Unfortunately, today's social computing systems have an achilles heel: users of these systems operate behind "weak identities", i.e., identities that can be forged without too much effort. Attackers can easily create forge multiple fake identities and manipulate the functionality of the system. There is mounting evidence that such fake identities are being used to introduce / promote spam content or to manipulate the real popularity of existing users and content on these systems.
In this talk, I will first discuss existing defense strategies that largely focus on detecting and suspending fake identities in social computing systems. Later, I will propose new approaches to reason about the trustworthiness of weak identities.