Facebook Immune System checks 25 billion actions every day

Do you ever wonder how Facebook fights spam? The company has released some details about the Facebook Immune System (FIS), which processes 650,000 actions every second.
Written by Emil Protalinski, Contributor

The Facebook Immune System (FIS) processes and checks 25 billion actions every day, or 650,000 actions every second. The social networking giant's cybersecurity system was developed over a three-year period to keep the service's users safe from spam and cyberattacks. FIS scans every click on Facebook for patterns that could suggest something malicious is spreading across the social network.

Results have shown that it is highly efficient: spam has dropped to account for less than 4 percent of Facebook's total messages, which affect under 0.5 percent of users. Then again, given that Facebook has 800 million active users, that's still 4 million users being hit by spam.

FIS works to protect users against spam by harnessing artificially intelligent software to detect suspicious patterns of behavior, according to New Scientist. The system is overseen by a team of 30 security experts, but learns in real-time and regularly takes action without checking with a human supervisor.

Still, it's not perfect. The system has trouble fighting strategies it has not seen before, such as a socialbot attack. Socialbots randomly send friend requests, which leads to an unusually high number of rejections. FIS is learning to recognize this pattern to block a socialbot attack.

Researchers at the University of British Columbia in Vancouver, Canada, recently used 102 socialbots to make a combined 3,000 friends in eight weeks. The bots began by sending friend requests to random users, 20 percent of whom accepted, and then to their mutual friends, which resulted in the acceptance rate jumping to almost 60 percent.

Such an attack means it doesn't matter if users hide their personal information from public view as long as they let their friends have visibility. The socialbots thus managed to extract some 46,500 email addresses and 14,500 physical addresses from users' profiles. "An attacker could do many things with this data," said Yazan Boshmaf, who will present the team's work at the Annual Computer Security Applications Conference in Orlando, Florida, next month.

See also:

Editorial standards