Stateless puzzles for real time online fraud preemption

Mizanur Rahman, Bogdan Carbunar, Ruben Recabarren, Dongwon Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

The profitability of fraud in online systems such as app markets and social networks marks the failure of existing defense mechanisms. In this paper, we propose FraudSys, a real-time fraud preemption approach that imposes Bitcoin-inspired computational puzzles on the devices that post online system activities, such as reviews and likes. We introduce and leverage several novel concepts that include (i) stateless, verifiable computational puzzles, that impose minimal performance overhead, but enable the efficient verification of their authenticity, (ii) a real-time, graph based solution to assign fraud scores to user activities, and (iii) mechanisms to dynamically adjust puzzle difficulty levels based on fraud scores and the computational capabilities of devices. FraudSys does not alter the experience of users in online systems, but delays fraudulent actions and consumes significant computational resources of the fraudsters. Using real datasets from Google Play and Facebook, we demonstrate the feasibility of FraudSys by showing that the devices of honest users are minimally impacted, while fraudster controlled devices receive daily computational penalties of up to 3,079 hours. In addition, we show that with FraudSys, fraud does not pay off, as a user equipped with mining hardware (e.g., AntMiner S7) will earn less than half through fraud than from honest Bitcoin mining.

Original languageEnglish (US)
Title of host publicationWebSci 2017 - Proceedings of the 2017 ACM Web Science Conference
PublisherAssociation for Computing Machinery, Inc
Pages23-32
Number of pages10
ISBN (Electronic)9781450348966
DOIs
StatePublished - Jun 25 2017
Event9th ACM Web Science Conference, WebSci 2017 - Troy, United States
Duration: Jun 25 2017Jun 28 2017

Publication series

NameWebSci 2017 - Proceedings of the 2017 ACM Web Science Conference

Other

Other9th ACM Web Science Conference, WebSci 2017
CountryUnited States
CityTroy
Period6/25/176/28/17

Fingerprint

Online systems
Application programs
Profitability
Hardware

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications

Cite this

Rahman, M., Carbunar, B., Recabarren, R., & Lee, D. (2017). Stateless puzzles for real time online fraud preemption. In WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference (pp. 23-32). (WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference). Association for Computing Machinery, Inc. https://doi.org/10.1145/3091478.3091507
Rahman, Mizanur ; Carbunar, Bogdan ; Recabarren, Ruben ; Lee, Dongwon. / Stateless puzzles for real time online fraud preemption. WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference. Association for Computing Machinery, Inc, 2017. pp. 23-32 (WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference).
@inproceedings{505cc42982604f9a8ec537959b16abe7,
title = "Stateless puzzles for real time online fraud preemption",
abstract = "The profitability of fraud in online systems such as app markets and social networks marks the failure of existing defense mechanisms. In this paper, we propose FraudSys, a real-time fraud preemption approach that imposes Bitcoin-inspired computational puzzles on the devices that post online system activities, such as reviews and likes. We introduce and leverage several novel concepts that include (i) stateless, verifiable computational puzzles, that impose minimal performance overhead, but enable the efficient verification of their authenticity, (ii) a real-time, graph based solution to assign fraud scores to user activities, and (iii) mechanisms to dynamically adjust puzzle difficulty levels based on fraud scores and the computational capabilities of devices. FraudSys does not alter the experience of users in online systems, but delays fraudulent actions and consumes significant computational resources of the fraudsters. Using real datasets from Google Play and Facebook, we demonstrate the feasibility of FraudSys by showing that the devices of honest users are minimally impacted, while fraudster controlled devices receive daily computational penalties of up to 3,079 hours. In addition, we show that with FraudSys, fraud does not pay off, as a user equipped with mining hardware (e.g., AntMiner S7) will earn less than half through fraud than from honest Bitcoin mining.",
author = "Mizanur Rahman and Bogdan Carbunar and Ruben Recabarren and Dongwon Lee",
year = "2017",
month = "6",
day = "25",
doi = "10.1145/3091478.3091507",
language = "English (US)",
series = "WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference",
publisher = "Association for Computing Machinery, Inc",
pages = "23--32",
booktitle = "WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference",

}

Rahman, M, Carbunar, B, Recabarren, R & Lee, D 2017, Stateless puzzles for real time online fraud preemption. in WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference. WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference, Association for Computing Machinery, Inc, pp. 23-32, 9th ACM Web Science Conference, WebSci 2017, Troy, United States, 6/25/17. https://doi.org/10.1145/3091478.3091507

Stateless puzzles for real time online fraud preemption. / Rahman, Mizanur; Carbunar, Bogdan; Recabarren, Ruben; Lee, Dongwon.

WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference. Association for Computing Machinery, Inc, 2017. p. 23-32 (WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Stateless puzzles for real time online fraud preemption

AU - Rahman, Mizanur

AU - Carbunar, Bogdan

AU - Recabarren, Ruben

AU - Lee, Dongwon

PY - 2017/6/25

Y1 - 2017/6/25

N2 - The profitability of fraud in online systems such as app markets and social networks marks the failure of existing defense mechanisms. In this paper, we propose FraudSys, a real-time fraud preemption approach that imposes Bitcoin-inspired computational puzzles on the devices that post online system activities, such as reviews and likes. We introduce and leverage several novel concepts that include (i) stateless, verifiable computational puzzles, that impose minimal performance overhead, but enable the efficient verification of their authenticity, (ii) a real-time, graph based solution to assign fraud scores to user activities, and (iii) mechanisms to dynamically adjust puzzle difficulty levels based on fraud scores and the computational capabilities of devices. FraudSys does not alter the experience of users in online systems, but delays fraudulent actions and consumes significant computational resources of the fraudsters. Using real datasets from Google Play and Facebook, we demonstrate the feasibility of FraudSys by showing that the devices of honest users are minimally impacted, while fraudster controlled devices receive daily computational penalties of up to 3,079 hours. In addition, we show that with FraudSys, fraud does not pay off, as a user equipped with mining hardware (e.g., AntMiner S7) will earn less than half through fraud than from honest Bitcoin mining.

AB - The profitability of fraud in online systems such as app markets and social networks marks the failure of existing defense mechanisms. In this paper, we propose FraudSys, a real-time fraud preemption approach that imposes Bitcoin-inspired computational puzzles on the devices that post online system activities, such as reviews and likes. We introduce and leverage several novel concepts that include (i) stateless, verifiable computational puzzles, that impose minimal performance overhead, but enable the efficient verification of their authenticity, (ii) a real-time, graph based solution to assign fraud scores to user activities, and (iii) mechanisms to dynamically adjust puzzle difficulty levels based on fraud scores and the computational capabilities of devices. FraudSys does not alter the experience of users in online systems, but delays fraudulent actions and consumes significant computational resources of the fraudsters. Using real datasets from Google Play and Facebook, we demonstrate the feasibility of FraudSys by showing that the devices of honest users are minimally impacted, while fraudster controlled devices receive daily computational penalties of up to 3,079 hours. In addition, we show that with FraudSys, fraud does not pay off, as a user equipped with mining hardware (e.g., AntMiner S7) will earn less than half through fraud than from honest Bitcoin mining.

UR - http://www.scopus.com/inward/record.url?scp=85026761962&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85026761962&partnerID=8YFLogxK

U2 - 10.1145/3091478.3091507

DO - 10.1145/3091478.3091507

M3 - Conference contribution

AN - SCOPUS:85026761962

T3 - WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference

SP - 23

EP - 32

BT - WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference

PB - Association for Computing Machinery, Inc

ER -

Rahman M, Carbunar B, Recabarren R, Lee D. Stateless puzzles for real time online fraud preemption. In WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference. Association for Computing Machinery, Inc. 2017. p. 23-32. (WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference). https://doi.org/10.1145/3091478.3091507