Malicious user detection in Momo application based on spatio-temporal behavior and static attribute analysis

Autor: Haifeng YANG, Shaoyong DU, Guo WEI, Wenqi SHI, Xiangyang LUO
Jazyk: English<br />Chinese
Rok vydání: 2024
Předmět:
Zdroj: 网络与信息安全学报, Vol 10, Iss 4, Pp 143-158 (2024)
Druh dokumentu: article
ISSN: 2096-109x
2096-109X
DOI: 10.11959/j.issn.2096-109x.2024060
Popis: Momo, a popular mobile social application, has attracted a significant number of malicious users engaged in illegal online activities such as fraud, online gambling, and illegal lending. The detection of these malicious users is of great importance. However, the loose social relationships between users and the limited textual content on Momo have made it challenging for existing methods to accurately characterize user features, resulting in low detection accuracy. To address this issue, a malicious user detection method based on the analysis of user spatio-temporal behavior and static attributes was proposed. Firstly, a user spatio-temporal information dataset was constructed by collecting user online time, location, and abnormal labels data provided by Momo’s location service. Then, the differences in online time and location distribution between normal users and malicious users with abnormal labels in the dataset were compared to analyze the spatio-temporal behavior characteristics of malicious users. Subsequently, the temporal behavior characteristics of users were characterized by the online probability of users in different time periods, and the spatial behavior characteristics of users were characterized by the degree of clustering of users’ historical location distribution. Finally, the obtained spatio-temporal behavior features and gender attributes were combined to train a user classification model for malicious user detection. A malicious user detection experiment was conducted based on 1,894,917 data points collected from 67,280 Momo users. The results demonstrate that the proposed method could effectively detect malicious users, especially for those with fewer historical content publications. The proposed method exhibits significantly better performance in correctly classifying malicious users compared to representative methods such as SybilSCAR and DatingSec, with an improvement of over 4.6% in AUC-ROC and over 19.88% in AUC-PR.
Databáze: Directory of Open Access Journals