The more connected the more vulnerable

Print Friendly, PDF & Email

by Daniel Peck, Research Scientist

The Facebook data team released some interesting data a few days ago focusing on the connectedness of their social graph, taking six degrees of Kevin Bacon and looking at how many connections away from each other any two people on the network are. From their research it seems like more than 90% of people on the network are seperated by only four degrees, meaning that any person A has a friend that knows a friend of Person B.

Interesting in and of itself this shows how social networking is used to connect to people with whom you have very little in common, perhaps enjoying similar music, enjoying the same food, or like the same apps/games on Facebook.  Something like mini ad-hoc Farmville Fan Clubs.  And that is neat, the more connected we are to one another then maybe the more we'll understand each other.

That said, this amount of connectedness has a price in the realm of trust, especially with regards to anomaly detection and behavioral classifying. The network doesn't distinguish the levels of trust/friendship that we have in the real world.  This is likely a neccessary level of abstraction, and we don't have a leaderboard of friends trust levels, but you have an internal model that allows you to weigh “truths” differently based on whether it came from a long time friend versus someone you met because you attended a one day class together. Software can't know these levels, at least not without an unreasonable level of training from the user, so for the purposes of behavioral classification it has to use more derived variables, like connectedness, on the social graph.  As this collapses these variables become less valuable, and may introduce false levels of trust within your real circle of friends.  We've seen this become increasingly popular with spammers working through fake accounts.  Usually the steps go something like this:

  1. An account is created with a profile listing that they went to “Generic State U”
  2. A few friend requests are sent to others within the “Generic State U” ad-hoc group and with a relatively high level of certainty a few will accept.
  3. The spammer then has a foothold into that persons network, and each “friend” request they send out has more legitimacy
  4. Your real friends are wishing these fake accounts “happy birthday” and commenting on their latest picture uploads, and occasionally having malware spreading links dropped into their feed.

This level of trust via degree connectedness leads to a sort of herd vulnerability. Each malicious account that gains a foothold on the network, means all users of the network are much more vulnerable. The extra few seconds that you take to verify a friend connection, even if you aren't worried about privacy issues or spam yourself, helps protect less savy users and keeps some of the easiest computations for behavioral analysis effective and the network as a whole a bit less dangerous for the weaker members.

Scroll to top
Tweet
Share
Share