Malicious Behaviour Analysis on Twitter Through the Lens of User Interest

  • Bandar Alghamdi
  • Yue Xu
  • Jason Watson
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 845)


Evolving behaviours by spammers on online social networks continue to be a big challenge; this phenomenon has consistently received attention from researchers in terms of how they can be combated. On micro-blogging communities, such as Twitter, spammers intentionally change their behavioural patterns and message contents to avoid detection. Understanding the behavior of spammers is important for developing effective approaches to differentiate spammers from legitimate users. Due to the dynamic and inconsistent behaviour of spammers, the problem should be considered from two different levels to properly understand this type of behaviour and differentiate it from that of legitimate users. The first level pertains to the content, and the second, to the users’ demographics. In this paper, we first examine Twitter content relating to a particular topic, extracted from one hashtag, for a dataset comprising both spammers and legitimate users in order to characterise user behaviour with respect to that topic. We then investigate the users’ demographic data with a focus on the users’ profile description and how it relates to their tweets. The result of this experiment confirms that, in addition to the content level, users’ demographic data can present an alternative approach to identify the different behaviours of both spammers and legitimate users; moreover, it can be used to detect spammers.


Spam Spammers Behaviour Detection Text mining Social networks 


  1. Aggarwal, A., Rajadesingan, A., Kumaraguru, P.: PhishAri: automatic realtime phishing detection on Twitter. In: IEEE eCrime Researchers Summit, Las Croabas, Puerto Rico, p. 1 (2012).
  2. Agrawal, R., Imieliński, T., Swami, A.: Mining association rules between sets of items in large databases. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, Washington, D.C., USA, pp. 207–216 (1993)Google Scholar
  3. Alghamdi, B., Watson, J., Xu, Y.: Toward detecting malicious links in online social networks through user behavior. In: IEEE WIC/ACM International Conference on Web Intelligence Workshops, Omaha, USA, pp. 5–8 (2016).
  4. Benevenuto, F., Magno G., Rodrigues, T., Almeida, V.: Detecting spammers on Twitter. In: Collaboration, Electronic Messaging, Anti-abuse and Spam Conference (CEAS), vol. 6, p. 12 (2010)Google Scholar
  5. Bhattarai, A., Rus, V., Dasgupta, D.: Characterizing comment spam in the blogosphere through content analysis. In: IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009, pp. 37–44 (2009)Google Scholar
  6. Cao, C., Caverlee, J.: Behavioral detection of spam URL sharing: posting patterns versus click patterns. In: International Conference on Advances in Social Networks Analysis and Mining (ASONAM), pp. 138–141. IEEE/ACM, Beijing (2014)Google Scholar
  7. Dang, Q., Zhou, Y., Gao, F., Sun, Q.: Detecting cooperative and organized spammer groups in micro-blogging community. Data Min. Knowl. Discov. 31, 573–605 (2016)MathSciNetCrossRefGoogle Scholar
  8. Dewan, P., Ponnurangam, K.: Towards automatic real time identification of malicious posts on Facebook. In: 13th Annual Conference on Privacy, Security and Trust (PST), Izmir, pp. 85–92 (2015)Google Scholar
  9. Eshraqi, N., Jalali, M., Moatar, H.M.: Detecting spam tweets in Twitter using a data stream clustering algorithm. In: International Congress on Technology, Communication and Knowledge (ICTCK), pp. 347–351 (2015)Google Scholar
  10. Feroz, M.N., Mengel, S.: Examination of data, rule generation and detection of phishing URLs using online logistic regression. In: International Conference on Big Data, pp. 241–250. IEEE, Washington, D.C. (2014)Google Scholar
  11. Gao, H., Hu, J., Wilson, C., Li, Z., Chen, Y., Zhao, B.Y.: Detecting and characterizing social spam campaigns. In: 10th ACM SIGCOMM Conference on Internet Measurement, pp. 35–47. ACM (2010)Google Scholar
  12. Grier, C., Paxson, V., Zhang, M.: @spam: the underground on 140 characters or less. In: ACM Conference on Computer and Communications Security, pp. 27–37. ACM (2010)Google Scholar
  13. Gyöngyi, Z., Garcia-Molina, H., Pedersen, J.: Combating web spam with trustrank. In: Thirtieth International Conference on Very large Data Dases, vol. 30, pp. 576–587. VLDB Endowment (2004)CrossRefGoogle Scholar
  14. He, S., Wang, H.J., Hong, Z.: Identifying user behavior on Twitter based on multi-scale entropy. In: International Conference on Security, Pattern Analysis, and Cybernetics (SPAC), pp. 381–384. IEEE, Wuhan (2014)Google Scholar
  15. Heymann, P., Koutrika, G., Garcia-Molina, H.: Fighting spam on social web sites: a survey of approaches and future challenges. IEEE Internet Comput. 11(6), 36–45 (2007)CrossRefGoogle Scholar
  16. Hua, W., Zhang, Y.: Threshold and associative based classification for social spam profile detection on Twitter. In: The Ninth International Conference on Semantics, Knowledge and Grids (SKG), pp. 113–120. IEEE, Beijing (2013)Google Scholar
  17. Jeong, S.Y., Koh, Y.S., Dobbie, G.: Phishing detection on Twitter streams. In: Cao, H., Li, J., Wang, R. (eds.) PAKDD 2016. LNCS (LNAI), vol. 9794, pp. 141–153. Springer, Cham (2016). Scholar
  18. Kotsiantis, S.B., Zaharakis, I.D., Pintelas, P.E.: Machine learning: a review of classification and combining techniques. Artif. Intell. Rev. 26(3), 159–190 (2006)CrossRefGoogle Scholar
  19. Ma, J.S., Savage, L.K., Voelker, S., Geoffrey, M.: Beyond blacklists: learning to detect malicious web sites from suspicious URLs. In: ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1245–1254. ACM, New York (2009)Google Scholar
  20. Martinez-Romo, J., Araujo, L.: Detecting malicious tweets in trending topics using a statistical analysis of language. Expert Syst. Appl. 40(8), 2992–3000 (2013)CrossRefGoogle Scholar
  21. McCord, M., Chuah, M.: Spam detection on Twitter using traditional classifiers. In: Calero, J.M.A., Yang, L.T., Mármol, F.G., García Villalba, L.J., Li, A.X., Wang, Y. (eds.) ATC 2011. LNCS, vol. 6906, pp. 175–186. Springer, Heidelberg (2011). Scholar
  22. Nepali, R.K., Wang, Y.: You look suspicious!!: leveraging visible attributes to classify malicious short URLs on Twitter. In: Hawaii International Conference on System Sciences (HICSS), pp. 2648–2655. IEEE (2016)Google Scholar
  23. Ruan, X., Wu, Z., Wang, H., Jajodia, S.: Profiling online social behaviors for compromised account detection. IEEE Trans. Inf. Forensics Secur. 11(1), 176–187 (2016). Scholar
  24. Sedhai, S., Sun, A.: An analysis of 14 Million tweets on hashtag-oriented spamming. J. Assoc. Inf. Sci. Technol. 68(7), 1638–1651 (2017)CrossRefGoogle Scholar
  25. Shen, H., Ma, F., Zhang, X., Zong, L., Liu, X., Liang, W.: Discovering social spammers from multiple views. Neurocomputing 225, 49–57 (2017)CrossRefGoogle Scholar
  26. Stringhini, G., Kruegel, C., Vigna, G.: Detecting spammers on social networks. In: Proceedings of the ACM of the 26th Annual Computer Security Applications Conference (ACSAC 2010), pp. 1–9. ACM, New York (2010)Google Scholar
  27. Thomas, K., Grier, C., Ma, J., Paxson, V., Song, D.: Design and evaluation of a real-time URL spam filtering service. In: IEEE Symposium on Security and Privacy (SP), Berkeley, CA, pp. 447–462. IEEE (2011a)Google Scholar
  28. Thomas, K., Grier, C., Song, D., Paxson, V.: Suspended accounts in retrospect: an analysis of Twitter spam. In: The 2011 ACM SIGCOMM Conference on Internet Measurement conference, New York, USA, pp. 243–258. ACM (2011b)Google Scholar
  29. Wang, D., Irani, D., Pu, C.: A study on evolution of email spam over fifteen years. In: 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, (Collaboratecom), Austin, TX, pp. 1–10. (2013)Google Scholar
  30. Wang, D., Navathe, S.B., Liu, L., Irani, D., Tamersoy, A., Pu, C.: Click traffic analysis of short URL spam on Twitter. In: International Conference Conference on Collaborative Computing: Networking, Applications and Worksharing (Collaboratecom), IEEE, pp. 250–259 (2013)Google Scholar
  31. Yang, C., Harkreader, R.C., Gu, G.: Die free or live hard? Empirical evaluation and new design for fighting evolving Twitter spammers. In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol. 6961, pp. 318–337. Springer, Heidelberg (2011). Scholar
  32. Zheng, L.-X., Xu, X.-L., Li, J., Zhang, L., Pan, X.-C., Ma, Z.-Y., Zhang, L.-H.: Malicious URL prediction based on community detection. In: 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC), pp. 1–7. IEEE (2015)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  1. 1.Faculty of Science and EngineeringQueensland University of Technology AustraliaBrisbane CityAustralia
  2. 2.Institute of Public AdministrationRiyadh CitySaudi Arabia

Personalised recommendations