TY - GEN
T1 - Stateless puzzles for real time online fraud preemption
AU - Rahman, Mizanur
AU - Carbunar, Bogdan
AU - Recabarren, Ruben
AU - Lee, Dongwon
N1 - Publisher Copyright:
© 2017 ACM.
PY - 2017/6/25
Y1 - 2017/6/25
N2 - The profitability of fraud in online systems such as app markets and social networks marks the failure of existing defense mechanisms. In this paper, we propose FraudSys, a real-time fraud preemption approach that imposes Bitcoin-inspired computational puzzles on the devices that post online system activities, such as reviews and likes. We introduce and leverage several novel concepts that include (i) stateless, verifiable computational puzzles, that impose minimal performance overhead, but enable the efficient verification of their authenticity, (ii) a real-time, graph based solution to assign fraud scores to user activities, and (iii) mechanisms to dynamically adjust puzzle difficulty levels based on fraud scores and the computational capabilities of devices. FraudSys does not alter the experience of users in online systems, but delays fraudulent actions and consumes significant computational resources of the fraudsters. Using real datasets from Google Play and Facebook, we demonstrate the feasibility of FraudSys by showing that the devices of honest users are minimally impacted, while fraudster controlled devices receive daily computational penalties of up to 3,079 hours. In addition, we show that with FraudSys, fraud does not pay off, as a user equipped with mining hardware (e.g., AntMiner S7) will earn less than half through fraud than from honest Bitcoin mining.
AB - The profitability of fraud in online systems such as app markets and social networks marks the failure of existing defense mechanisms. In this paper, we propose FraudSys, a real-time fraud preemption approach that imposes Bitcoin-inspired computational puzzles on the devices that post online system activities, such as reviews and likes. We introduce and leverage several novel concepts that include (i) stateless, verifiable computational puzzles, that impose minimal performance overhead, but enable the efficient verification of their authenticity, (ii) a real-time, graph based solution to assign fraud scores to user activities, and (iii) mechanisms to dynamically adjust puzzle difficulty levels based on fraud scores and the computational capabilities of devices. FraudSys does not alter the experience of users in online systems, but delays fraudulent actions and consumes significant computational resources of the fraudsters. Using real datasets from Google Play and Facebook, we demonstrate the feasibility of FraudSys by showing that the devices of honest users are minimally impacted, while fraudster controlled devices receive daily computational penalties of up to 3,079 hours. In addition, we show that with FraudSys, fraud does not pay off, as a user equipped with mining hardware (e.g., AntMiner S7) will earn less than half through fraud than from honest Bitcoin mining.
UR - http://www.scopus.com/inward/record.url?scp=85026761962&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85026761962&partnerID=8YFLogxK
U2 - 10.1145/3091478.3091507
DO - 10.1145/3091478.3091507
M3 - Conference contribution
AN - SCOPUS:85026761962
T3 - WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference
SP - 23
EP - 32
BT - WebSci 2017 - Proceedings of the 2017 ACM Web Science Conference
PB - Association for Computing Machinery, Inc
T2 - 9th ACM Web Science Conference, WebSci 2017
Y2 - 25 June 2017 through 28 June 2017
ER -