TMCnet News
Duo Security Analyzes 88 Million Twitter Accounts to Reveal Inner Workings of BotnetsLAS VEGAS, Aug. 06, 2018 (GLOBE NEWSWIRE) -- Black Hat USA - Duo Security, the leading provider of unified access security and multi-factor authentication, today published technical research and methodology detailing how to identify automated Twitter accounts, known as bots, at a mass scale. Using machine learning algorithms to identify bot accounts across their dataset, Duo Labs researchers also unraveled a sophisticated cryptocurrency scam botnet consisting of at least 15,000 bots, and identified tactics used by malicious bots to appear legitimate and avoid detection, among other findings.
From May to July 2018, researchers collected and analyzed 88 million public Twitter accounts comprising more than half-a-billion tweets -- one of the largest random datasets of Twitter accounts studied to date. Duo’s dataset is built from information collected through the publicly available Twitter API, and includes profile screen name, tweet count, followers/following counts, avatar and bio. The content of tweets and social network connections for accounts were also gathered as platform API limits allowed. Highlights of the research include:
Duo researchers actively observed Twitter suspending cryptocurrency scam bots, as well as quickly identifying verified accounts that had been hijacked, returning them to their rightful owners. Despite ongoing efforts, portions of the studied cryptocurrency botnet remain active. “Users are likely to trust a tweet more or less depending on how many times it's been retweeted or liked. Those behind this particular botnet know this, and have designed it to exploit this very tendency,” said Anise. “The bots’ attempts to thwart detection demonstrate the importance of analyzing an account holistically, including the metadata around the content. For example, bot accounts will typically tweet in short bursts, causing the average time between tweets to be very low. Documenting these patterns of behavior can also be used to identify other malicious and spam botnets.” In response to the research, which was shared with Twitter prior to publishing, a Twitter spokesperson said: “Malicious bot detection and prevention is a cat-and-mouse game,” said Wright. “We anticipate that enlisting the help of the research community will enable discovery of new and improving techniques for tracking bots. However, this is a more complex problem than many realize, and as our paper shows, there is still work to be done.” For the full methodology and findings, please visit https://duo.sc/twitter-bots Duo’s open-source data collection code will be published on Wednesday, August 8, available on the Duo blog: https://duo.com/blog/dont-me-hunting-twitter-bots-at-scale About Duo Security Media Contacts A photo accompanying this announcement is available at //www.globenewswire.com/NewsRoom/AttachmentNg/bda960c5-6d57-4493-9024-bcb355362da7 |