%0 Journal Article
%@ 1545-5971
%A Egele, M
%A Stringhini, G
%A Kruegel, C
%A Vigna, G
%D 2017
%F discovery:1470859
%J IEEE Transactions on Dependable and Secure Computing (TDSC)
%K Twitter, feature extraction, facebook, training, reliability, uniform resource locators
%N 4
%P 447-460
%T Towards Detecting Compromised Accounts on Social Networks
%U https://discovery.ucl.ac.uk/id/eprint/1470859/
%V 14
%X Compromising social network accounts has become a profitable course of action for cybercriminals. By hijacking control of a popular media or business account, attackers can distribute their malicious messages or disseminate fake information to a large user base. The impacts of these incidents range from a tarnished reputation to multi-billion dollar monetary losses on financial markets. In our previous work, we demonstrated how we can detect large-scale compromises (i.e., so-called campaigns) of regular online social network users. In this work, we show how we can use similar techniques to identify compromises of individual high-profile accounts. High-profile accounts frequently have one characteristic that makes this detection reliable -- they show consistent behavior over time. We show that our system, were it deployed, would have been able to detect and prevent three real-world attacks against popular companies and news agencies. Furthermore, our system, in contrast to popular media, would not have fallen for a staged compromise instigated by a US restaurant chain for publicity reasons.
%Z This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions.  © 2015 IEEE.