Abstract
Facebook is significant platform for third-party developers to run written applications in order to provide users extra functionality and services. Third-party applications (TPAs) access to user’s profile and exchange their information. In doing so, this may lead to information leakage and privacy risks. Although Facebook has control over third-party applications, it still lacks control in the existing mechanisms. The aim of this paper is to investigate how to hinder TPAs from accessing user’s private information while still sustaining the functionality of the applications. To address privacy and functionality simultaneously, this study suggests a classification framework providing mechanism in controlling TPAs access to the users’ data residing on Facebook. The improved framework allows TPAs to utilize some of users’ data according to their classification authority to mitigate users’ information leakage.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Barnes, S.B.: A privacy paradox: social networking in the United States. First Monday 11(9), 4 September 2006
Arrington, M.: Facebook Launches Facebook Platform; they are the Anti-Myspace. http://techcrunch.com/2007/05/24/facebook-launches-facebook-platform-they-are-the-anti-myspace/
Felt, A., Evans, D.: Privacy protection for social networking APIs. In: Proceeding of Workshop on Web 2.0 Security and Privacy (W2SP 2008) (2008)
Bonneau, J., Anderson, J., Church, L.: Privacy suites: shared privacy for social networks. In: Proceedings of the 5th Symposium on Usable Privacy and Security, SOUPS 2009. ACM (2009)
Chaabane, A., Ding, Y., Dey, R., Kaafar, M.A., Ross, K.: A closer look at third-party OSN applications: are they leaking your personal information? In: Passive and Active Measurement Conference: (PAM 2014), Los Angeles, United States, pp. 235–246 (2014)
Rahman, Md.S., Huang, TK., Madhyastha, H.V., Faloutsos, M.: FRAppE: detecting malicious facebook applications. In: Proceedings of the 8th International Conference on Emerging Networking Experiments and Technologies, CoNEXT 2012, pp. 313–324 (2012)
Cheng, Y., Park, J., Sandhu, R.: Preserving user privacy from third-party applications in online social networks. In: The International World Wide Web Conference Committee (IW3C2). WWW 2013 Companion, Rio de Janeiro, Brazil (2013)
Symeonidis, I., Tsormpatzoudi, P., Preneel, B.: Collateral damage of Facebook Apps: an enhanced privacy scoring model. International Association for Cryptologic Research (2016)
Egele, M., Moser, A., Kruegel, Ch., Kirda, E.: PoX: Protecting Users from Malicious Facebook Applications. Comput. Commun. 35(12), 1507–1515 (2012)
Beye, M., Jeckmans, A., Erkin, Z., Hartel, P., Lagendijk, R., Tang, Q.: Privacy in online social networks. In: Computational Social Networks: Security and Privacy, London, pp. 87–113 (2012)
Wang, N., Xu, H., Grossklags, J.: Third-party apps on facebook: privacy and the illusion of control. In: ACM CHIMIT 2011, Boston, MA, USA, 4 December 2011
Facebook. Facebook privacy settings and 3rd parties. http://www.ftc.gov/enforcement/cases-proceedings/092-3184/facebook-inc. Accessed 08 Feb 2015
McCarthy, C.: Understanding what Facebook apps really know (FAQ) (2010). http://cnet.co/1k85Fys
Facebook application center. https://www.facebook.com/appcenter. Accessed 13 Dec 2014
Jones, M., Hardt, D., Recordon, D.: The OAuth 2.0 Authorization Protocol: Bearer Tokens. draft-ietf-oauth-v2-bearer-12, 27 October 2011
Besmer, A., Lipford, H.R.: Users’ (Mis) conceptions of social applications. In: Proceeding of Graphics Interface (GI 2010), Canadian Information Processing Society, pp. 63–70 (2010)
Huber, M., Mulazzani, M., Schrittwieser, S., Weippl, E.: AppInspect large-scale evaluation of social apps. In: Proceedings of the First ACM Conference on Online Social Networks (COSN 2013), pp. 143–154 (2013)
Patil, T.R., Sherekar, S.S.: Performance analysis of Naive Bayes and J48 classification algorithm for data classification. Int. J. Comput. Sci. Appl. 6(2), 256–261 (2013)
Chambers, M., Dinsmore, T.H.W.: Predictive Analytics Techniques. Financial Times Press, New Jersey (2014)
Acknowledgments
This study is funded by Research University Grant (RUG) from university of technology Malaysia (UTM), grant number Q.K130000.2538.09H32.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kavianpour, S., Ismail, Z., Shanmugam, B. (2017). Classification of Third-Party Applications on Facebook to Mitigate Users’ Information Leakage. In: Rocha, Á., Correia, A., Adeli, H., Reis, L., Costanzo, S. (eds) Recent Advances in Information Systems and Technologies. WorldCIST 2017. Advances in Intelligent Systems and Computing, vol 569. Springer, Cham. https://doi.org/10.1007/978-3-319-56535-4_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-56535-4_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-56534-7
Online ISBN: 978-3-319-56535-4
eBook Packages: EngineeringEngineering (R0)