and RA focuses on a single attacker and makes strong assumptions about the symmetric nature of social networks. The previous research does not consider the case where attackers could add or modify some attributes on the clone. These research focused on how attackers used multiple friend requests, which could be detected by OSNs services, to reach their targets. Most importantly, research fails to consider the scenarios where multiple attackers collude against the network or propose a defense mechanism against RA. The aim of our research is to provide mechanisms to defend against colluding attackers in the presence of ICA and RA attacks.
An advantage of uncovering colluders, who work towards a common goal of infiltration, is that we developed an algorithm against colluders in non-adversarial attacks in crowdsourcing. This is where one colluder reviews a product and other colluders duplicate it with slight modifications and present it as their own review for compensation. Recent works make a strong assumption of fixed clique sizes which fail against smart attackers, participating in multiple groups with different sizes, called overlapping colluding. To detect fake reviews and uncovering colluders, we propose a semantic similarity measure between reviews and a community detection algorithm to overcome the behavior characteristics of non-adversarial colluders in crowdsourcing, which results in outperforming methods addressing the same problem.
When utilized in a colluding attack, an ICA may become stronger and more sophisticated than when used in an individual attack. Recent works proposed string matching and IP address mapping to locations as a defense mechanism. However, both defenses are easily countered through the use of misinformation in the profile or locations’ spoofing. We propose a token-based comparison and a friend list structure matching approach, resulting in stronger identifiers even in the presence of attackers who could add or modify some attributes on the clone.
Future research includes proposing a stronger RA collusion mechanism, where colluders build their own legitimacy by considering asymmetric relationships among users. Moreover, while having partial information of the networks, colluders will avoid recreating social circles around their targets. Finally, we will propose a defense mechanism against RA collusion which uses the weakest person to reach their target.