|
| This Article | ||
| ||
| Share | ||
| Bibliographic References | ||
| Add to: | ||
 Digg  Furl  Spurl  Blink  Simpy  Google  Del.icio.us  Y!MyWeb | ||
| Search | ||
| ||
WarningBird: A Near Real-Time Detection System for Suspicious URLs in Twitter Stream
May-June 2013 (vol. 10 no. 3)
pp. 183-195
| ASCII Text | x | ||
| Sangho Lee, Jong Kim, "WarningBird: A Near Real-Time Detection System for Suspicious URLs in Twitter Stream," IEEE Transactions on Dependable and Secure Computing, vol. 10, no. 3, pp. 183-195, May-June, 2013. | |||
| BibTex | x | ||
| @article{ 10.1109/TDSC.2013.3, author = {Sangho Lee and Jong Kim}, title = {WarningBird: A Near Real-Time Detection System for Suspicious URLs in Twitter Stream}, journal ={IEEE Transactions on Dependable and Secure Computing}, volume = {10}, number = {3}, issn = {1545-5971}, year = {2013}, pages = {183-195}, doi = {http://doi.ieeecomputersociety.org/10.1109/TDSC.2013.3}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, } | |||
| RefWorks Procite/RefMan/Endnote | x | ||
| TY - JOUR JO - IEEE Transactions on Dependable and Secure Computing TI - WarningBird: A Near Real-Time Detection System for Suspicious URLs in Twitter Stream IS - 3 SN - 1545-5971 SP183 EP195 EPD - 183-195 A1 - Sangho Lee, A1 - Jong Kim, PY - 2013 KW - Twitter KW - Feature extraction KW - Crawlers KW - Servers KW - IP networks KW - Browsers KW - Training KW - classification KW - Suspicious URL KW - twitter KW - URL redirection KW - conditional redirection VL - 10 JA - IEEE Transactions on Dependable and Secure Computing ER - | |||
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2013.3
Web Extra: View Supplemental Material(PDF)
Twitter is prone to malicious tweets containing URLs for spam, phishing, and malware distribution. Conventional Twitter spam detection schemes utilize account features such as the ratio of tweets containing URLs and the account creation date, or relation features in the Twitter graph. These detection schemes are ineffective against feature fabrications or consume much time and resources. Conventional suspicious URL detection schemes utilize several features including lexical features of URLs, URL redirection, HTML content, and dynamic behavior. However, evading techniques such as time-based evasion and crawler evasion exist. In this paper, we propose WarningBird, a suspicious URL detection system for Twitter. Our system investigates correlations of URL redirect chains extracted from several tweets. Because attackers have limited resources and usually reuse them, their URL redirect chains frequently share the same URLs. We develop methods to discover correlated URL redirect chains using the frequently shared URLs and to determine their suspiciousness. We collect numerous tweets from the Twitter public timeline and build a statistical classifier using them. Evaluation results show that our classifier accurately and efficiently detects suspicious URLs. We also present WarningBird as a near real-time system for classifying suspicious URLs in the Twitter stream.
Index Terms:
Twitter,Feature extraction,Crawlers,Servers,IP networks,Browsers,Training,classification,Suspicious URL,twitter,URL redirection,conditional redirection
Citation:
Sangho Lee, Jong Kim, "WarningBird: A Near Real-Time Detection System for Suspicious URLs in Twitter Stream," IEEE Transactions on Dependable and Secure Computing, vol. 10, no. 3, pp. 183-195, May-June 2013, doi:10.1109/TDSC.2013.3
Usage of this product signifies your acceptance of the Terms of Use.