Detection Method for Randomly Generated User IDs: Lift the Curse of Dimensionality

Internet services are essential to our daily life in these days, and user accounts are usually required for downloading or browsing for multimedia contents from service providers such as Yahoo, Google, YouTube and so on. Attackers who perform malicious actions against these services use fake user ac...

Full description

Saved in:
Bibliographic Details
Published inIEEE access Vol. 10; pp. 86020 - 86028
Main Authors Ro, Inwoo, Kang, Boojoong, Seo, Choonghyun, Im, Eul Gyu
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 2022
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Accuracy
Algorithms
Authentication
Behavioral sciences
Computational modeling
Computer crime
Deep learning
Feature extraction
Frequency-domain analysis
Identity management systems
Multimedia
Pattern matching
Social networking (online)
Strings
Unsolicited e-mail
Web sites
Online AccessGet full text

Cover

More Information
Summary:Internet services are essential to our daily life in these days, and user accounts are usually required for downloading or browsing for multimedia contents from service providers such as Yahoo, Google, YouTube and so on. Attackers who perform malicious actions against these services use fake user accounts to hide their identity, or use them to continue malicious actions even after being caught by the service's detection system. Using a random string generation algorithm for user identification (ID) string is one of the common method to create and obtain a large number of fake user accounts. To detect IDs and to defend against such attacks, some researchers have proposed the models that detect randomly generated IDs. Among these detection models, the <inline-formula> <tex-math notation="LaTeX">{n} </tex-math></inline-formula>-gram-based using term frequency-inverse document frequency model is regarded as a state-of-the-art model to detect randomly generated IDs, but <inline-formula> <tex-math notation="LaTeX">{n} </tex-math></inline-formula>-gram-based approaches have the problem of the curse of dimensionality because the sparsity of feature vector increases exponentially with the increase of size <inline-formula> <tex-math notation="LaTeX">{n} </tex-math></inline-formula>. As a result, the improvement of the detection accuracy is limited since size <inline-formula> <tex-math notation="LaTeX">{n} </tex-math></inline-formula> cannot be increased. This paper proposes two methods to detect randomly generated IDs more accurately. The first is to avoid the curse of dimensionality with the compression of feature dimension size. The second is a technique to reduce false positives by using pattern matching and Bhattacharyya distance. We tested our method with about 3 million normal user IDs collected from the real portal service, 1 million IDs generated by a random string generation algorithm, and 8,541 IDs found after being used for malicious behavior in real portal services. The experimental results showed that the proposed method can improve detection accuracy as well as inference performance.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2022.3198687