only hope that future designers
of socialbots with different goals
will adhere to Asimov’s Three
Laws of Robotics [ 7] to reduce
the risk of harm to the human
systems in which they operate.
@tinypirate is a government drone in New
Zealand who spends his spare time concocting
schemes and convincing smarter friends to act on
them. @AeroFade is a computer security
researcher from New Zealand with an Hons. in
computer science, interested in studying how
online culture shapes the offline world.
The Socialbot Network:
Are Social Botnets
Possible?
Yazan Boshmaf, Ildar Muslukhov,
Konstantin Beznosov, and
Matei Ripeanu
March + April 2012
interactions
Online social networking services (SNSs) have far exceeded
their original goal of connecting
friends, family, and acquaintances. Today third parties use
SNSs as an effective medium to
reach out to millions of active
users via social media campaigns.
The effectiveness of such campaigns and the long-term survival
of SNSs rely on the trust among
these users, which is materialized
through publicly exposed social
connections (e.g., friendships on
Facebook, follower/followee relationships on Twitter).
A new attack vector on such
networks thus becomes possible:
A malicious entity that not only
controls a large number of SNS
profiles but also establishes an
arbitrarily large number of connections with human users can
threaten the long-term health of
the SNS ecosystem.
To counter this threat, today’s
SNS security defenses block
hijacked SNS accounts that are
usually controlled by spam bots.
Such defenses flag accounts as
malicious based on their behavioral patterns. However, the robustness of these defenses against
socialbots—automated profiles
designed to mimic human behavior—is relatively unexplored.
To fill this gap, we adapted the
design of existing botnets and
built a socialbot network (SbN), a
group of programmable socialbots
that are controlled by an attacker
using a software controller called
the botmaster [ 8]. We deployed our
SbN prototype, consisting of 102
socialbots and a single botmaster,
on Facebook for eight weeks during the spring of 2011. We selected
Facebook as the target SNS for
two reasons: It is the largest SNS
today, and it represents a friendship network where users connect
mostly with friends and family
but not with strangers. Overall,
the socialbots sent 8,570 connection requests, out of which 3,055
were accepted.
Our experiments yielded mul-
tiple findings. First, we demon-
strated that SNSs are vulnerable
to large-scale infiltration. Not
only is it feasible to automate the
operation of an SbN with minimal
resources, but users’ behavior
in SNSs can also be exploited to
increase the likelihood of a suc-
cessful infiltration. For example,
we observed that the more friends
a user has, the less selective she
will be when screening out friend-
ship requests sent by a socialbot.
Moreover, users are even less
selective when they have mutual
friends with socialbots, when the
chance of accepting a friendship
request from a bot reaches up to
80 percent. Second, and equally
important, bots that mimic real
users (e.g., by posting intriguing
status updates crawled from the
Web) make it difficult for other
users and SNS security defenses to
identify them as bots.