Íntegro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs

—Detecting fake accounts in online social networks (OSNs) protects OSN operators and their users from various malicious activities. Most detection mechanisms attempt to predict and classify user accounts as real (i.e., benign, honest) or fake (i.e., malicious, Sybil) by analyzing user-level activities or graph-level structures. These mechanisms, however, are not robust against adversarial attacks in which fake accounts cloak their operation with patterns resembling real user behavior. We herein demonstrate that victims, benign users who control real accounts and have befriended fakes, form a distinct classiﬁ-cation category that is useful for designing robust detection mechanisms. First, as attackers have no control over victim accounts and cannot alter their activities, a victim account classiﬁer which relies on user-level activities is relatively harder to circumvent. Second, as fakes are directly connected to victims, a fake account detection mechanism that integrates victim prediction into graph-level structures is more robust against manipulations of the graph. To validate this new approach, we designed Íntegro, a scalable defense system that helps OSNs detect fake accounts using a meaningful a user ranking scheme. Íntegro starts by predicting victim accounts from user-level activities. After that, it integrates these predictions into the graph as weights, so that edges incident to predicted victims have much lower weights than others. Finally, Íntegro ranks user accounts based on a modiﬁed random walk that starts from a known real account. Íntegro guarantees that most real accounts rank higher than fakes so that OSN operators can take actions against low-ranking fake accounts. We implemented Íntegro using widely-used, open-source distributed computing platforms in which it scaled nearly linearly. We evaluated Íntegro against SybilRank, the state-of-the-art in fake account detection, using real-world datasets and a large-scale deployment at Tuenti, the largest OSN in Spain. We show that Íntegro signiﬁcantly outperforms SybilRank in user ranking quality, where the only requirement is to employ a victim classiﬁer is better than random. Moreover, the deployment of Íntegro at Tuenti resulted in up to an order of magnitude higher precision in fake accounts detection, as compared to SybilRank.

We herein demonstrate that victims, benign users who control real accounts and have befriended fakes, form a distinct classification category that is useful for designing robust detection mechanisms.First, as attackers have no control over victim accounts and cannot alter their activities, a victim account classifier which relies on user-level activities is relatively harder to circumvent.Second, as fakes are directly connected to victims, a fake account detection mechanism that integrates victim prediction into graphlevel structures is more robust against manipulations of the graph.
To validate this new approach, we designed Íntegro, a scalable defense system that helps OSNs detect fake accounts using a meaningful a user ranking scheme.Íntegro starts by predicting victim accounts from user-level activities.After that, it integrates these predictions into the graph as weights, so that edges incident to predicted victims have much lower weights than others.Finally, Íntegro ranks user accounts based on a modified random walk that starts from a known real account.Íntegro guarantees that most real accounts rank higher than fakes so that OSN operators can take actions against low-ranking fake accounts.
We implemented Íntegro using widely-used, open-source distributed computing platforms in which it scaled nearly linearly.We evaluated Íntegro against SybilRank, the state-of-the-art in fake account detection, using real-world datasets and a largescale deployment at Tuenti, the largest OSN in Spain.We show that Íntegro significantly outperforms SybilRank in user ranking quality, where the only requirement is to employ a victim classifier is better than random.Moreover, the deployment of Íntegro at Tuenti resulted in up to an order of magnitude higher precision in fake accounts detection, as compared to SybilRank.

I. INTRODUCTION
The rapid growth of online social networks (OSNs), such as Facebook, Twitter, RenRen, LinkedIn, Google+, and Tuenti, has been followed by an increased interest in abusing them.
Due to their open nature, OSNs are particularly vulnerable to the Sybil attack [1], where an attacker creates multiple fake accounts called Sybils for various adversarial objectives.
The problem.In its 2014 earnings report, Facebook estimated that up to 15 millions (%1.2) of its monthly active users are in fact "undesirable," representing fake accounts that are used in violation of the site's terms of service [2].For such OSNs, the existence of fakes leads advertisers, developers, and investors to distrust their reported user metrics, which negatively impacts their revenues [3].Attackers create and automate fake accounts for various malicious activities, including social spamming [4], malware distribution [5], political astroturfing [6], and private data collection [7].It is therefore important for OSNs to detect fake accounts as fast and accurately as possible.
The challenge.Most OSNs employ detection mechanisms that attempt to identify fake accounts through analyzing either userlevel activities or graph-level structures.In the first approach, unique features are extracted from recent user activities (e.g., frequency of friend requests, fraction of accepted requests), after which they are applied to a classifier that has been trained offline using machine learning techniques [8].In the second approach, an OSN is formally modeled as a graph, with nodes representing user accounts and edges representing social relationships (e.g., friendships).Given the assumption that fakes can befriend only few real accounts, the graph is partitioned into two regions separating real accounts from fakes, with a narrow passage between them [9].While these techniques are effective against naïve attacks, various studies showed they are inaccurate in practice and can be easily evaded [7], [10], [11].For example, attackers can cheaply create fakes that resemble real users, circumventing feature-based detection, or use simple social engineering tactics to befriend a large number of real users, invalidating the assumption behind graph-based detection.In this work, we aim to tackle the question: "How can we design a robust defense mechanism that allows an OSN to detect accounts which are highly likely to be fake?" Implications.If an OSN operator can detect fakes efficiently and effectively, it can improve the experience of its users by thwarting annoying spam messages and other abusive content.The OSN operator can also increase the credibility of its user metrics and enable third parties to consider its user accounts as authentic digital identities [12].Moreover, the operator can better utilize the time of its analysts who manually inspect and validate accounts based on user reports.For example, Tuenti, the largest OSN in Spain with 15M active users, estimates that only 5% of the accounts inspected based on user reports are in fact fake, which signifies the inefficiency of this manual process [13].The OSN operator can also selectively enforce abuse mitigation techniques, such as CAPTCHA challenges [8] and photo-based social authentication [14], to suspicious accounts while running at a lower risk of annoying benign users.
Our solution.We present Íntegro, a robust defense system that helps OSNs identify fake accounts, which can befriend many real accounts, through a user ranking scheme. 1 We designed Íntegro for OSNs whose social relationships are bidirectional (e.g., Facebook, Tuenti, LinkedIn), with the ranking process being completely transparent to users.While Íntegro's ranking scheme is graph-based, the social graph is preprocessed first and annotated with information derived from feature-based detection techniques.This approach of integrating user-level activities into graph-level structures positions Íntegro as the first feature-and-graph-based detection mechanism.
Our design is based on the observation that victim accounts, real accounts whose users have accepted friend requests sent by fakes, are useful for designing robust fake account detection mechanisms.In particular, Íntegro uses basic account features (e.g., gender, number of friends, time since last update), which are cheap to extract from user-level activities, in order to train a classifier to predict unknown victims in the OSN.As attackers do not have control over victims nor their activities, a victim classifier is inherently more resilient to adversarial attacks than a similarly-trained fake account classifier.Moreover, as victims are directly connected to fakes, they form a "borderline" separating real accounts from fakes in the social graph.Íntegro makes use of this observation by incorporating victim predictions into the graph as weights, such that edges incident to predicted victims have lower weights than others.Finally, Íntegro ranks user accounts based on the landing probability of a modified random walk that starts from a known real account.The walk is "short" by terminating its traversal early before it converges.The walk is "supervised" by biasing its traversal towards nodes that are reachable through higher-weight paths.As this short, supervised random walk is likely to stay within the subgraph consisting of real accounts, most real accounts receive higher ranks than fakes.Unlike SybilRank [13], the stateof-the-art in graph-based fake account detection, we do not assume sparse connectivity between real and fake accounts, which makes Íntegro the first fake account detection system that is robust against adverse manipulation of the graph.
For an OSN consisting of n users, Íntegro takes O(n log n) time to complete its computation.For attackers who randomly establish a set E a of edges between victim and fake accounts, Íntegro guarantees that no more than O(vol(E a ) log n) fakes are assigned ranks similar to or higher than real accounts in the worst case, where vol(E a ) is the sum of weights on edges in E a .Even with a random victim classifier that labels accounts as victims with 0.5 probability, Íntegro ensures that vol(E a ) is at most equals to |E a |, resulting in an improvement factor of O (|E a |/vol(E a )) over SybilRank.
Main results.We evaluated Íntegro against SybilRank using real-world datasets and a large-scale deployment at Tuenti.We chose SybilRank because it was shown to outperform known contenders [13], including EigenTrust [15], SybilGuard [16], SybilLimit [17], SybilInfer [18], Mislove's method [19], and GateKeeper [20].In addition, as SybilRank relies on a ranking scheme that is similar to ours, albeit on an unweighted graph, evaluating against SybilRank allowed us to show the impact of leveraging victim prediction on ranking quality.Our results show that Íntegro consistently outperforms SybilRank in user ranking quality, especially as E a grows large.In particular, Íntegro resulted in up to 30% improvement over SybilRank in the ranking's area under ROC curve (AUC), which represents the probability that a random real account is ranked higher than a random fake account.
In practice, the deployment of Íntegro at Tuenti resulted in up to an order of magnitude higher precision in fake account detection, where ideally fakes should be located at the bottom of the ranked user list.In particular, for the bottom 20K lowranking users, Íntegro achieved 95% precision, as compared to 43% by SybilRank and 5% by Tuenti's user-based abuse reporting system.More importantly, the precision dramatically decreased when moving up in the ranked list, which means Íntegro consistently placed most of the fakes at the bottom of the list, unlike SybilRank.The only requirement with Íntegro is to use a victim classifier that is better than random.This can be easily achieved during the cross-validation phase by deploying a victim classifier with an AUC greater than 0.5.
From system scalability standpoint, Íntegro scales to OSNs with many million users and runs on commodity machines.We implemented Íntegro on top of open-source implementations of MapReduce [21] and Pregel [22].Using a synthetic benchmark of an OSN consisting of 160M users, Íntegro takes less than 30 minutes to finish its computation on 33 commodity machines.

Contributions. This work makes the following contributions:
• Integrating user-level activities into graph-level structures.We presented the design and analysis of Íntegro, a fake account detection system that relies on a novel technique for integrating user-level activities into graph-level structures.Íntegro uses feature-based detection with user-level activities to predict how likely each user is to be a victim.By weighting the graph such that edges incident to predicted victims have much lower weights than others, Íntegro guarantees that most real accounts are ranked higher than fakes.These ranks are derived from the landing probability of a modified random walk that starts from a known real account.To our knowledge, Íntegro is the first detection system that is robust against adverse manipulation of the social graph, where fakes follow an adversarial strategy to befriend a large number of accounts, real or fake, in an attempt to evade detection (Sections III and IV).
• Implementation and evaluation.We implemented Íntegro on top of widely-used, open-source distributed machine learning and graph processing platforms.We evaluated Íntegro against SybilRank using real-world datasets and a large-scale deployment at Tuenti.In practice, Íntegro has allowed Tuenti to detect at least 10 times more fakes than their current user-based abuse reporting system, where reported users are not ranked.With an average of 16K reports per day [13], this improvement has been useful to both Tuenti and its users (Sections V and VI).

II. BACKGROUND AND RELATED WORK
We first outline the threat model we assume in this work.We then present required background and related work on fake account detection, abuse mitigation and the ground-truth, social infiltration, and analyzing victims of fakes in OSNs.

A. Threat model
We focus on OSNs such as Facebook, RenRen, and Tuenti, which are open to everyone and allow users to declare bilateral relationships (i.e., friendships).
Capabilities.We consider attackers who are capable of creating and automating fake accounts on a large scale [23].Each fake account, also called a socialbot [24], can perform social activities similar to those of real users.This includes sending friend requests and posting social content.We do not consider attackers who are capable of hijacking real accounts, as there are existing detection systems that tackle this threat (e.g., COMPA [25]).We focus on detecting fake accounts that can befriend a large number of benign users in order to mount subsequent attacks, as we describe next.
Objectives.The objective of an attacker is to distribute spam and malware, misinform, or collect private user data on a large scale.To achieve this objective, the attacker has to infiltrate the target OSN by using the fakes to befriend many real accounts.Such an infiltration is required because isolated fake accounts cannot directly interact with or promote content to most users in the OSN [23].This is also evident by a thriving underground market for social infiltration.For example, attackers can now connect their fake accounts with 1K users for $26 or less [26].
Victims.We refer to benign users who have accepted friend requests from fake accounts as victims.We refer to friendships between victims and fakes as attack edges.Victims control real accounts and engage with others in non-adversarial activities.

B. Fake account detection
From a systems design perspective, most of today's fake account detection mechanisms are either feature-based or graphbased, depending on whether they utilize machine learning or graph analysis techniques in order to identify fakes.Next, we discuss each of these approaches in detail.
Feature-based detection.This approach relies on user-level activities and its account details (i.e., user logs, profiles).By identifying unique features of an account, one can classify each account as fake or real using various machine learning techniques.For example, Facebook employs an "immune system" that performs real-time checks and classification for each read and write action on its database, which are based on features extracted from user accounts and their activities [8].
Yang et al. used ground-truth provided by RenRen to train an SVM classifier in order to detect fake accounts [27].Using simple features, such as frequency of friend requests, fraction of accepted requests, and per-account clustering coefficient, the authors were able to train a classifier with 99% true-positive rate (TPR) and 0.7% false-positive rate (FPR).
Stringhini et al. utilized honeypot accounts to collect data describing various user activities in OSNs [28].By analyzing the collected data, they were able to build a ground-truth for real and fake accounts, with features similar to those outlined above.The authors trained two random forests (RF) classifiers to detect fakes in Facebook and Twitter, ending up with 2% FPR and 1% false-negative rate (FNR) for Facebook, and 2.5% FPR and 3% FNR for Twitter.
Wang et al. used a click-stream dataset provided by Ren-Ren to cluster user accounts into "similar" behavioral groups, corresponding to real or fake accounts [29].Using the METIS clustering algorithm [30] with both session and clicks features, such as average clicks per session, average session length, the percentage of clicks used to send friend requests, visit photos, and share content, the authors were able to calibrate a clusterbased classifier with 3% FPR and 1% FNR.
Even though feature-based detection scales to large OSNs, it is still relatively easy to circumvent.This is the case because it depends on features describing activities of known fakes in order to identify unknown ones.In other words, attackers can evade detection by adversely modifying the content and activity patterns of their fakes, leading to an arms race [31]- [33].Also, feature-based detection does not provide any formal security guarantees and often results in a high FPR in practice.This is partly attributed to the large variety and unpredictability of behaviors of users in adversarial settings [13].
With Íntegro, we employ feature-based detection to identify unknown victims in a non-adversarial setting.The dataset used to train a victim classifier includes features of only known real accounts that have either accepted or rejected friend requests send by known fakes.As real accounts are controlled by benign users who are not adversarial, a feature-based victim account classifier is harder to circumvent than a similarly-trained fake account classifier.As we discuss in Section IV, we only require victim classification to be better than random guessing in order to outperform the state-of-the-art in fake account detection.
Graph-based detection.As a response to the lack of formal security guarantees in feature-based detection, the state-of-theart in fake account detection utilizes a graph-based approach instead.In this approach, an OSN is modeled as a graph, with nodes representing user accounts and edges between nodes representing social relationship.Given the assumption that fakes can establish only a small number of attack edges, the subgraph induced by the set of real accounts is sparsely connected to fakes, that is, the cut which crosses over attack edges is sparse. 2raph-based detection mechanisms make this assumption, and attempt to find such a sparse cut with formal guarantees [34]- [36].For example, Tuenti employs SybilRank to rank accounts according to their perceived likelihood of being fake, based on structural properties of its social graph [13].Yu et al. were among the first to analyze the social graph for the purpose of identifying fake accounts in OSNs [16], [17].The authors developed a technique that labels each account as either fake or real based on multiple, modified random walks.This binary classification is used to partition the graph into two smaller subgraphs that are sparsely interconnected via attack edges, separating real accounts from fakes.They also proved that in the worst case O(|E a | log n) fakes can be misclassified, where |E a | is the number of attack edges and n is the number of accounts in the network.Accordingly, it is sufficient for the attacker to establish Ω(n/ log n) attack edges in order to evade this detection scheme with 0% TPR.[19].In general, community detection decomposes a given graph into a number of tightlyknit subgraphs that are loosely connected to each other, where each subgraph is called a community [37], [38].By expanding a community starting with known real accounts [39], the authors were able to identify the subgraph which contains mostly real accounts.Recently, however, Alvisi et al. showed that this local community detection technique can be easily circumvented if the fakes establish sparse connectivity among themselves [9].

Viswanath et al. employed community detection techniques to identify fake accounts in OSNs
As binary classification often leads to high FPR [19], Cao et al. proposed to rank the users instead so that most fakes are ranked lower than real accounts [13].The authors developed SybilRank, a fake account detection system that assigns each account a rank describing how likely it is to be fake based on a modified random walk, where a lower rank means the account is more likely to be fake.They also proved that O(|E a | log n) fakes can outrank real accounts in the worst case, given the fakes establish |E a | attack edges with victims at random.While graph-based detection offers desirable security guarantees, real-world social graphs do not conform with the main assumption on which it depends.In particular, various studies confirmed that attackers can infiltrate OSNs on a large scale by deceiving users into befriending their fakes [7], [10], [11].As we discuss next, social infiltration renders graph-based fake account detection ineffective in practice.
With Íntegro, we do not assume that fakes are limited by how many attack edges they can establish.We instead leverage victim prediction to weight the graph and bound the security guarantee by the aggregate weight on attack edges, vol(E a ), rather than their number, |E a |.In particular, by assigning lower weights to edges incident to potential victims, we upper bound the value of vol(E a ) by |E a |, as we show later in Section IV.

C. Abuse mitigation and the ground-truth
Due to the inapplicability of automated account suspension, OSNs employ abuse mitigation techniques, such as CAPTCHA challenges [8] and photo-based social authentication [14], so as to rate-limit accounts that have been automatically flagged as fake or suspicious.Moreover, these accounts are pooled for manual inspection by experienced analysts who build a groundtruth of real and fake accounts along with their features, before suspending or removing verified fakes [8], [13], [27], [40].
While maintaining an up-to-date ground-truth is important for retraining deployed classifiers and estimating how effective they are in practice, it is rather a time-consuming and nonscalable task.For example, on an average day, each analyst at Tuenti inspects 250-350 accounts an hour, and for a team of 14 employees, up to 30K accounts are inspected per day [13].It is thus important to rank user accounts in terms of how likely they are to be fake in order to prioritize account inspection by analysts.Íntegro offers this functionality and leads to a faster reaction against potential abuse by fakes, benefiting both OSN operators and their users.

D. Social infiltration
In early 2011, we conducted a study to evaluate how easy it is to infiltrate large OSNs such as Facebook [23].In particular, we used 100 automated fake accounts to send friend requests to 9.6K real users, where each user received exactly one request.
Main results.We found that users are not careful in their befriending decisions, especially when they share mutual friends with the requester.This behavior was exploited by the fakes to achieve large-scale social infiltration with a success rate of up to 80%, in which case the fakes shared at least 11 mutual friends with the victims.In particular, we reported two main results that are important for designing fake account detection systems.First of all, some users are more likely to be victims than others.As shown in Fig. 1a, the more friends a user has, the more likely the user is to accept friend requests sent by fakes posing as strangers, regardless of their gender or number of mutual friends.Second, attack edges are generally easy to establish in OSN such as Facebook.As shown in Fig. 1b, an attacker can establish enough attack edges such that there is no sparse cut separating real accounts from fakes [36].
Implications.The study suggests that one can predict victims of fake accounts from user-level activities using low-cost features (e.g., number of friends).In addition, the study shows that graph-based detection mechanisms that rely solely on the graph structure are not effective under social infiltration.As social infiltration is prominent in other OSNs [41], [42], new proposals for graph-based detection should extend their threat model and include attackers who can infiltrate on a large scale.

E. Analyzing victim accounts
While we are the first to utilize victim accounts to separate fakes from real accounts, others have analyzed victim accounts as part of the larger cyber criminal ecosystem in OSNs [43].
Wagner et al. developed predictive models to identify users who are more susceptible to social infiltration in Twitter [11].They found that susceptible users, also called potential victims, tend to use Twitter for conversational purposes, are more open and social since they communicate with many different users, use more socially welcoming words, and show higher affection than non-susceptible users.
Yang el al. studied the cyber criminal ecosystem on Twitter [44].They found that victims fall into one of three categories.The first are social butterflies who have large numbers of followers and followings, and establish social relationships with other accounts without careful examination.The second are social promoters who have large following-follower ratios, larger following numbers, and a relatively high URL ratios in their tweets.These victims use Twitter to promote themselves or their business by actively following other accounts without consideration.The last are dummies who post few tweets but have many followers.These victims are actually dormant fake accounts at an early stage of their abuse.

III. INTUITION, GOALS, AND MODEL
We now introduce Íntegro, a fake account detection system that is robust against social infiltration.We first present the intuition behind our design, followed by its goals and model.

A. Intuition
Some users are more likely to become victims than others.If we can train a classifier to accurately predict whether a user is a victim with some probability, we can then identify the cut which separates fakes from real accounts in the graph.As victims are benign users who are not adversarial, the output of this classifier represents a reliable information which we can integrate in the graph.To find the cut which crosses over mostly attack edges, we can define a graph weighting scheme that assigns edges incident to predicted victims lower weights than others, where weight values are calculated from prediction probabilities.In a weighted graph, the sparsest cut is the cut with the smallest volume, which is the sum of weights on edges across the cut.Given an accurate victim classifier, such a cut is expected to cross over some or all attack edges, effectively separating real accounts from fakes, even if the number of attack edges is large.We find this cut using a ranking scheme that ideally assigns higher ranks to nodes in one partition of the cut than others.This ranking scheme is inspired by similar graph partitioning algorithms proposed by Spielman et al. [45], Yu [34], and Cao et al. [13].

B. Design goals
Íntegro aims to help OSN operators in detecting fake accounts using a meaningful user ranking scheme.In particular, Íntegro has the following design goals: • High-quality user ranking (effectiveness).The system should consistently assign higher ranks to real accounts than fakes.It should limit the number of fakes that might rank similar to or higher than real accounts.The system should be robust against social infiltration under real-world attack strategies.Given a ranked list of users, a high percentage of the users at the bottom of the list should be fake.This percentage should decrease as we go up in the list.
• Scalability (efficiency).The system should have a practical computational cost which allows it to scale to large OSNs.It should deliver ranking results in only few minutes.The system should be able to extract useful, low-cost features and process large graphs on commodity machines, in order to allow OSNs to deploy it on their existing computer clusters.Fig. 2: System model.In this figure, the OSN is represented as a graph consisting of 14 users.There are 8 real accounts, 6 fake accounts, and 5 attack edges.The cut, represented by a dashed-line, partitions the graph into two regions, real and fake.Victim accounts are real accounts that are directly connected to fakes.Trusted accounts are accounts that are known to be real and not victims.Each account has a feature vector representing basic account information.Initially, all edges have a unit weight, so user B for example has a degree of 3.

C. System model
As illustrated in Fig. 2, we model an OSN as an undirected graph G = (V, E), where each node v i ∈ V represents a user account and each edge {v i , v j } ∈ E represents a bilateral social relationship among v i and v j .In the graph G, there are n = |V | nodes and m = |E| edges.
Attributes.Each node v i ∈ V has a degree deg(v i ) that is equal to the sum of weights on edges incident to v i .Moreover, v i has a feature vector A(v i ), where each entry a j ∈ A(v i ) describes a feature or an attribute of the account v i .Each edge {v i , v j } ∈ E has a weight w(v i , v j ) ∈ (0, 1], which is initially set to w(v i , v j ) = 1.
Regions.The node set V is divided into two disjoint sets, V r and V f , representing real and fake accounts, respectively.We refer to the subgraph induced by V r as the real region G r , which includes all real accounts and the friendships between them.Likewise, we refer to the subgraph induced by V f as the fake region G f .The regions are connected by a set of attack edges E a between victim and fake accounts.We assume the OSN operator is aware of a small set of trusted accounts V t , which are known to be real accounts and are not victims.

IV. SYSTEM DESIGN
We now describe the design behind Íntegro.We start with a short overview of our approach, after which we proceed with a detailed description of each system component.

A. Overview
Íntegro extracts low-cost features from user-level activities in order to train a classifier to identify unknown victims in the social graph.We refer to these accounts as potential victims, as there are probabilities attached to their labels.Íntegro then calculates new edge weights from prediction probabilities such that edges incident to identified victims have lower weights than others.Finally, Íntegro ranks user accounts based on the landing probability of a modified random walk that starts from a trusted account picked at random.The walk is "short," as it is terminated early before it converges.The walk is "supervised," as it is biased towards traversing nodes which are reachable via higher-weight paths.This short, supervised random walk has a higher probability to stay in the real region of the graph, as it is highly unlikely to escape into the fake region in few steps through low-weight attack edges.Accordingly, Íntegro assigns most of the real accounts a higher rank than fakes.

B. Identifying potential victims
For each user v i , Íntegro extracts a feature vector A(v i ) from its recent user-level activities.A subset of feature vectors is selected to train a binary classifier to predict whether each user is a victim and with what probability.As attackers have no control over victims, such a victim classifier is inherently more resilient to adversarial attacks than similarly-trained fake account classifier.Let us consider one concrete example.In the "boiling-frog" attack [31], fake accounts can force a classifier to tolerate abusive activities by slowly introducing similar activities to the OSN.Because the OSN operator has to retrain deployed classifiers in order to capture new behaviors, a fake account classifier will learn to tolerate more and more abusive activities, until the attacker can launch a full-scale attack without detection [7].For victim prediction, on the other hand, this is possible only if the accounts used for training have been hijacked.This situation can be avoided by manually verifying the accounts, as described in Section II-C.
Feature engineering.Extracting and selecting useful features from user activities can be both challenging and time consuming.For efficiency, we seek features that can be extracted in O(1) time per user.One candidate location for low-cost feature extraction is the profile page of user accounts, where features are readily available (e.g., a Facebook profile page).However, these features are expected to be statistically "weak," which means they may not strongly correlate with whether a user is a victim or not (i.e., the label).As we explain later, we require the victim classifier to be better than random in order to deliver robust fake account detection.This requirement, fortunately, is easy to satisfy.In particular, we show in Section V that an OSN operator can train and cross-validate a victim classifier that is up to 52% better than random, using strictly low-cost features.
Supervised learning.For each user v i , Íntegro computes a vulnerability score p(v i ) ∈ (0, 1) that represents the probability of v i to be a victim.For a fixed operating threshold α ∈ (0, 1) with a default value of α = 0.5, we say v i is a potential victim if p(v i ) ≥ α.To compute vulnerability scores, Íntegro uses random forests (RF) learning algorithm [46] to train a victim classifier, which given A(v i ) and α, decides whether the user v i is a victim with a score p(v i ).We picked this learning algorithm because it is both efficient and robust against model over-fitting [47].It takes O(n log n) time to extract n low-cost feature vectors, each consisting of O(1) features, and train a victim classifier.It also takes O(n) to evaluate node scores, given the trained classifier and users' feature vectors.

C. Integrating victim predictions and ranking users
To rank users, Íntegro computes the probability of a modified random walk to land on each user v i after k steps, where the walk starts from a trusted user account picked at random.For simplicity, we refer to the probability of a random walk to land on a node as its trust value, so the probability distribution of the walk at each step can be modeled as a trust propagation process [48].In this process, a weight w(v i , v j ) represents the rate at which trust may propagate from either side of the edge {v i , v j } ∈ E. We next describe this process in detail.
Trust propagation.Íntegro utilizes the power iteration method to efficiently compute trust values [49].This method involves successive matrix multiplications where each element of the matrix is the transition probability of the random walk from one node to another.Each iteration computes the trust distribution over nodes as the random walk proceeds by one step.Let T k (v i ) denote the trust collected by each node v i ∈ V after k iterations.Initially, the total trust, denoted by τ ≥ 1, is evenly distributed among the trusted nodes in V t : The process then proceeds as follows: where in iteration k, each node v i propagates its trust T k−1 (v i ) from iteration k −1 to each neighbour v j , proportionally to the ratio w(v i , v j )/ deg(v i ).This is required so that the sum of the propagated trust equals T k−1 (v i ).The node v i then collects the trust propagated similarly from each neighbour v j and updates its trust T k (v i ).Throughout this process, τ is preserved such that for each iteration k ≥ 1 we have: Our goal is to ensure that most real accounts collect higher trust than fake accounts.That is, we seek to limit the portion of τ that escapes the real region G r and enters the fake region G f .To achieve this property, we make the following modifications.
Adjusted propagation rates.In each iteration k, the aggregate rate at which τ may enter G f is strictly limited by the sum of weights on the attack edges, which we denote by the volume vol(E a ).Therefore, we aim to adjust the weights in the graph such that vol(E a ) ∈ (0, |E a |], without severely restricting trust propagation in G r .We accomplish this by assigning smaller weights to edges incident to potential victims than other edges.In particular, each edge {v i , v j } ∈ E keeps the default weight w(v i , v j ) = 1 if v i and v j are not potential victims.Otherwise, we modify the weight as follows: where β is a scaling parameter with a default value of β = 2. Now, as vol(E a ) → 0 the portion of τ that enters G f reaches zero as desired.For proper degree normalization, we introduce a self-loop Notice that self-loops are considered twice in degree calculation.
Early-terminated propagation.In each iteration k, the trust vector T k (V ) = T k (v 1 ), . . ., T k (v n ) describes the distribution of τ throughout the graph.As k → ∞ the vector converges )789":"/;+ " $<=>?@=@ABCDE":"+;-, " " F<G":"+;/ " to a stationary distribution T ∞ (V ), as follows [50]: where the volume vol(V ) in this case is the sum of degrees of nodes in V . 3In particular, T k (V ) converges after k reaches the mixing time of the graph, which is much larger than O(log n) iterations for various kinds of social networks [37], [51], [52].Accordingly, we terminate the propagation process early before it converges after ω = O(log n) iterations.
Degree-normalization. As described in Equation 5, trust propagation is influenced by individual node degrees.As k grows large, the propagation starts to bias towards high degree nodes.This implies that high degree fake accounts may collect more trust than low degree real accounts, which is undesirable for effective user ranking.To eliminate this node degree bias, we normalize the trust collected by each node by its degree.That is, we assign each node v i ∈ V after ω = O(log n) iterations a rank value T ′ ω (v i ) that is equal to its degree-normalized trust: Finally, we sort the nodes by their ranks in a descending order.
Example.Fig. 3 depicts trust propagation on a toy graph.In this example, we assume each account has a vulnerability score of 0.05 except the victim E, which has a score of p(E) = 0.95.The graph is weighted using α = 0.5 and β = 2, and a total trust τ = 1000 in initialized over the trusted nodes {C, D}.
After ω = 4 iterations, all real accounts {A, B, C, D, E} collect more trust than fake accounts {F, G, H, I}.The nodes also receive the correct ranking of ( D, A, B, C, E, F, G, H, I), as sorted by their degree-normalized trust.In particular, all real accounts have higher rank values than fakes, where the smallest difference is Moreover, notice that real accounts that are not victims have similar rank values, where the largest difference is T ′ 4 (D) − T ′ 4 (C) < 12.These sorted rank values, in fact, could be visualized as a stretchedout step function that has a significant drop near the victim's rank value.However, if we allow the process to converge after k > 50 iterations, the fakes collect similar or higher trust than real accounts, following Equation 5. Also, notice that the attack edges E a = {{E, G}, {E, F }, {E, H}} have a volume of vol(E a ) = 0.3, which is 10 times lower than its value if the graph had unit weights, with vol(E a ) = 3.As we soon show in Section V, adjusting the propagation rates is essential for robustness against social infiltration.
3 The definition of vol(U ) depends on whether U contains edges or nodes.

D. Trusted accounts and community structures
Íntegro is robust against social infiltration, as it limits the portion of τ that enters G f by the rate vol(E a ), regardless of the number of attack edges, |E a |.For the case when there are few attack edges so that G r and G f are sparsely connected, vol(E a ) is already small, even if one keeps w(v i , v j ) = 1 for each attack edge {v i , v j } ∈ E a .However, G r is likely to contain communities [37], [53], where each represents a dense subgraph that is sparsely connected to the rest of the graph.In this case, the propagation of τ in G r becomes restricted by the sparse inter-community connectivity, especially if V t is contained exclusively in a single community.We therefore seek a selection strategy for trusted accounts, or seeds, that takes into account the existing community structure in the graph.
Selection strategy.We pick trusted accounts as follows.First, before rate adjustment, we estimate the community structure in the graph using a community detection algorithm called the Louvain method [54].Second, after rate adjustment, we exclude potential victims and pick small samples of nodes from each detected community at random.Third and last, we inspect the sampled nodes in order to verify they correspond to real accounts that are not victims.We initialize the trust only between the accounts that pass manual verification by experts.
In addition to coping with the existing community structure in the graph, this selection strategy is designed to also reduce the negative impact of seed-targeting attacks.In such attacks, fakes befriend trusted accounts in order to adversely improve their ranking, as the total trust τ is initially distributed among trusted accounts.By choosing the seeds at random, however, the attacker is forced to guess the seeds among a large number of nodes.Moreover, by choosing multiple seeds, the chance of correctly guessing the seeds is further reduced, while the amount of trust assigned to each seed in lowered.In practice, the number of seeds depends on available resources for manual account verification, with a minimum of one seed per detected community.
Community detection.We picked the Louvain method as it is both efficient and produces high-quality partitions.The method iteratively groups closely connected communities together to greedily improve the modularity of the partition [55], which is a measure for partition quality.In each iteration, every node represents one community, and well-connected neighbors are greedily combined into the same community.At the end of the iteration, the graph is reconstructed by converting the resulting communities into nodes and adding edges that are weighted by inter-community connectivity.Each iteration takes O(m) time, and only a small number of iterations is required to find the community structure which greedily maximizes the modularity.
While one can apply community detection to identify fake accounts [19], doing so hinges on the assumption that fakes always form tightly-knit communities, which is not necessarily true [27].This also means fakes can easily evade detection if they establish sparse connectivity among themselves [9].With Íntegro, we do not make such an assumption.In particular, we consider an attacker who can befriend a large number of real or fake accounts, without any formal restrictions.

E. Computational cost
For an OSN with n users and m friendships, Íntegro takes O(n log n) time to complete its computation, end-to-end.We next analyze the running time in detail.
Runtime analysis.Recall that users have a limit on how many friends they can have (e.g., 5K in Facebook, 1K in Tuenti),

F. Security guarantees
For the upcoming security analysis, we consider attackers who establish attack edges with victims uniformly at random.Even though our design does not depend on the actual mixing time of the graph, we assume the real region is fast mixing for analytical tractability.This means that it takes O(log |V r |) iterations for trust propagation to converge in the real region.In other words, we assume there is a gap between the mixing time of the whole graph and that of the real region such that, after O(log n) iterations, the propagation reaches its stationary distribution in the real region but not in the whole graph.
Main theoretical result.The main security guarantee provided by Íntegro is captured by the following theoretical result.For a complete proof, we refer the reader to our technical report [56]: Theorem 4.1: Given a social graph with a fast mixing real region and an attacker who randomly establishes attack edges, the number of fake accounts that rank similar to or higher than real accounts after Proof sketch: Let us consider a graph G = (V, E) with a fast mixing real region G r .As weighting a graph changes its mixing time by a constant factor [57], G r remains fast mixing after rate adjustment.
After O(log n) iterations, the trust vector T ω (V ) does not reach its stationary distribution T ∞ (V ).Since trust propagation starts from G r , the fake region G f gets only a fraction f < 1 of the aggregate trust it should receive in T ∞ (V ).On the other hand, as the trust τ is conserved during the propagation process (Equation 3), G r gets c > 1 times higher aggregate trust than it should receive in T ∞ (V ).
, where τ /vol(V ) is the degree-normalized trust value in T ∞ (V ) (Equations 5 and 6).Knowing that G f is controlled by the attacker, each fake v j ∈ V f receives a rank value T ′ ω (v j ) that depends on how the fakes inter-connect to each other.However, since the aggregate trust in G f is bounded, each fake receives on average a rank value of T ′ ω (v j ) = f • τ /vol(V ), which is less than that of a real account.In the worst case, an attacker can arrange a set , while the remaining fakes receive a rank value of zero.Such a set cannot have more than (f /c) • vol(V s ) = O (vol(E a ) log n) accounts, as otherwise, f would not be less than 1 and G f would receive more than it should in T ω (V ).
Improvement over SybilRank's bound.Íntegro shares many design traits with SybilRank, which is the state-of-the-art in graph-based detection [13].In particular, modifying Íntegro by setting w(v i , v j ) = 1 for each (v i , v j ) ∈ E will in fact result in an identical ranking.It is indeed the prediction and incorporation of potential victims that differentiates Íntegro from other proposals, giving it the unique advantages outlined earlier.
As stated by Theorem 4.1, the bound on ranking quality relies on vol(E a ), regardless of how large the set E a grows.As we weight the graph based on the output of the victim classifier, our bound is sensitive to its classification performance.We next prove that if an OSN operator uses a victim classifier that is uniformly random, which means each user account v i ∈ V is equally vulnerable with p(v i ) = 0.5, then Íntegro is as good as SybilRank in terms of ranking quality [13]: Corollary 4.2: For a uniformly random victims classifier, the number of fake accounts that rank similar to or higher than real accounts after Proof: This classifier assigns each user account v i ∈ V a score p(v i ) = 0.5.By Equation 4, each edge {v i , v j } ∈ E is assigned a unit weight w(v i , v j ) = 1, where α = 0.5 and β = 2.By Theorem 4.1, the number of fake accounts that rank similar to or higher than real accounts after ω By Corollary 4.2, Íntegro can outperform SybilRank in its ranking quality by a factor of O (|E a |/vol(E a )), given the used victim classifier is better than random.This can be achieved during the cross-validation phase of the victim classifier, which we thoroughly describe in what follows.

V. SYSTEM EVALUATION
We analyzed and evaluated Íntegro against SybilRank using two real-world datasets recently collected from Facebook and Tuenti.We also compared both systems through a large-scale deployment at Tuenti in collaboration with its "Site Integrity" team, which has 14 full-time account analysts and 10 full-time software engineers who fight spam and other forms of abuse.
Compared system.We chose SybilRank for two main reasons.First, as discussed in Section IV-F, SybilRank utilizes a similar ranking scheme based on the power iteration method, albeit on an unweighted version of the graph.This similarity allowed us to clearly show the impact of leveraging victim prediction on fake account detection.Second, SybilRank outperforms other  contenders [13], including EigenTrust [15], SybilGuard [16], SybilLimit [17], SybilInfer [18], Mislove's method [19], and GateKeeper [20].We next contrast these systems to both SybilRank and Íntegro.
SybilGuard [16] and SybilLimit [17] identify fake accounts based on a large number of modified random walks, where the computational cost is O( √ mn log n) in centralized setting like OSNs.SybilInfer [18], on the other hand, uses Bayesian inference techniques to assign each user account a probability of being fake in O(n(log n) 2 ) time per trusted account.The system, however, does not provide analytical bounds on how many fakes can outrank real accounts in the worst case.
GateKeeper [20], which is a flow-based detection approach, improves over SumUp [58].It relies on strong assumptions that require balanced graphs and costs O(n log n) time per trusted account, referred to as a "ticket source." Viswanath et al. used Mislove's algorithm [39] to greedily expand a local community around known real accounts in oder to partition the graph into two communities representing real and fake regions [19].This algorithm, however, costs O(n 2 ) time and its detection can be easily evaded if the fakes establish sparse connectivity among themselves

A. Datasets
We used two datasets from two different OSNs.The first dataset was collected in the study described in Section II-D, and contained public user profiles and two graph samples.The second dataset was collected from Tuenti's production servers, and contained a day's worth of server-cached user profiles.
Research ethics.For collecting the first dataset, we followed known practices and obtained the approval of our university's research ethics board [7].As for the second dataset, we signed a non-disclosure agreement with Tuenti in order to access an anonymized, aggregated version of its user data, with the whole process being mediated by Tuenti's Site Integrity team.
The ground-truth.For the Tuenti dataset, the accounts were inspected and labeled by its accounts' analysts.The inspection included matching user profile photos to its declared age or address, understanding natural language in user posts, examining the friends of a user, and analyzing the user's IP address and HTTP-related information.For the Facebook dataset, we used the ground-truth of the original study [7], which we also re-validated for the purpose of this work, as we describe next.
Facebook.The dataset contained public profile pages of 9,646 real users who received friend requests from fake accounts.As the dataset was collected in early 2011, we wanted to verify whether these users are still active on Facebook.Accordingly, we revisited their public profiles in June 2013.We found that 7.9% of these accounts were either disabled by Facebook or deactivated by the users themselves.Accordingly, we excluded these accounts, ending up with 8,888 accounts, out of which 32.4% were victims who accepted a single friend request sent by a fake posing as a stranger.As fakes initially targeted users at random, the dataset included a diverse sample of Facebook users.In particular, these users were 51.3% males and 48.7% females, lived in 1,983 cities across 127 countries, practiced 43 languages, and have used Facebook for 5.4 years on average.The dataset also included two graph samples of Facebook, which were collected using a stochastic version of the Breadth-First Search method called "forest fire" [59].The first graph consisted of 2,926 real accounts with 9,124 friendships (the real region), 65 fakes with 2,080 friendships (the fake region), and 748 timestamped attack edges.The second graph consisted of 6,136 real accounts with 38,144 friendships, which represented the real region only.
Tuenti.The dataset contained profiles of 60K real users who received friend requests from fake accounts, out of which 50% were victims.The dataset was collected in Feb 10, 2014 from live production servers, where data resided in memory and no expensive, back-end queries were made.For Tuenti, collecting this dataset was a low-cost and easy process, as it only involved reading cached user profiles of a subset of its daily active users, users who logged in to Tuenti on that particular day.

B. Victim prediction
We sought to validate the following claim: An OSN operator can identify unknown victim accounts with a probability that is better than random, using strictly low-cost features extracted from readily-available user profiles.I, we extracted features from both datasets to generate feature vectors.The only requirement we had for feature selection was to have the feature value available for all users in the dataset, so that the resulting feature vectors are complete.For the Facebook dataset, we were able to extract 18 features from public user profiles.For Tuenti, however, the dataset was limited to 14 features, but contained user features that are not publicly accessible.

Features. As described in Table
Validation method.To evaluate the accuracy of the classifiers, we performed a 10-fold, stratified cross-validation method [47] using the RF learning algorithm.First, we randomly partitioned the dataset into 10 equally-sized sets, with each set having the same percentage of victims as the complete dataset.We next trained an RF classifier using 9 sets and tested it using the remaining set.We repeated this procedure 10 times (i.e., folds), with each of the sets being used once for testing.Finally, we combined the results of the folds by computing the mean of their true-positive rate (TPR) and false-positive rate (FPR).
Performance metrics.The output of the classifier depends on its operating threshold, which is a cutoff value in the prediction probability after which the classifier identifies a given user as a victim.In order to capture the trade-off between TPR and FPR in single curve, we repeated the cross-validation method under different threshold values using a procedure known as receiver In ROC analysis, the closer the curve is to the upper-left corner the more accurate it is.The area under the ROC curve (AUC) summarizes the classifier's performance.Therefore, an AUC of 1 means a perfect classifier, while an AUC of 0.5 means a random classifier.We require the victim classifier to be better than random.In (b), during cross validation on Tuenti dataset, we observed that increasing the dataset size to more than 40K vectors did not significantly increase the AUC.
operating characteristics (ROC) analysis.In ROC analysis, the closer the curve is to the top-left corner at point (0, 1) the better the classification performance is.The quality of the classifier can be quantified with a single value by calculating the area under its ROC curve (AUC) [47].
We also recorded the relative importance (RI) of features used for the classification.The RI score is computed by the RF algorithm, and it describes the relative contribution of each feature to the predictability of the label (i.e., a victim or a nonvictim), when compared to all other features [46].
Results.For both datasets, the RF classifier ended up with an AUC greater than 0.5, as shown in Fig. 4a.In particular, for the Facebook dataset, the classifier delivered an AUC of 0.7, which is 40% better than random.For the Tuenti dataset, on the other hand, the classifier delivered an AUC of 0.76, which is 52% better than random.Also, increasing the dataset size to more than 40K feature vectors did not significantly improve the AUC during cross-validation, as show in Fig. 4b.This means an OSN operator can train a victim classifier using a relatively small dataset, so fewer accounts need to be manually verified.

C. Ranking quality
We compared Íntegro against SybilRank in terms of their ranking quality under various attack scenarios, where ideally real accounts should be ranked higher than fake accounts.Our results are based on the average of at least 10 runs, with error bars reporting 95% confidence intervals (CI), when applicable.We picked the Facebook dataset for this comparison because it included both feature vectors and graph samples.
Infiltration scenarios.We considered two attack scenarios.In the first scenario, attackers establish attack edges by targeting users with whom their fakes have mutual friends.Accordingly, we used the first Facebook graph which contained timestamped attack edges, allowing us to replay the infiltration by 65 socialbots (n=2,991 and m=11,952).We refer to this scenario as the targeted-victim attack.
Facebook graph as the real region.We then generated a synthetic fake region consisting of 3,068 fakes with 36,816 friendships using the small-world graph model [60].We then added 35,306 random attack edges between the two regions (n=9,204 and m=110,266).As suggested in related work [34], we used a relatively large number of fakes and attack edges in order to stress-test both systems under evaluation.We refer to the this scenario as the random-victim attack.
Propagation rates.For each infiltration scenario, we deployed the previously trained victim classifier in order to assign new edge weights.As we injected fakes in the second scenario, we generated their feature vectors by sampling each feature distribution of fakes from the first scenario. 4We also assigned edge weights using another victim classifier that simulates two operational modes.In the first mode, the classifier outputs the best possible victim predictions with an AUC≈1 and probabilities greater than 0.95.In the second mode, the classifier outputs uniformly random predictions with an AUC≈0.5.We used this classifier to evaluate the theoretical best and practical worst case performance of Íntegro.
Evaluation method.To evaluate each system's ranking quality, we ran the system using both infiltration scenarios starting with a single attack edge.We then added another attack edge, according to its timestamp if available, and repeated the experiment.We kept performing this process until there were no more edges to add.At the end of each run, we measured the resulting AUC of each system, as explained next.
Performance metric.For the resulting ranked list of accounts, we performed ROC analysis by moving a pivot point along the list, starting from the bottom.If an account is behind the pivot, we marked it as fake; otherwise, we marked it as real.Given the ground-truth, we measured the TPR and the FPR across the whole list.Finally, we computed the corresponding AUC, which in this case quantifies the probability that a random real account is ranked higher than a random fake account.
Seeds and iterations.In order to make the chance of guessing seeds very small, we picked 100 trusted accounts that are nonvictim, real accounts.We used a total trust that is equal to n, the number of nodes in the given graph.We also performed ⌈log 2 (n)⌉ iterations for both Íntegro and SybilRank.
Results.Íntegro consistently outperformed SybilRank in ranking quality, especially as the number of attack edges increased.Using the RF classifier, Íntegro resulted in an AUC which is always greater than 0.92, and is up to 30% improvement over SybilRank in each attack scenario, as shown in Fig 5 .In each infiltration scenario, both systems performed well when the number of attack edges was relatively small.In other words, the fakes were sparsely connected to real accounts and so the regions were easily separated.As SybilRank limits the number of fakes that can outrank real accounts by the number of attack edges, its AUC degraded significantly as more attack edges were added to each graph.Íntegro, however, maintained its performance, with at most 0.07 decrease in AUC, even when the number of attack edges was relatively large.Notice that Íntegro performed nearly as good as SybilRank when a random victim classifier was used, but performed much better when the RF classifier was used instead.This shows the impact of leveraging victim prediction on fake account detection.

D. Sensitivity to seed-targeting attacks
Sophisticated attackers might obtain a full or partial knowledge of which accounts are trusted by the OSN operator.As the total trust is initially distributed among these accounts, an attacker can adversely improve the ranking of the fakes by establishing attack edges directly with them.We next evaluate both systems under two variants of this seed-targeting attack.
Attack scenarios.We focus on two main attack scenarios.In the first scenario, the attacker targets accounts that are k nodes away from all trusted accounts.This means that the length of the shortest path from any fake account to any trusted account is exactly k+1, representing the distance between the seeds and the fake region.For k=0, each trusted account is a victim and located at a distance of 1.We refer to this scenario, which assumes a resourceful attacker, as the distant-seed attack.
In the second scenario, attackers have only a partial knowledge and target k trusted accounts picked at random.We refer to this scenario as the random-seed attack.
Evaluation method.To evaluate the sensitivity of each system to a seed-targeting attack, we used the first Facebook graph to simulate each attack scenario.We implemented this by replacing the endpoint of each attack edge in the real region with a real account picked at random from a set of candidates.For the first scenario, a candidate account is one that is k nodes away from all trusted accounts.For the second scenario, a candidate account is simply any trusted account.We ran experiments for both systems using different values of k and measured the corresponding AUC at the end of each run.
Results.In the first attack scenario, both systems had a poor ranking quality when the distance was small, as illustrated in Fig. 6a.Because Íntegro assigns low weights to edges incident to victim accounts, the trust that escapes to the fake region is less likely to come back into the real region.This explains why SybilRank had a slightly better AUC for distances less than 3.However, once the distance was larger, Íntegro outperformed SybilRank ,as expected from earlier results.
In the second attack scenario, the ranking quality of both systems degraded, as the number of victimized trusted accounts

Fig. 1 :
Fig.1: Social infiltration in Facebook.In (a), while the fakes did not share mutual friends with invited users, the more friends these users had the more likely it was for them to accept friend requests sent by the fakes (CI=95%).In (b), contrary to what is often assumed in literature, fake accounts can use simple automated social engineering to establish a large number of attack edges.
so we have O(m) = O(n).Identifying potential victims takes O(n log n) time, where it takes O(n log n) time to train an RF classifier and O(n) time to compute vulnerability scores.Also, weighting the graph takes O(m) time.Detecting communities takes O(n) time, where each iteration of the Louvain method takes O(m) time, and the graph rapidly shrinks in O(1) time.Propagating trust takes O(n log n) time, as each iteration takes O(m) time and the propagation process iterates for O(log n) times.Ranking and sorting users by their degree-normalized trust takes O(n log n) time.So, the running time is O(n log n).
[9].Compared to these systems, SybilRank provides an equivalent or tighter security bound and is more computationally efficient, as it requires O(n log n) time regardless of the number of trusted accounts.Compared to SybilRank, Íntegro provides O(|E a |/vol(E a )) improvement on its security bound, requires the same O(n log n) time, and is robust against social infiltration, unlike SybilRank and all other systems.

Fig. 4 :
Fig.4: Victim prediction using the RF algorithm.In (a), the ROC curves show the tradeoff between FPR and TPR for both datasets.In ROC analysis, the closer the curve is to the upper-left corner the more accurate it is.The area under the ROC curve (AUC) summarizes the classifier's performance.Therefore, an AUC of 1 means a perfect classifier, while an AUC of 0.5 means a random classifier.We require the victim classifier to be better than random.In (b), during cross validation on Tuenti dataset, we observed that increasing the dataset size to more than 40K vectors did not significantly increase the AUC.

TABLE I :
Low-cost features extracted from Facebook and Tuenti datasets.The RI score is the relative importance of the feature.A value of "N/A" means the feature was not available for this dataset.A k-Categorical feature means this feature can have one value out of k categories (e.g., boolean features are 2-Categorical).