RACEMAN: Cross-Platform Intrusion Detection in Online Social Networks

Online Social Networks (OSNs) face various security threats, including account compromisation, where attackers seize control over legitimate user accounts and create fake profiles for nefarious purposes. The dynamic and open nature of OSNs presents unique challenges for cybersecurity, particularly in detecting unauthorized access and malicious activities such as phishing attacks, spamming, and spreading misinformation associated with account compromisation. Traditional intrusion detection systems (IDS) in OSNs often miss attacks or generate false positives due to static thresholds, delayed responses, and poor real-time data handling. These limitations often result in missed detections or false positives during sudden shifts in user activity patterns or emerging attack vectors. We introduce RACEMAN, an adaptive IDS designed explicitly for the OSN environment to address this. To enhance adaptability, RACEMAN incorporates emergency strategies such as dynamic threshold adjustments based on real-time network traffic analysis and early stopping mechanisms triggered by anomalous behavior spikes, enabling rapid adaptation to changing threat landscapes. RACEMAN leverages real-time OSN interactions to continuously update its metamorphic relations, ensuring an up-to-date understanding of normal user behaviour versus potential intrusions. This system utilises advanced semantic analysis to accurately represent user interactions. It generates diverse test cases using genetic algorithms and reinforcement learning to simulate user scenarios and potential intrusion methods. These test cases undergo input transformations to realistically mimic intrusion attempts while maintaining semantic integrity. The system's responses to these test cases are evaluated against expected behaviours defined by the updated metamorphic relations. RACEMAN utilizes statistical analysis, Multi-view Convolutional Neural Networks (MVCNN), and rule-based systems for intrusion classification. Our collaborative and distributed IDS approach enhances detection capabilities by promoting knowledge sharing across multiple systems and ensuring scalability without central points of failure. We evaluated RACEMAN using six publicly available datasets from Facebook, Google+, Twitter, linkedIn, Youtube and Reddit where it demonstrated a high accuracy rate of 98.85%, outperforming other models such as Convolutional Neural Network (CNN-85.67%), Artificial Neural Network (ANN-86.63%), and Random Forest (RF-78.26%).