{"title":"僵尸跟踪器:在RecDroid中使用聚类方法进行僵尸用户检测","authors":"Bahman Rashidi, Carol J. Fung","doi":"10.1109/NOMS.2016.7502994","DOIUrl":null,"url":null,"abstract":"RecDroid is a smartphone permission management system which provides users with a fine-grained real-time app permission control and a recommendation system regarding whether to grant the permission or not based on expert users' responses in the network. However, in such a system, malware owners may create multiple bot users to misguide the recommendation system by providing untruthful responses on the malicious app. Threshold-based detection method can detect malicious users which are dishonest on many apps, but it cannot detect malicious users that target on some specific apps. In this work, we present a clustering-based method called BotTracer to finding groups of bot users controlled by the same masters, which can be used to detect bot users with high reputation scores. The key part of the proposed method is to map the users into a graph based on their similarity and apply a clustering algorithm to group users together. We evaluate our method using a set of simulated users' profiles, including malicious users and regular ones. Our experimental results demonstrate high accuracy in terms of detecting malicious users. Finally, we discuss several clustering features and their impact on the clustering results.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"BotTracer: Bot user detection using clustering method in RecDroid\",\"authors\":\"Bahman Rashidi, Carol J. Fung\",\"doi\":\"10.1109/NOMS.2016.7502994\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"RecDroid is a smartphone permission management system which provides users with a fine-grained real-time app permission control and a recommendation system regarding whether to grant the permission or not based on expert users' responses in the network. However, in such a system, malware owners may create multiple bot users to misguide the recommendation system by providing untruthful responses on the malicious app. Threshold-based detection method can detect malicious users which are dishonest on many apps, but it cannot detect malicious users that target on some specific apps. In this work, we present a clustering-based method called BotTracer to finding groups of bot users controlled by the same masters, which can be used to detect bot users with high reputation scores. The key part of the proposed method is to map the users into a graph based on their similarity and apply a clustering algorithm to group users together. We evaluate our method using a set of simulated users' profiles, including malicious users and regular ones. Our experimental results demonstrate high accuracy in terms of detecting malicious users. Finally, we discuss several clustering features and their impact on the clustering results.\",\"PeriodicalId\":344879,\"journal\":{\"name\":\"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-04-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NOMS.2016.7502994\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NOMS.2016.7502994","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
BotTracer: Bot user detection using clustering method in RecDroid
RecDroid is a smartphone permission management system which provides users with a fine-grained real-time app permission control and a recommendation system regarding whether to grant the permission or not based on expert users' responses in the network. However, in such a system, malware owners may create multiple bot users to misguide the recommendation system by providing untruthful responses on the malicious app. Threshold-based detection method can detect malicious users which are dishonest on many apps, but it cannot detect malicious users that target on some specific apps. In this work, we present a clustering-based method called BotTracer to finding groups of bot users controlled by the same masters, which can be used to detect bot users with high reputation scores. The key part of the proposed method is to map the users into a graph based on their similarity and apply a clustering algorithm to group users together. We evaluate our method using a set of simulated users' profiles, including malicious users and regular ones. Our experimental results demonstrate high accuracy in terms of detecting malicious users. Finally, we discuss several clustering features and their impact on the clustering results.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
