LOGIN TO YOUR ACCOUNT

Username
Password
Remember Me
Or use your Academic/Social account:

CREATE AN ACCOUNT

Or use your Academic/Social account:

Congratulations!

You have just completed your registration at OpenAire.

Before you can login to the site, you will need to activate your account. An e-mail will be sent to you with the proper instructions.

Important!

Please note that this site is currently undergoing Beta testing.
Any new content you create is not guaranteed to be present to the final version of the site upon release.

Thank you for your patience,
OpenAire Dev Team.

Close This Message

CREATE AN ACCOUNT

Name:
Username:
Password:
Verify Password:
E-mail:
Verify E-mail:
*All Fields Are Required.
Please Verify You Are Human:
fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
Mariconti, E.; Onaolapo, J.; Ahmad, S.; Nikiforou, N.; Egele, M.; Nikiforakis, N.; Stringhini, G. (2017)
Publisher: International World Wide Web Conference (WWW)
Languages: English
Types: Conference object
Subjects: Computer Science - Social and Information Networks, Social network; OSN; Profile name; Impersonation
Users on Twitter are commonly identified by their profile names. These names are used when directly addressing users on Twitter, are part of their profile page URLs, and can become a trademark for popular accounts, with people referring to celebrities by their real name and their profile name, interchangeably. Twitter, however, has chosen to not permanently link profile names to their corresponding user accounts. In fact, Twitter allows users to change their profile name, and afterwards makes the old profile names available for other users to take. In this paper, we provide a large-scale study of the phenomenon of profile name reuse on Twitter. We show that this phenomenon is not uncommon, investigate the dynamics of profile name reuse, and characterize the accounts that are involved in it. We find that many of these accounts adopt abandoned profile names for questionable purposes, such as spreading malicious content, and using the profile name's popularity for search engine optimization. Finally, we show that this problem is not unique to Twitter (as other popular online social networks also release profile names) and argue that the risks involved with profile-name reuse outnumber the advantages provided by this feature.
  • The results below are discovered through our pilot algorithms. Let us know how we are doing!

    • [1] P. Agten, W. Joosen, F. Piessens, and N. Nikiforakis. Seven months' worth of mistakes: A longitudinal study of typosquatting abuse. In Symposium on Network and Distributed System Security (NDSS), 2015.
    • [2] A. Banerjee, D. Barman, M. Faloutsos, and L. Bhuyan. Cyber-fraud is one typo away. In IEEE Conference on Computer Communications (INFOCOM), 2008.
    • [3] F. Benevenuto, G. Magno, T. Rodrigues, and V. Almeida. Detecting Spammers on Twitter. In Conference on Email and Anti-Spam (CEAS), 2010.
    • [4] Q. Cao, X. Yang, J. Yu, and C. Palow. Uncovering Large Groups of Active Malicious Accounts in Online Social Networks. In ACM Conference on Computer and Communications Security (CCS), 2014.
    • [5] M. Cha, H. Haddadi, F. Benvenuto, and K. Gummadi. Measuring User In uence in Twitter: The Million Follower Fallacy. In International AAAI Conference on Weblogs and Social Media (ICWSM), 2010.
    • [6] E. De Cristofaro, A. Friedman, G. Jourjon, M. A. Kaafar, and M. Z. Sha q. Paying for likes?: Understanding facebook like fraud using honeypots. In Internet Measurement Conference (IMC), 2014.
    • [7] B. Edelman. Large-scale registration of domains with typographical errors. Harvard University, 2003.
    • [8] M. Egele, G. Stringhini, C. Kruegel, and G. Vigna. COMPA: Detecting Compromised Accounts on Social Networks. In Proceedings of the Network and Distributed System Security Symposium, San Diego, CA, February 2013.
    • [9] O. Goga, G. Venkatadri, and K. P. Gummadi. The doppelganger bot attack: Exploring identity impersonation in online social networks. In Internet Measurement Conference (IMC), 2015.
    • [10] C. Grier, K. Thomas, V. Paxson, and M. Zhang. @spam: the underground on 140 characters or less. In ACM Conference on Computer and Communications Security (CCS), 2010.
    • [11] G. E. Hine, J. Onaolapo, E. De Cristofaro, N. Kourtellis, I. Leontiadis, R. Samaras, G. Stringhini, and J. Blackburn. A longitudinal measurement study of 4chan's politically incorrect forum and its e ect on the web. arXiv preprint arXiv:1610.03452, 2016.
    • [12] H.Kwak, C. Lee, H. Park, and S. Moon. What is Twitter, a social network or a news media? In World Wide Web Conference (WWW), 2010.
    • [13] P. Jain and P. Kumaraguru. @i to @me: An anatomy of username changing behavior on twitter. Arxiv Preprint, 2015.
    • [14] M. T. Khan, X. Huo, Z. Li, and C. Kanich. Every second counts: Quantifying the negative externalities of cybercrime via typosquatting. 2015.
    • [15] B. Krishnamurthy, P. Gill, , and M. Aritt. A Few Chirps About Twitter. In USENIX Workshop on Online Social Networks, 2008.
    • [16] H. Kwak, H. Chun, and S. Moon. Fragile online relationship: a rst look at unfollow dynamics in twitter. In SIGCHI Conference on Human Factors in Computing Systems (CHI), 2011.
    • [17] K. Lee, J. Caverlee, and S. Webb. Uncovering social spammers: social honeypots + machine learning. In International ACM SIGIR Conference on Research and Development in Information Retrieval, 2010.
    • [18] S. Lee and J. Kim. WarningBird: Detecting Suspicious URLs in Twitter Stream. In Symposium on Network and Distributed System Security (NDSS), 2012.
    • [19] R. A. Malaga. Worst practices in search engine optimization. Communications of the ACM, 2008.
    • [20] E. Mariconti, J. Onaolapo, S. S. Ahmad, N. Nikiforou, M. Egele, N. Nikiforakis, and G. Stringhini. Why Allowing Pro le Name Reuse Is A Bad Idea. In European Workshop on System Security (EUROSEC), 2016.
    • [21] T. Moore and B. Edelman. Measuring the perpetrators and funders of typosquatting. In Financial Cryptography and Data Security, 2010.
    • [22] C. M. Rivers and B. L. Lewis. Ethical research standards in a world of big data. F1000Research, 2014.
    • [23] G. Stringhini, M. Egele, C. Kruegel, and G. Vigna. Poultry Markets: On the Underground Economy of Twitter Followers. In SIGCOMM Workshop on Online Social Networks, 2012.
    • [24] G. Stringhini, C. Kruegel, and G. Vigna. Detecting Spammers on Social Networks. In Annual Computer Security Applications Conference (ACSAC), 2010.
    • [25] G. Stringhini, P. Mourlanne, G. Jacob, M. Egele, C. Kruegel, and G. Vigna. EvilCohort: Detecting Communities of Malicious Accounts on Online Services. In USENIX Security Symposium, 2015.
    • [26] G. Stringhini, G. Wang, M. Egele, C. Kruegel, G. Vigna, H. Zheng, and B. Y. Zhao. Follow the Green: Growth and Dynamics in Twitter Follower Markets. In ACM SIGCOMM Conference on Internet Measurement, 2013.
    • [27] J. Szurdi, B. Kocso, G. Cseh, J. Spring, M. Felegyhazi, and C. Kanich. The long \taile" of typosquatting domain names. In USENIX Security Symposium, 2014.
    • [28] K. Thomas, C. Grier, J. Ma, V. Paxson, and D. Song. Design and Evaluation of a Real-Time URL Spam Filtering Service. In IEEE Symposium on Security and Privacy, 2011.
    • [29] K. Thomas, D. McCoy, C. Grier, A. Kolcz, and V. Paxson. Tra cking fraudulent accounts: The role of the underground market in twitter spam and abuse. In USENIX Security Symposium, 2013.
    • [30] Y. Wang, D. Beck, J. Wang, C. V., and B. Daniels. Strider typo-patrol: discovery and analysis of systematic typo-squatting. In USENIX Workshop on Steps to Reducing Unwanted Tra c on the Internet (SRUTI), 2006.
    • [31] Y. Zhao, Y. Xie, F. Yu, Q. Ke, Y. Yu, Y. Chen, and E. Gillum. Botgraph: Large scale spamming botnet detection. In USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2009.
  • No related research data.
  • No similar publications.

Share - Bookmark

Funded by projects

Cite this article