Papers
Topics
Authors
Recent
Search
2000 character limit reached

Detecting and Understanding the Promotion of Illicit Goods and Services on Twitter

Published 11 Apr 2024 in cs.CR and cs.SI | (2404.07797v3)

Abstract: In this study, we reveal, for the first time, popular online social networks (especially Twitter) are being extensively abused by miscreants to promote illicit goods and services of diverse categories. This study is made possible by multiple machine learning tools that are designed to detect and analyze Posts of Illicit Promotion (PIPs) as well as revealing their underlying promotion campaigns. Particularly, we observe that PIPs are prevalent on Twitter, along with extensive visibility on other three popular OSNs including YouTube, Facebook, and TikTok. For instance, applying our PIP hunter to the Twitter platform for 6 months has led to the discovery of 12 million distinct PIPs which are widely distributed in 5 major natural languages and 10 illicit categories, e.g., drugs, data leakage, gambling, and weapon sales. Along the discovery of PIPs are 580K Twitter accounts publishing PIPs as well as 37K distinct instant messaging accounts that are embedded in PIPs and serve as next hops of communication with prospective customers. Also, an arms race between Twitter and illicit promotion operators is also observed. Especially, 90% PIPs can survice the first two months since getting published on Twitter, which is likely due to the diverse evasion tactics adopted by miscreants to masquerade PIPs.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (60)
  1. 2023. AWS Wickr. https://wickr.com/.
  2. 2023. BatChat. https://www.batchat.com.
  3. 2023. bert-base-multilingual-cased. https://huggingface.co/bert-base-multilingual-cased.
  4. 2023. Community Guidelines of TikTok. https://www.tiktok.com/community-guidelines/en/.
  5. 2023a. The dos and don’ts of hashtags. https://business.twitter.com/en/blog/the-dos-and-donts-of-hashtags.html.
  6. 2023. Potato Chat. https://potato.im/.
  7. 2023. pyemoji. https://pypi.org/project/pyemoji/.
  8. 2023. Twitter Child sexual exploitation policy. https://help.twitter.com/en/rules-and-policies/sexual-exploitation-policy.
  9. 2023b. The Twitter Rules. https://help.twitter.com/en/rules-and-policies/twitter-rules.
  10. 2023c. Twitter Rules and Policies. https://help.twitter.com/en/rules-and-policies#safety-and-cybercrime.
  11. 2023. VirusTotal. https://www.virustotal.com/.
  12. 2023. xlm-roberta-base. https://huggingface.co/xlm-roberta-base.
  13. 2023. YouTube’s Community Guidelines. https://support.google.com/youtube/answer/9288567.
  14. Judith Aldridge and Rebecca Askew. 2017. Delivery dilemmas: How drug cryptomarket users identify and seek to reduce their risk of detection by law enforcement. International Journal of Drug Policy 41 (2017), 101–109.
  15. Detecting spammers on twitter. In Collaboration, electronic messaging, anti-abuse and spam conference (CEAS), Vol. 6. 12.
  16. Measuring pay-per-install: the commoditization of malware distribution.. In Usenix security symposium, Vol. 13. 1–13.
  17. Aiding the Detection of Fake Accounts in Large Scale Social Online Services. In 9th USENIX Symposium on Networked Systems Design and Implementation (NSDI 12). USENIX Association, San Jose, CA, 197–210. https://www.usenix.org/conference/nsdi12/technical-sessions/presentation/cao
  18. Nicolas Christin. 2013. Traveling the Silk Road: A measurement analysis of a large anonymous online marketplace. In Proceedings of the 22nd international conference on World Wide Web. 213–224.
  19. Bert: Pre-training of deep bidirectional transformers for language understanding. arXiv preprint arXiv:1810.04805 (2018).
  20. The Ever-Changing Labyrinth: A Large-Scale Analysis of Wildcard DNS Powered Blackhat SEO. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 245–262. https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/du
  21. Identifying, collecting, and presenting hacker community data: Forums, IRC, carding shops, and DNMs. In 2018 IEEE international conference on intelligence and security informatics (ISI). IEEE, 70–75.
  22. Towards online spam filtering in social networks.. In NDSS, Vol. 12. 1–16.
  23. Demystifying illegal mobile gambling apps. In Proceedings of the Web Conference 2021. 1447–1458.
  24. Watch Your Back: Identifying Cybercrime Financial Relationships in Bitcoin through Back-and-Forth Exploration. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (Los Angeles, CA, USA) (CCS ’22). Association for Computing Machinery, New York, NY, USA, 1291–1305. https://doi.org/10.1145/3548606.3560587
  25. Santiago González-Carvajal and Eduardo C Garrido-Merchán. 2020. Comparing BERT against traditional machine learning text classification. arXiv preprint arXiv:2005.13012 (2020).
  26. @ spam: the underground on 140 characters or less. In Proceedings of the 17th ACM conference on Computer and communications security. 27–37.
  27. Deep residual learning for image recognition. In Proceedings of the IEEE conference on computer vision and pattern recognition. 770–778.
  28. Analyzing Ground-Truth Data of Mobile Gambling Scams. 2022 IEEE Symposium on Security and Privacy (SP) (2022), 2176–2193. https://api.semanticscholar.org/CorpusID:251143836
  29. deSEO: Combating Search-Result Poisoning.. In USENIX security symposium. 1–15.
  30. Show Me the Money: Characterizing Spam-advertised Revenue.. In USENIX Security Symposium, Vol. 35.
  31. MV Koroteev. 2021. BERT: a review of applications in natural language processing and understanding. arXiv preprint arXiv:2103.11943 (2021).
  32. Measuring PUP Prevalence and PUP Distribution through Pay-Per-Install Services.. In USENIX Security Symposium. 739–756.
  33. How did that get in my phone? unwanted app distribution on android devices. In 2021 IEEE Symposium on Security and Privacy (SP). IEEE, 53–69.
  34. langmodel 2023. The language model. https://en.wikipedia.org/wiki/Language_model.
  35. Measuring and Analyzing Search-Redirection Attacks in the Illicit Online Prescription Drug Trade.. In USENIX Security Symposium, Vol. 11.
  36. A nearly four-year longitudinal study of search-engine poisoning. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. 930–941.
  37. Demystifying the dark web opioid trade: content analysis on anonymous market listings and forum posts. Journal of Medical Internet Research 23, 2 (2021), e24486.
  38. Seeking nonsense, looking for trouble: Efficient promotional-infection detection through semantic inconsistency search. In 2016 IEEE Symposium on Security and Privacy (SP). IEEE, 707–723.
  39. Seeking Nonsense, Looking for Trouble: Efficient Promotional-Infection Detection through Semantic Inconsistency Search. In 2016 IEEE Symposium on Security and Privacy (SP). 707–723. https://doi.org/10.1109/SP.2016.48
  40. Yi-Chieh Jessica Lin. [n. d.]. Fake Stuff: China and the Rise of Counterfeit Goods. Routledge.
  41. Pharmaleaks: Understanding the business of online pharmaceutical affiliate programs. In Proceedings of the 21st USENIX conference on Security symposium. 1–1.
  42. Efficient estimation of word representations in vector space. arXiv preprint arXiv:1301.3781 (2013).
  43. Twitter spammer detection using data stream clustering. Information Sciences 260 (2014), 64–73.
  44. Kyle Soska and Nicolas Christin. 2015. Measuring the longitudinal evolution of the online anonymous marketplace ecosystem. In 24th {normal-{\{{USENIX}normal-}\}} security symposium ({normal-{\{{USENIX}normal-}\}} security 15). 33–48.
  45. Investigating Commercial Pay-Per-Install and the Distribution of Unwanted Software.. In USENIX Security Symposium. 721–739.
  46. Design and evaluation of a real-time url spam filtering service. In 2011 IEEE symposium on security and privacy. IEEE, 447–462.
  47. Suspended accounts in retrospect: an analysis of twitter spam. In Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference. 243–258.
  48. Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse.. In USENIX Security Symposium. 195–210.
  49. Jarrod West and Maumita Bhattacharya. [n. d.]. Intelligent financial fraud detection: A comprehensive review. 57 ([n. d.]), 47–66. https://doi.org/10.1016/j.cose.2015.09.005
  50. Efficient spam detection across online social networks. In 2016 IEEE International Conference on Big Data Analysis (ICBDA). IEEE, 1–6.
  51. Empirical evaluation and new design for fighting evolving twitter spammers. IEEE Transactions on Information Forensics and Security 8, 8 (2013), 1280–1293.
  52. Casino royale: a deep exploration of illegal online gambling. In Proceedings of the 35th Annual Computer Security Applications Conference. 500–513.
  53. How to learn klingon without a dictionary: Detection and measurement of black keywords used by the underground economy. In 2017 IEEE Symposium on Security and Privacy (SP). IEEE, 751–769.
  54. How to Learn Klingon without a Dictionary: Detection and Measurement of Black Keywords Used by the Underground Economy. In 2017 IEEE Symposium on Security and Privacy (SP). 751–769. https://doi.org/10.1109/SP.2017.11
  55. Scalable Detection of Promotional Website Defacements in Black Hat SEO Campaigns. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 3703–3720. https://www.usenix.org/conference/usenixsecurity21/presentation/yang-ronghai
  56. Reading Thieves’ Cant: Automatically Identifying and Understanding Dark Jargons from Cybercrime Marketplaces.. In USENIX Security Symposium. 1027–1041.
  57. Chinese underground market jargon analysis based on unsupervised learning. In 2016 IEEE Conference on Intelligence and Security Informatics (ISI). IEEE, 97–102.
  58. One-class adversarial nets for fraud detection. In Proceedings of the AAAI Conference on Artificial Intelligence, Vol. 33. 1286–1293.
  59. Analyzing and Detecting Money-Laundering Accounts in Online Social Networks. IEEE Network 32, 3 (2018), 115–121. https://doi.org/10.1109/MNET.2017.1700213
  60. Self-supervised euphemism detection and identification for content moderation. In 2021 IEEE Symposium on Security and Privacy (SP). IEEE, 229–246.

Summary

No one has generated a summary of this paper yet.

Sign Up to Summarize

Paper to Video (Beta)

No one has generated a video about this paper yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Generate Now

Collections

Sign up for free to add this paper to one or more collections.

Sign Up

Tweets

Sign up for free to view the 1 tweet with 0 likes about this paper.

Sign Up for Free