Assessing Trust and Controlling Abuse in Crowdsourcing Systems
One of the key security threats plaguing crowdsourcing systems (e.g., Online networking sites like Facebook or Twitter) is abuse of services. Service abuse takes many forms — e.g., users are flooded with spam messages for the purpose of promoting businesses or for spreading malware, and crowd-sourced content rating services are tampered by fake or Sybil accounts to manipulate ratings. Such attacks severely degrade the quality of service provided by such crowdsourcing systems, e.g., social networking websites. One key reason that makes this type of abuse possible is: the ease of creating identities in such systems which results in variable level of reputation and trust across the identities in social systems. Our work tries to asses trust of identities in crowdsourcing systems and propose novel techniques to build robust and practical systems to control service abuse.
Due to ease of creating identities in most of the current crowdsourcing systems, today spammers and service abusers create multiple identities. However intuitively these identities (which are often used for abusing services, e.g., inflating reputation scores of a restaurant) should not be trusted. One of the main research directions for our group is to develop methodologies to asses trust of identities in crowdsourcing systems. Moreover we further build technologies to detect fraudulent activities in order to control abuse in these crowdsourcing systems.
http://socialnetworks.mpi-sws.org/security_trust.html
Like the Web, Twitter has presently become a target for link farming, where users, especially spammers, try to acquire large numbers of follower links in the social network. Acquiring followers not only increases the size of a user's direct audience, but also contributes to the perceived influence of the user, which in turn impacts the ranking of the user's tweets by search engines. To address this problem we investigated link farming in the Twitter social network and then explored mechanisms to discourage the activity.
http://socialnetworks.mpi-sws.org/linkfarming.html
Multiple identity, or Sybil attacks pose a fundamental problem in OSNs. In a Sybil attack, a malicious user creates multiple (Sybil) identities and takes advantage of the combined privileges associated with these identities to abuse the system by spamming, rating manipulation etc. To that end we build Sybil tolerant systems to defend against email spammers, frauds in online markets and large scale crawlers in crowdsourcing systems.
http://socialnetworks.mpi-sws.org/sybil_tolerance.html
People
Imprint | Data Protection
Krishna P. Gummadi