Detecting Organization-Targeted Socialbots by Monitoring Social Network Profiles

Abigail Paradise, Asaf Shabtai, Rami Puzis

Research output: Contribution to journalArticlepeer-review


Advanced attackers use online social networks in order to extract useful information about targeted organizations, including the names of the organization’s members, their connections, affiliations, positions, etc. Using artificial profiles (socialbots) attackers connect to real members of the organization, thus establishing a foothold inside the organization and greatly increasing the amount of sensitive information they can collect. The connection methods used by attackers are versatile, ranging from random friend requests to carefully crafted, manually operated social engineering attempts. In this paper we provide an analysis of the cost-effectiveness of strategies used to monitor organizational social networks and detect the socialbots that penetrate a target organization. These strategies were evaluated against heterogeneous attackers with different levels of knowledge about the monitoring strategies, using simulation on actual social network data and data from a real scenario of socialbot intrusion. The results demonstrate the efficacy of the monitoring strategies in detecting less sophisticated attackers and slowing down attackers that deliberately avoid the monitored profiles.

Original languageAmerican English
Pages (from-to)731-761
Number of pages31
JournalNetworks and Spatial Economics
Issue number3
StatePublished - 15 Sep 2019


  • Reconnaissance
  • Social network
  • Social network security
  • Socialbots

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications
  • Artificial Intelligence


Dive into the research topics of 'Detecting Organization-Targeted Socialbots by Monitoring Social Network Profiles'. Together they form a unique fingerprint.

Cite this