aalto1 untyped-item.component.html

Detecting Malicious Accounts in Online Developer Communities Using Deep Learning

Thumbnail Image

Files

IEEE-TKDE-2023.pdf (2.65 MB)

Access rights

openAccess
acceptedVersion

URL

Journal Title

Journal ISSN

Volume Title

A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä
This publication is imported from Aalto University research portal.
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.

Authors

Date

2023-10-01

Department

Department of Information and Communications Engineering

Major/Subject

Mcode

Degree programme

Language

en

Pages

17

Series

IEEE Transactions on Knowledge and Data Engineering, Volume 35, issue 10, pp. 10633-10649

Abstract

Online developer communities like GitHub allow a massive number of developers to collaborate. However, the openness of the communities makes them vulnerable to different types of malicious attacks, since attackers can easily join these communities and interact with legitimate users. In this work, we propose GitSec, a deep learning-based solution for detecting malicious accounts in online developer communities. GitSec distinguishes malicious accounts from legitimate ones based on the account profiles, dynamic activity characteristics, as well as social interactions. First, GitSec introduces two user activity sequences and applies a parallel neural network design with an attention mechanism to process the sequences. Second, GitSec constructs two graphs to represent the interactions between users according to their repository operations. Especially, graph neural networks and structural hole theory are employed to deal with the two constructed graphs. Third, GitSec makes use of the descriptive features to enhance the detection performance. The final judgement is made by a decision maker implemented by a supervised machine learning-based classifier. Based on the real-world data of GitHub users, our comprehensive evaluations show that GitSec achieves a better performance than state-of-the-art solutions, with an AUC value of 0.916.

Description

Publisher Copyright: IEEE

Keywords

Blogs, C++ languages, Codes, Companies, Data collection, Deep Learning, Graph Neural Networks, Malicious Account Detection, Online Developer Communities, Social Networks, Software development management, Stars, Structural Hole Theory

Other note

DOI

10.1109/TKDE.2023.3237838

Citation

Gong, Q, Liu, Y, Zhang, J, Chen, Y, Li, Q, Xiao, Y, Wang, X & Hui, P 2023, 'Detecting Malicious Accounts in Online Developer Communities Using Deep Learning', IEEE Transactions on Knowledge and Data Engineering, vol. 35, no. 10, pp. 10633-10649. https://doi.org/10.1109/TKDE.2023.3237838

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-202401312282

Collections

[article-cris] Palvelut / Services

Endorsement

Review

Supplemented By

Referenced By