Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

It’s not unusual to have user profiles on multiple social networks, or even separate accounts on sites like Twitter–one for work and one for play. But Kyumin Lee at Texas A&M University has 60 Twitter accounts, and not because he’s popular.

Lee’s accounts are “honeypots,” designed to attract the attention of the spammers that increasingly use social networks to spread links to malware and phishing Web sites. Software developed by Lee monitors messages sent to the honeypot accounts to learn the tactics used by spammers.

“The concept of a honeypot is well established at the network level,” says Lee. Usually it takes the form of unprotected computers used to monitor spam e-mail or network-based attacks. “We decided to apply it at a higher level to learn about spam in social networks.” Lee is carrying out the project with A&M colleagues James Caverlee and Brian David Eoff, and with Steve Webb at Georgia Tech University. The work is partially supported by a research award from Google.

The honeypot accounts, like this one, automatically post updates drawn from a collection of 120,000 real tweets harvested from Twitter. The team has also deployed honeypots on MySpace, and created software that uses dummy profiles on both networks to learn about spammer tactics. “We have a bot monitor who contacts our profiles, ” says Lee. “It looks at what they put in their messages and also accesses their profile to see their demographic information and past updates.”

So far, Lee says, “our 61 honeypots tempted and collected 30,867 spammers on Twitter.” The data gathered by those bots can also be used to train “classifier” algorithms to identify spammers that haven’t yet contacted a honeypot. A classifier trained using the Twitter honeypots proved capable of correctly identifying spam profiles more than 80 percent of the time. A public Web service is being built from the trained model that will allow people to look up which accounts it considers spam, and submit corrections for any that are misidentified, says Lee.

1 comment. Share your thoughts »

Tagged: Computing, Web, security, Twitter, social networks, social networking, spam, phishing, computer science

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me