Abstract
Identifying malicious users in online social networks (OSNs) is a challenging task that demands a great deal of skill and knowledge because these users can have multiple forms: Sybils, bots, spammers, phishers, impersonations or fake accounts. Different types of research methodologies have been proposed to solve this problem; hence, there are varied solutions. Most of the work on OSNs has focused on trust, distrust to detect and preventing these types of attacks. Some researchers have found that a suspected node can generate private/public keys to prevent its identity from being stolen by an adversary; however, they have not explained how these keys are generated and managed. We propose a new and efficient centralized key management protocol to prevent Sybil attack and to provide a secure communication service among users in OSNs. The core tenet of this method is the existence of a ‘roadblock’ that any user intending to join a group must go through, which includes a task that only a human user can accomplish. Hence, automatically controlled accounts are prevented from joining, and the group will consist only of users that have been confirmed as genuine. The mechanism is very effective in recognizing bot accounts, which enables it to guard the network against malicious behavior by fake accounts.
•An efficient key management protocol for defending against Sybil-attack in OSNs.•An algorithm to generate different manipulated keys to improve the key exchange process.•Key agreement and authentication that calculate pair wise secret session accurately.•Demonstration of the key management using social networks.