Abstract
With over 1 billion users connected through online social networks, user privacy is becoming ever more important and is widely discussed in the media and researched in academia. In this chapter we provide a brief overview of some threats to users’ privacy. We classify these threats as: users’ limitations, design flaws and limitations, implicit flows of information, and clash of incentives. We also discuss two defense mechanisms which deploy usable privacy through a visual and interactive flow of information and a rational privacy vulnerability scanner.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Social bots are bot nets on social networks.
- 2.
http://www.facebook.com/claude.shannon—Checked on September 12, 2012, Shannon’s profile may have been made by a fan to pay tribute but similar approaches can be used by attackers.
- 3.
The profile of a cat at the first author’s previous residential hall has 170 friends. This could again be used to spy on users—http://www.facebook.com/CelebratingStarlight.
- 4.
A friend attacker is an attacker who is a friend on Facebook.
- 5.
Based on our paper [30].
- 6.
Based on our paper [26].
- 7.
Photo modified for didactic purposes.
- 8.
http://www.facebook.com/pages/Anders-B-Breivik/265349460157301 Accessed: July 13, 2012.
- 9.
http://www.facebook.com/pages/Anwar-al-Awlaki/102248169830078?rf=134722733227304 Accessed: July 13, 2012.
- 10.
This section is based on our paper [29].
References
Acquisti, A., Grossklags, J.: Uncertainty, ambiguity and privacy. In: WEIS, 2005
Baddeley, A.: Working memory. Science 255(31), 556–559 (1992)
Barret, D., Saul, M.H.: “weiner now says he sent photos”. Wall St. J. (2011)
Berger, P.L.: Models of Bounded Rationality, Vol. I–III. MIT Press, Cambridge, MA (1982)
Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All your contacts are belong to us: automated identity theft attacks on social networks. In: WWW, pp. 551–560, 2009
Bonneau, J.: New facebook photo hacks. http://www.lightbluetouchpaper.org/2009/02/11/new-facebook-photo-hacks/, (2009). Accessed 15 July 2011
Bonneau, J., Anderson, J., Danezis, G.: Prying data out of a social network. In: ASONAM, pp. 249–254, 2009
Bonneau, J., Anderson, J., Stajano, F., Anderson, R.: Eight friends are enough: Social graph approximation via public listings. In: SNS, 2009
Boshmaf, Y., Muslukhov, I., Beznosov, K., Ripeanu, M.: The socialbot network: When bots socialize for fame and money. ACSAC, Sept 2011
Chaabane, A., Acs, G., Kaafar, M.: You are what you like! information leakage through users’ interests. In: Proc. Annual Network and Distributed System Security Symposium, 2012
Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Comm. ACM 24(2), 84–88 (1981)
Chaum, D.: Blind signatures for untraceable payments. In: CRYPTO, pp. 199–203, 1982
Cooper, B.: Italian drugs fugitive jailed after posting pictures of himself with Barack Obama waxwork in London on Facebook. Mail Online February 14, 2012
Dey, R., Tang, C., Ross, K.W., Saxena, N.: Estimating age privacy leakage in online social networks. In: INFOCOM, pp. 2836–2840, 2012
Dhingra, A.: Where you did sleep last night? …thank you, i already know! iSChannel 3(1) (2008)
Donald, A.M., Cranor, L.F.: How technology drives vehicular privacy. J. Law Pol. Inform. Soc. 2, (2006)
Ebersman, D.A.: Facebook Inc., Form S-1 registration statement. United States Securites and Exchange Commission, February 1, 2012
Facebook bug sees Zuckerberg pictures posted online. BBC, December 7, 2011
Facebook Timeline: http://www.facebook.com/about/timeline. Accessed 16 May 2012
Felt, A.: Defacing Facebook: A security case study. 2007
Jagatic, T.N., Johnson, N.A., Jakobsson, M., Menczer, F.: Social phishing. Comm. ACM 50(10), 94–100 (2007)
Lindamood, J., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.M.: Inferring private information using social network data. In: WWW, pp. 1145–1146, 2009
Mackay, W.E.: Triggers and barriers to customizing software. In: CHI, pp. 153–160, 1991
Mahmood, S.: New privacy threats for Facebook and Twitter users. In: IEEE 3PGCIC, 2012
Mahmood, S.: Online social networks: The overt and covert communication channels for terrorists and beyond. In: IEEE HST, 2012
Mahmood, S., Desmedt, Y.: Poster: preliminary analysis of Google+’s privacy. In: ACM Conference on Computer and Communications Security, pp. 809–812, 2011
Mahmood, S., Desmedt, Y.: Online social networks, a criminals multipurpose toolbox (poster abstract). In: Balzarotti, D., Stolfo, S.J., Cova, M. (eds.) Research in Attacks, Intrusions, and Defenses, vol. 7462 of Lecture Notes in Computer Science, pp. 374–375. Springer, New York (2012)
Mahmood, S., Desmedt, Y.: Two new economic models for privacy. In: ACM SIGMETRICS/Performance Workshops, PER, 2012
Mahmood, S., Desmedt, Y.: Usable privacy by visual and interactive control of information flow. In: Twentieth International Security Protocols Workshop, 2012
Mahmood, S., Desmedt, Y.: Your Facebook deactivated friend or a cloaked spy. In: IEEE PerCom Workshops, pp. 367–373, 2012
MailOnline: Zuckerberg defends Facebook…by saying Microsoft, Google and Yahoo! are even worse at ignoring user privacy. Daily Mail, November 8, 2011
Henderson, M., de Zwart, M., Lindsay, D., Phillips, M.: Will u friend me? Legal risks of social networking sites. Monash University, 2011
Monkovic, T.: Eagles employee fired for Facebook post. New York Times, March 10, 2009
Obama advises caution in use of Facebook. Associated Press, September 8, 2009
Parent, W.: Privacy, morality and the law. Philos. Publ. Aff. 12, 269–288 (1983)
Polakis, I., Kontaxis, G., Antonatos, S., Gessiou, E., Petsas, T., Markatos, E.P.: Using social networks to harvest email addresses. In: WPES, pp. 11–20, 2010
Privacy: Stanford Encyclopedia of Philosophy, 2002
Samaha, J.: Criminal Justice. Thomson Wadsworth, Belmont, CA (2006)
Spiekermann, S., Grossklags, J., Berendt, B.: E-privacy in 2nd generation e-commerce: privacy preferences versus actual behavior. In: ACM Conference on Electronic Commerce, pp. 38–47, 2001
Stelzner, M.: Social media marketing industry report. http://www.socialmediaexaminer.com/ SocialMediaMarketingReport2011.pdf, 2011
The underground credit card blackmarket. http://www.stopthehacker.com/2010/03/03/the-underground-credit-card-blackmarket/, 2010
Warren, S.D., Brandeis, L.D.: The right to privacy. Harv. Law Rev. 4(5), 193–220 (1890)
Wasserman, S., Faust, K.: Social Network Analysis. Cambridge University Press, Cambridge (1994)
Weeks, N.: Greek police detain 24 in athens immigrant clash after murder. http://www.bloomberg.com/news/2011-05-11/greek-police-detain-24-in-athens-immigrant-clash-after-murder.html, 2011
Westin, A., Blom-Cooper, L.: Privacy and Freedom. Bodley Head, London (1970)
Xu, W., Zhou, X., Li, L.: Inferring privacy information via social relations. In: International Conference on Data Engineering, 2008
Yan, J., Liu, N., Wang, G., Zhang, W., Jiang, Y., Chen, Z.: How much can behavioral targeting help online advertising? In: WWW, pp. 261–270, 2009
Yardi, S., Romero, D.M., Schoenebeck, G., Boyd, D.: Detecting spam in a Twitter network. First Monday 15(1) (2010)
Acknowledgements
The author would like to thank Professor Yvo Desmedt with whom he co-authored some of the work cited in this chapter. The author would also like to thank University College London for providing him financial support through the University College London PhD Studentship Program. This chapter is based on our work in [24–30].
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Wien
About this chapter
Cite this chapter
Mahmood, S. (2013). Online Social Networks: Privacy Threats and Defenses. In: Chbeir, R., Al Bouna, B. (eds) Security and Privacy Preserving in Social Networks. Lecture Notes in Social Networks. Springer, Vienna. https://doi.org/10.1007/978-3-7091-0894-9_2
Download citation
DOI: https://doi.org/10.1007/978-3-7091-0894-9_2
Published:
Publisher Name: Springer, Vienna
Print ISBN: 978-3-7091-0893-2
Online ISBN: 978-3-7091-0894-9
eBook Packages: Computer ScienceComputer Science (R0)