School of Computing and Information Sciences
Sajedul Talukder is a Ph.D. candidate in Computer Science at Florida International University (FIU) and currently working as a research assistant in the Cyber Security and Privacy Research (CaSPR) Lab under the supervision of Dr. Bogdan Carbunar. His research interests include security and privacy with applications in online and geosocial networks, machine learning, wireless networks, distributed systems and mobile applications. Sajedul Talukder received his B.Sc. degree in Computer Science and Engineering from Bangladesh University of Engineering and Technology (BUET), in 2014. His current research focuses on building an automated system that aims to reduce the online social networking risks for the general users and seeks to detect and defend abuses that can arise from social networking friends. His research works have been published on top-tier social networking conferences like ICWSM and ACM WebSci and have been invited by Facebook in their headquarter. During his Ph.D., he received several student travel grant awards to present his papers. At FIU, Sajedul worked as a research mentor for several undergraduate students in their summer research programs (such as Science without Borders, NSF-RET, NSF-REU). During his undergrad, he worked as a research intern in Ministry of Foreign Affairs, Bangladesh and Samsung R&D Institute Bangladesh. After his graduation, Sajedul is going to join Edinboro University as a tenure-track Assistant Professor of Computer Science.
Adversaries leverage social networks to collect sensitive data about regular users and target them with abuse that includes fake news, cyberbullying, malware distribution, and propaganda. Such behavior is more effective when performed by the social network friends of victims. In two preliminary user studies we found that 71 out of 80 participants have at least 1 Facebook friend with whom (1) they never interact, either in Facebook or in real life, or whom they believe is (2) likely to abuse their posted photos or status updates, or (3) post offensive, false or malicious content. Such friend abuse is often considered to be outside the scope of online social network defenses. Several of our studies suggest that (1) perceived Facebook friend abuse as well as stranger friends are a significant problem; (2) users lack the knowledge or ability to address this problem themselves; and (3) when helped and educated, users are often willing to take defensive actions against abusive existing and pending friends, and strangers.
Motivated by the rich, private information of users that is available to the Facebook friends, often the entry point of this vulnerability is the pending friends. In an exploratory study with a number of participants, we found that participants not only tend to accept invitations from perfect strangers but can even invent a narrative of common background to motivate their choice. Further, based on our conjecture that Facebook’s interface encourages users to accept pending friends, we develop new interfaces that seek to encourage users to explore the background of their pending friends and also to train them to avoid suspicious friends. The efficacy and implementation simplicity of the proposed modifications suggest that Facebook’s unwillingness to protect its users from abusive strangers is deliberate.
This dissertation explores the friend abuse problem in online social networks like Facebook. We introduce two novel approaches to prevent friend abuse problem in Facebook. (1) First, we introduce AbuSniff which can detect already existing abusive friends in Facebook, and prevent the abusive friend from doing abuse by taking some protective actions against them. (2) Second, we introduce FLock to address the problem of abuse prevention during the time of friend invitation: by educating and training the Facebook users about the abusive friend from the list of pending friend invitations, and introducing new User Interface to help users reject the potentially abusive friend invitation, thus protecting the user from abuse in advance.