Detection of fast flux network based social bot using analysis based techniques

As the technology growing Botmasters are also growing with latest technology (e.g. virus to Botnet and Root kits) using fast flux feature have begun to exploit Social Network Sites (e.g., facebook.com; Twitter.com etc) as their command and control (C&C) infrastructures e.g. Social Bot hacked four lacs facebook accounts alone in Bangalore only in November 2011 and steal 64 lacs password of LinkedIn in June 2012. This paper proposed a novel technique “Analysis Based Detection Techniques (ABDT) ”to detect fast flux service network (FFSN) based Social Bots on OSNs based on presented information on user´s profile. It use geographically-dispersed set of proxy hosts to locate the position of the mothership in an abstract and dimensional space and built similarity graph (clustering) for each URL presented to validation checking for each user. This similarity graph describe all users as nodes in a large graph, and build edges when two users are connected based on (1) group users with “similar” textual description together, where similarity is captured by a probabilistic fingerprint. (2) For single destination URL must come from the same Bot. Hence as conclusion, this paper detect FFSN based Social Bot, by combining information obtained in form of similarity graph (clustering) through Social networking users; performing cross validation (to identify normal users) for each cluster and measuring TTL value (time to live) for each user.