Categorizing social network objects based on user affiliations
First Claim
1. A computer implemented method comprising:
- identifying a set of malicious groups associated with a social networking system, wherein a group is an entity represented in the social networking system that users can join, the malicious groups predetermined to be associated with a type of malicious activity;
determining a measure of interactions of the user with the malicious group;
selecting users associated with the malicious groups, wherein each user is selected based on the determined measure of interactions of the user with the malicious groups;
selecting a set of potentially malicious groups associated with the selected users;
receiving, by a computer, keywords associated with the type of malicious activity and searching for keyword occurrences in content received from users of the potentially malicious groups;
determining, by the computer, a level of association of each potentially malicious group with the type of malicious activity based on the keyword occurrences; and
storing information describing the association of each potentially malicious group with the type of malicious activity.
2 Assignments
0 Petitions
Accused Products
Abstract
Groups of users of a social networking system are categorized based on their association with a type of malicious activity. A set of predetermined malicious groups is identified. Users associated with the malicious groups are selected based on their level of interactions with the malicious groups. Other groups associated with the selected users are identified as being potentially malicious groups. The potentially malicious groups are further analyzed based on occurrences of keywords associated with the type of malicious activity and manual verification by experts. The potentially malicious groups are either classified as being malicious or non-malicious or assigned a score based on their likelihood of being associated with the type of malicious activity. The methods and system disclosed can be used for categorizing other types of social network objects based on their association with a type of malicious activity, for example, users, events, and content.
-
Citations
22 Claims
-
1. A computer implemented method comprising:
-
identifying a set of malicious groups associated with a social networking system, wherein a group is an entity represented in the social networking system that users can join, the malicious groups predetermined to be associated with a type of malicious activity; determining a measure of interactions of the user with the malicious group; selecting users associated with the malicious groups, wherein each user is selected based on the determined measure of interactions of the user with the malicious groups; selecting a set of potentially malicious groups associated with the selected users; receiving, by a computer, keywords associated with the type of malicious activity and searching for keyword occurrences in content received from users of the potentially malicious groups; determining, by the computer, a level of association of each potentially malicious group with the type of malicious activity based on the keyword occurrences; and storing information describing the association of each potentially malicious group with the type of malicious activity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A computer program product having a nontransitory computer-readable storage medium storing computer-executable code, the code comprising:
-
an object classifier module configured to; receive information identifying a set of malicious groups associated with a social networking system, wherein a group is an entity represented in the social networking system that users can join, the malicious groups predetermined to be associated with a type of malicious activity, determine a measure of interactions of the user with the malicious group, select users associated with the malicious groups, wherein each user is selected based on the determined measure of interactions of the user with the malicious groups, and select a set of potentially malicious groups associated with the selected users; a keyword search module configured to; receive keywords associated with the type of malicious activity, and search for occurrences of the keywords in content received from users of the potentially malicious groups; the object classifier module, further configured to; determine a level of association of each potentially malicious group with the type of malicious activity based on the occurrences; and a group store configured to; store information describing the level of association of each potentially malicious group with the type of malicious activity. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
Specification