Interesting article in the New Scientist titled “Inside Facebook’s massive cyber-security system” about a system they call the “Facebook Immune System” (FIS)…
…an all-seeing set of algorithms that monitors every photo posted to the network, every status update- indeed, every click made by every one of the 800 million users.
That is one big event monitoring system! The stats are impressive too:
- 25Bn read-write actions monitored per day
- Peak 650K events per second
Per the published paper, published under the Microsoft Research topic “Querying Large Distributed Graphs“, FIS has the following main features:
- Classifier Services: various statistical algorithms
- Feature eXtraction Language (FXL): a features and rules specification language – in other words, “patterns” – including stream processing expressions
- dynamic model loading and training: also a common attribute of CEP systems
- Policy Engine: the business rules engine also handling Classifer Services monitoring, executing the FXL expressions in rules.
- Feature Loops (Floops): the aggregation mechanism taking feature extraction output and creating the complex events called features for the classifiers.
They also seemed to have exploited crowdsourcing as indicators for fraud: … [the system also] checked to see which messages were being flagged as spam by users and blocked messages with similar keywords in the text.
In some respects this is social rule / knowledge elicitation – something that can also be done on other social systems like tibbr, and likely an increasing trend that came up several times at RulesFest this week.
Meanwhile, TIBCO announced a cybersecurity deal with the US DHS.
