Presented By O'Reilly and Cloudera
Make Data Work
March 13–14, 2017: Training
March 14–16, 2017: Tutorials & Conference
San Jose, CA

Don’t sleep on sleeper cells: Using big data to drive detection

Yinglian Xie (DataVisor)
11:00am11:40am Thursday, March 16, 2017
Platform Security and Cybersecurity
Location: LL21 B Level: Beginner
Secondary topics:  ecommerce, Media

Who is this presentation for?

  • Executives and managers focused on data science or security

Prerequisite knowledge

  • A general understanding of big data technologies, including Spark
  • Security and online fraud detection domain expertise not required

What you'll learn

  • Understand the make-up and motivations for sleeper cells
  • Explore real-world case studies dealing with sleeper cells in a popular mobile entertainment app and in a large online service that provides chat, gaming, and interaction with nearby users (Both cases have millions of real-world user accounts and billions of events studied.)
  • Learn why sleeper cells are difficult to detect and what can be done about it
  • Discover the benefits of real-time in-memory big data analytics for detecting sleeper cells within online services


Today, you create an account for every site or mobile app you visit, in effect becoming a citizen of that company. And like most communities, growth of the user account base is critical to succeeding. Users both contribute content (e.g., reviews, pins, and posts) and are a channel for monetization (e.g., ad clicks, promotions, and in-app purchases). However, some visitors to this community are unwelcome—well-organized crime rings are creating so-called sleeper cells, fake user accounts masquerading as normal citizens hiding among billions of users, and waging large-scale attacks to exploit these services for financial gain.

Using analysis of more than 500 billion events and 400 million user accounts from global online services over the past year, Yinglian Xie exposes the issue of global sleeper cells, providing an in-depth analysis of sleeper cells’ characteristics, the sophisticated attack techniques being used to wage war, and how to mitigate attacks using Spark’s in-memory big data security analytics.

Photo of Yinglian Xie

Yinglian Xie


Yinglian Xie is the CEO and cofounder of DataVisor, a startup in the area of big data analytics for security. Yinglian has been working in the area of internet security and privacy for over 10 years and has helped improve the security of billions of online users. Her work combines parallel-computing techniques, algorithms for mining large datasets, and security-domain knowledge into new solutions that prevent and combat a wide variety of attacks targeting consumer-facing online services. Prior to DataVisor, Yinglian was a senior researcher at Microsoft Research Silicon Valley, where she shipped a series of new techniques in production. She has been widely published in top conferences and served on the committees of many of them. Yinglian holds a PhD in computer science from Carnegie Mellon University.