Categorizing social network objects based on user affiliations

US 8,738,705 B2
Filed: 12/21/2010
Issued: 05/27/2014
Est. Priority Date: 12/21/2010
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method comprising:

identifying a set of malicious groups associated with a social networking system, wherein a group is an entity represented in the social networking system that users can join, the malicious groups predetermined to be associated with a type of malicious activity;

determining a measure of interactions of the user with the malicious group;

selecting users associated with the malicious groups, wherein each user is selected based on the determined measure of interactions of the user with the malicious groups;

selecting a set of potentially malicious groups associated with the selected users;

receiving, by a computer, keywords associated with the type of malicious activity and searching for keyword occurrences in content received from users of the potentially malicious groups;

determining, by the computer, a level of association of each potentially malicious group with the type of malicious activity based on the keyword occurrences; and

storing information describing the association of each potentially malicious group with the type of malicious activity.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Groups of users of a social networking system are categorized based on their association with a type of malicious activity. A set of predetermined malicious groups is identified. Users associated with the malicious groups are selected based on their level of interactions with the malicious groups. Other groups associated with the selected users are identified as being potentially malicious groups. The potentially malicious groups are further analyzed based on occurrences of keywords associated with the type of malicious activity and manual verification by experts. The potentially malicious groups are either classified as being malicious or non-malicious or assigned a score based on their likelihood of being associated with the type of malicious activity. The methods and system disclosed can be used for categorizing other types of social network objects based on their association with a type of malicious activity, for example, users, events, and content.

Citations

22 Claims

1. A computer implemented method comprising:
- identifying a set of malicious groups associated with a social networking system, wherein a group is an entity represented in the social networking system that users can join, the malicious groups predetermined to be associated with a type of malicious activity;
  
  determining a measure of interactions of the user with the malicious group;
  
  selecting users associated with the malicious groups, wherein each user is selected based on the determined measure of interactions of the user with the malicious groups;
  
  selecting a set of potentially malicious groups associated with the selected users;
  
  receiving, by a computer, keywords associated with the type of malicious activity and searching for keyword occurrences in content received from users of the potentially malicious groups;
  
  determining, by the computer, a level of association of each potentially malicious group with the type of malicious activity based on the keyword occurrences; and
  
  storing information describing the association of each potentially malicious group with the type of malicious activity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The computer implemented method of claim 1, wherein a user associated with the malicious groups is selected if the measure of interactions exceeds a first threshold value and each potentially malicious group associated with a selected user is selected responsive to interactions of the selected user with the potentially malicious group exceeding a second threshold value.
  - 3. The computer implemented method of claim 1, wherein determining a level of association comprises determining a score indicating a strength of association of the potentially malicious group with the type of malicious activity.
  - 4. The computer implemented method of claim 1, determining a level of association comprises determining whether the potentially malicious group is associated with the type of malicious activity.
  - 5. The computer implemented method of claim 1, further comprising:
    - responsive to determining that a potentially malicious group is associated with the type of malicious activity, adding the potentially malicious group to the set of malicious groups.
  - 6. The computer implemented method of claim 1 further comprising:
    - presenting information describing the association of each potentially malicious group with the type of malicious activity; and
      
      receiving input verifying the association of each potentially malicious group with the type of malicious activity.
  - 7. The computer implemented method of claim 1, the measure of interactions of each user with a malicious group is based on at least one of a frequency of interactions of the user with the malicious group, a number of interactions of the user with the malicious group, number of malicious groups that the user interacts with, and types of interactions of the user with the malicious group.
  - 8. The computer implemented method of claim 1, wherein an interaction of the user with a group comprises the user communicating with other users associated with the group.
  - 9. The computer implemented method of claim 1, wherein an interaction of the user with a group comprises the user establishing a connection in the social networking system with other users associated with the group.
  - 10. The computer implemented method of claim 1, wherein an interaction of the user with a group comprises the user sending a message indicating attendance of the user in an event associated with the group.
  - 11. The computer implemented method of claim 2, wherein the first threshold value for measure of interactions is one.
  - 12. The computer implemented method of claim 1, wherein the content received from users of the potentially malicious groups comprises at least one of messages sent by users associated with the potentially malicious groups, content uploaded to the social networking system by users associated with the potentially malicious groups, and content retrieved from the social networking system by users associated with the potentially malicious groups.
  - 13. The computer implemented method of claim 1, the method further comprising:
    - presenting the information describing the association of each potentially malicious group with the type of malicious activity.
  - 14. The computer implemented method of claim 1, the method further comprising:
    - responsive to determining that a potentially malicious group is associated with a type of malicious activity, modifying privacy settings associated with the users of the group.
  - 15. The computer implemented method of claim 1, the method further comprising:
    - responsive to determining that a potentially malicious group is associated with a type of malicious activity, modifying access control information for the information associated with the group.

16. A computer program product having a nontransitory computer-readable storage medium storing computer-executable code, the code comprising:
- an object classifier module configured to;
  
  receive information identifying a set of malicious groups associated with a social networking system, wherein a group is an entity represented in the social networking system that users can join, the malicious groups predetermined to be associated with a type of malicious activity,determine a measure of interactions of the user with the malicious group,select users associated with the malicious groups, wherein each user is selected based on the determined measure of interactions of the user with the malicious groups, andselect a set of potentially malicious groups associated with the selected users;
  
  a keyword search module configured to;
  
  receive keywords associated with the type of malicious activity, andsearch for occurrences of the keywords in content received from users of the potentially malicious groups;
  
  the object classifier module, further configured to;
  
  determine a level of association of each potentially malicious group with the type of malicious activity based on the occurrences; and
  
  a group store configured to;
  
  store information describing the level of association of each potentially malicious group with the type of malicious activity.
- View Dependent Claims (17, 18, 19, 20, 21, 22)
- - 17. The computer program product of claim 16, wherein an interaction of a user with a malicious object comprises a user establishing connections in the social networking system with other users associated with the malicious object.
  - 18. The computer program product of claim 16, wherein the measure of interactions of each user with a malicious group is based on one of a frequency of interaction of the user with the malicious group, a number of interactions of the user with the malicious group, number of malicious groups that the user interacts with, and types of interactions of the user with the malicious group.
  - 19. The computer program product of claim 16, wherein the content received from users of the potentially malicious groups comprises one of messages sent by users associated with the potentially malicious groups, content uploaded to the social networking system by users associated with the potentially malicious groups, and content retrieved from the social networking system by users associated with the potentially malicious groups.
  - 20. The computer program product of claim 16, wherein the object classifier module is further configured to:
    - add a potentially malicious group to the set of malicious groups responsive to determining that the potentially malicious group is associated with the type of malicious activity.
  - 21. The computer program product of claim 16, the code further comprising an access control module configured to:
    - responsive to determining that a potentially malicious group is associated with a type of malicious activity, modify privacy settings associated with the users of the group.
  - 22. The computer program product of claim 16, the code further comprising an access control module configured to:
    - responsive to determining that a potentially malicious group is associated with a type of malicious activity, modify access control information for the group.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Inventors
Kelmenson, Daniel Leon, Willner, David Stewart
Primary Examiner(s)
Hussain, Imad

Application Number

US12/975,213
Publication Number

US 20120158851A1
Time in Patent Office

1,253 Days
Field of Search

709/205
US Class Current

709/205
CPC Class Codes

G06F 16/951   Indexing; Web crawling tech...

G06F 7/08   Sorting, i.e. grouping reco...

G06Q 10/1095   Meeting or appointment

G06Q 50/01   Social networking

G06Q 50/265   Personal security, identity...

Categorizing social network objects based on user affiliations

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Categorizing social network objects based on user affiliations

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links