| Title | An Early Warning System for Suspicious Accounts |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Halawa, Hassan, Ripeanu, Matei, Beznosov, Konstantin, Coskun, Baris, Liu, Meizhu |
| Conference Name | Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-5202-4 |
| Keywords | composability, compositionality, Computational Intelligence, cryptography, early warning system, online account security, pubcrawl, supervised learning |
| Abstract | In the face of large-scale automated cyber-attacks to large online services, fast detection and remediation of compromised accounts are crucial to limit the spread of new attacks and to mitigate the overall damage to users, companies, and the public at large. We advocate a fully automated approach based on machine learning to enable large-scale online service providers to quickly identify potentially compromised accounts. We develop an early warning system for the detection of suspicious account activity with the goal of quick identification and remediation of compromised accounts. We demonstrate the feasibility and applicability of our proposed system in a four month experiment at a large-scale online service provider using real-world production data encompassing hundreds of millions of users. We show that - even using only login data, features with low computational cost, and a basic model selection approach - around one out of five accounts later flagged as suspicious are correctly predicted a month in advance based on one week's worth of their login activity. |
| URL | http://doi.acm.org/10.1145/3128572.3140455 |
| DOI | 10.1145/3128572.3140455 |
| Citation Key | halawa_early_2017 |
An Early Warning System for Suspicious Accounts