Categorizing Social Network Objects Based on User Affiliations

US 20120158851A1
Filed: 12/21/2010
Published: 06/21/2012
Est. Priority Date: 12/21/2010
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method for categorizing groups of users in a social networking system based on maliciousness of activity associated with the groups, the method comprising:

identifying a set of malicious groups associated with a social networking system, the malicious groups predetermined to be associated with a type of malicious activity;

selecting users associated with the malicious groups, wherein each user is selected based on a measure of interactions of the user with the malicious groups exceeding a threshold value;

selecting a set of potentially malicious groups associated with the selected users;

receiving keywords associated with the type of malicious activity and searching for keyword occurrences in information associated with each potentially malicious group;

determining a level of association of each potentially malicious group with the type of malicious activity based on the keyword occurrences; and

storing information describing the association of each potentially malicious group with the type of malicious activity.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Groups of users of a social networking system are categorized based on their association with a type of malicious activity. A set of predetermined malicious groups is identified. Users associated with the malicious groups are selected based on their level of interactions with the malicious groups. Other groups associated with the selected users are identified as being potentially malicious groups. The potentially malicious groups are further analyzed based on occurrences of keywords associated with the type of malicious activity and manual verification by experts. The potentially malicious groups are either classified as being malicious or non-malicious or assigned a score based on their likelihood of being associated with the type of malicious activity. The methods and system disclosed can be used for categorizing other types of social network objects based on their association with a type of malicious activity, for example, users, events, and content.

Citations

34 Claims

1. A computer implemented method for categorizing groups of users in a social networking system based on maliciousness of activity associated with the groups, the method comprising:
- identifying a set of malicious groups associated with a social networking system, the malicious groups predetermined to be associated with a type of malicious activity;
  
  selecting users associated with the malicious groups, wherein each user is selected based on a measure of interactions of the user with the malicious groups exceeding a threshold value;
  
  selecting a set of potentially malicious groups associated with the selected users;
  
  receiving keywords associated with the type of malicious activity and searching for keyword occurrences in information associated with each potentially malicious group;
  
  determining a level of association of each potentially malicious group with the type of malicious activity based on the keyword occurrences; and
  
  storing information describing the association of each potentially malicious group with the type of malicious activity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The computer implemented method of claim 1, wherein the threshold value is a first threshold value and each potentially malicious group associated with a selected user is selected responsive to interactions of the selected user with the potentially malicious group exceeding a second threshold value.
  - 3. The computer implemented method of claim 1, wherein determining a level of association comprises determining a score indicating a strength of association of the potentially malicious group with the type of malicious activity.
  - 4. The computer implemented method of claim 1, determining a level of association comprises determining whether the potentially malicious group is associated with the type of malicious activity or not associated with the type of malicious activity.
  - 5. The computer implemented method of claim 1, further comprising:
    - responsive to determining that a potentially malicious group is associated with the type of malicious activity, adding the potentially malicious group to the set of malicious groups.
  - 6. The computer implemented method of claim 1, further comprising:
    - presenting information describing the association of each potentially malicious group with the type of malicious activity; and
      
      receiving input verifying the association of each potentially malicious group with the type of malicious activity.
  - 7. The computer implemented method of claim 1, the measure of interactions of each user with a malicious group is based on at least one of a frequency of interactions of the user with the malicious group, a number of interactions of the user with the malicious group, number of malicious groups that the user interacts with, and types of interactions of the user with the malicious group.
  - 8. The computer implemented method of claim 1, wherein an interaction of the user with a group comprises the user communicating with other users associated with the group.
  - 9. The computer implemented method of claim 1, wherein an interaction of the user with a group comprises the user establishing a connection in the social networking system with other users associated with the group.
  - 10. The computer implemented method of claim 1, wherein an interaction of the user with a group comprises the user sending a message indicating attendance of the user in an event associated with the group.
  - 11. The computer implemented method of claim 1, wherein the threshold value for measure of interactions is one.
  - 12. The computer implemented method of claim 1, wherein the information associated with potentially malicious groups for searching occurrences of keywords comprises at least one of messages sent by users associated with the potentially malicious groups, content uploaded to the social networking system by users associated with the potentially malicious groups, and content retrieved from the social networking system by users associated with the potentially malicious groups.
  - 13. The computer implemented method of claim 1, the method further comprising:
    - presenting the information describing the association of each potentially malicious group with the type of malicious activity.
  - 14. The computer implemented method of claim 1, the method further comprising:
    - responsive to determining that a potentially malicious group is associated with a type of malicious activity, modifying the privacy settings associated with the users of the group.
  - 15. The computer implemented method of claim 1, the method further comprising:
    - responsive to determining that a potentially malicious group is associated with a type of malicious activity, modifying the access control information for the information associated with the group.

16. A computer implemented method for categorizing objects stored in a social networking system based on the objects'"'"' relatedness to a subject or interest, the method comprising:
- identifying a set of objects associated with a social networking system, the identified objects predetermined to be related to a subject or interest;
  
  selecting users associated with the objects, wherein each user is selected responsive to a measure of interactions of the user with the objects exceeding a first threshold value;
  
  selecting a set of candidate objects associated with the selected users, wherein the candidate objects are potentially related to the subject or interest;
  
  receiving keywords associated with the subject or interest and searching for keyword occurrences in information associated with each candidate object;
  
  determining a level of association of each candidate malicious object with the subject or interest based on the keyword occurrences; and
  
  storing information describing the level of association of one or more of the candidate objects with the subject or interest.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 17. The computer implemented method of claim 16, wherein the threshold value is a first threshold value and each candidate object associated with a selected user is selected responsive to interactions of the selected user with the candidate object exceeding a second threshold value.
  - 18. The computer implemented method of claim 16, wherein a candidate object is one of a group of users, a user of the social networking system, a content item, a page, an application, and an event.
  - 19. The computer implemented method of claim 16, wherein a candidate object is one of a group of users, a user of the social networking system, a content item, a page, and an event.
  - 20. The computer implemented method of claim 16, wherein the identified objects and the candidate objects correspond to entities represented in the social networking system with which users of the social networking connections can establish a connection.
  - 21. The computer implemented method of claim 16, wherein an interaction of a user with an object comprises at least one of the user uploading information associated with the object, the user retrieving information associated with the object, and the user establishing connections in the social networking system with other users associated with the object.
  - 22. The computer implemented method of claim 16, wherein the measure of interactions of each user with an object is based on one of a frequency of interaction of the user with the object, a number of interactions of the user with the object, number of objects that the user interacts with, and a type of interactions of the user with the object.
  - 23. The computer implemented method of claim 16, wherein the information associated with the candidate objects for searching occurrence of keywords comprises one of messages sent by users associated with the candidate objects, content uploaded to the social networking system by users associated with the candidate objects, and content retrieved from the social networking system by users associated with the candidate objects.
  - 24. The computer implemented method of claim 16, further comprising:
    - responsive to determining that a candidate object is associated with the subject or interest, adding the candidate object to the set of objects.
  - 25. The computer implemented method of claim 16, further comprising:
    - presenting information describing the association of each candidate object with the subject or interest; and
      
      receiving input verifying the association of each candidate object with the subject or interest.

26. A computer program product having a computer-readable storage medium storing computer-executable code for categorizing groups of users in a social networking system based on maliciousness of activity associated with the groups, the code comprising:
- an object classifier module configured to;
  
  receive information identifying a set of malicious groups associated with a social networking system, wherein the groups are predetermined to be associated with a type of malicious activity,select users associated with the malicious groups, wherein each user is selected responsive to a measure of interactions of the user with the malicious groups exceeding a threshold value, andselect a set of potentially malicious groups associated with the selected users;
  
  a keyword search module configured to;
  
  receive keywords associated with the type of malicious activity, andsearch for occurrences of the keywords in information associated with each potentially malicious group;
  
  the object classifier module, further configured to;
  
  determine a level of associate each potentially malicious group with the type of malicious activity based on the occurrences; and
  
  a group store configured to;
  
  store information describing the level of association of each potentially malicious group with the type of malicious activity.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34)
- - 27. The computer program product of claim 26, wherein an interaction of a user with a malicious object comprises a user establishing connections in the social networking system with other users associated with the malicious object.
  - 28. The computer program product of claim 26, wherein the measure of interactions of each user with a malicious group is based on one of a frequency of interaction of the user with the malicious group, a number of interactions of the user with the malicious group, number of malicious groups that the user interacts with, and types of interactions of the user with the malicious group.
  - 29. The computer program product of claim 26, wherein the information associated with potentially malicious objects for searching occurrence of keywords comprises one of messages sent by users associated with the potentially malicious objects, content uploaded to the social networking system by users associated with the potentially malicious objects, and content retrieved from the social networking system by users associated with the potentially malicious objects.
  - 30. The computer program product of claim 26, wherein the object classifier module is further configured to:
    - add a potentially malicious group to the set of malicious groups responsive to determining that the potentially malicious group is associated with the type of malicious activity.
  - 31. A computer implemented method using the computer program product of claim 26, the method comprising:
    - providing information identifying the set of malicious groups associated with a social networking system, wherein the groups are predetermined to be involved in a type of malicious activity.
  - 32. The computer implemented method of claim 31, further comprising:
    - providing keywords describing the type of malicious activity.
  - 33. The computer implemented method of claim 31, further comprising:
    - retrieving information describing a potentially malicious group associated with the type of malicious activity to verify whether the potentially malicious group is involved in the type of malicious activity; and
      
      providing a verification decision determining whether the potentially malicious group is involved in the type of malicious activity.
  - 34. The computer implemented method of claim 31, further comprising:
    - providing parameters describing the measure of interactions of a user with a group.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Inventors
Willner, David Stewart, Kelmenson, Daniel Leon

Granted Patent

US 8,738,705 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/205
CPC Class Codes

G06F 16/951   Indexing; Web crawling tech...

G06F 7/08   Sorting, i.e. grouping reco...

G06Q 10/1095   Meeting or appointment

G06Q 50/01   Social networking

G06Q 50/265   Personal security, identity...

Categorizing Social Network Objects Based on User Affiliations

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

Categorizing Social Network Objects Based on User Affiliations

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links