Username Squatting on Online Social Networks: A Study on X
CoRR(2024)
摘要
Adversaries have been targeting unique identifiers to launch typo-squatting,
mobile app squatting and even voice squatting attacks. Anecdotal evidence
suggest that online social networks (OSNs) are also plagued with accounts that
use similar usernames. This can be confusing to users but can also be exploited
by adversaries. However, to date no study characterizes this problem on OSNs.
In this work, we define the username squatting problem and design the first
multi-faceted measurement study to characterize it on X. We develop a username
generation tool (UsernameCrazy) to help us analyze hundreds of thousands of
username variants derived from celebrity accounts. Our study reveals that
thousands of squatted usernames have been suspended by X, while tens of
thousands that still exist on the network are likely bots. Out of these, a
large number share similar profile pictures and profile names to the original
account signalling impersonation attempts. We found that squatted accounts are
being mentioned by mistake in tweets hundreds of thousands of times and are
even being prioritized in searches by the network's search recommendation
algorithm exacerbating the negative impact squatted accounts can have in OSNs.
We use our insights and take the first step to address this issue by designing
a framework (SQUAD) that combines UsernameCrazy with a new classifier to
efficiently detect suspicious squatted accounts. Our evaluation of SQUAD's
prototype implementation shows that it can achieve 94
a small dataset.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要