Advertisement

Threats Against Information Privacy and Security in Social Networks: A Review

  • Ahmed Al-CharchafchiEmail author
  • Selvakumar Manickam
  • Zakaria N. M. Alqattan
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1132)

Abstract

This review paper is an attempt to cover the arising threats against information privacy and security in the attractive Social Network environment that represents a rich mine of user personal data. First, the paper discusses the information privacy, while many researches have been found in the relevant literature with respect to privacy in Social Networks, more efforts are needed especially on data leakages that happen to each entity including Social Network users, service providers, third and external parties, and how data linkages can produce useful information to these parties. Second, the paper discusses the information security focusing on the social engineering threats, while many efforts have been found in the relevant literature with respect to social engineering in the Internet in general, only few attempts cover the topic in the Social Network environment. In this paper, threats of fake accounts, identity theft, and spear phishing are discussed specifically in the Social Networks. Furthermore, the paper presents the roles of Social Network users and service providers to protect information privacy and prevent threats against information security. This review paper is an attempt to become a guideline to current information privacy and security threats in Social Network environment, and to pave the way for the researchers to investigate more solutions for these threats in future works.

Keywords

Social Network Social Media Privacy Security Data leakage Data linkage Social engineering Fake account Identity theft Spear phishing 

References

  1. 1.
    Hootsuite: We Are Social - Digital report. https://wearesocial.com/es/digital-2019-espana
  2. 2.
    Kizza, J.M.: Ethical and Secure Computing, pp. 229–257 (2019).  https://doi.org/10.1007/978-3-030-03937-0CrossRefGoogle Scholar
  3. 3.
    Kayes, I., Iamnitchi, A.: Privacy and security in online social networks: a survey. Online Soc. Netw. Med. 3–4, 1–21 (2017).  https://doi.org/10.1016/j.osnem.2017.09.001CrossRefGoogle Scholar
  4. 4.
    Krombholz, K., Hobel, H., Huber, M., Weippl, E.: Advanced social engineering attacks. J. Inf. Secur. Appl. 22, 113–122 (2015).  https://doi.org/10.1016/j.jisa.2014.09.005CrossRefGoogle Scholar
  5. 5.
    Heidemann, J., Klier, M., Probst, F.: Online social networks: a survey of a global phenomenon. Comput. Netw. 56, 3866–3878 (2012).  https://doi.org/10.1016/j.comnet.2012.08.009CrossRefGoogle Scholar
  6. 6.
    Heravi, A.: Privacy attitudes and behaviours in online social networking (2017). https://trove.nla.gov.au/version/253863687
  7. 7.
    Boyd, D.M., Ellison, N.B.: Social network sites: definition, history, and scholarship. J. Comput.-Mediated Commun. 13, 210–230 (2008).  https://doi.org/10.1111/j.1083-6101.2007.00393.xCrossRefGoogle Scholar
  8. 8.
    Salehan, M., Negahban, A.: Computers in human behavior social networking on smartphones: when mobile phones become addictive. Comput. Hum. Behav. 29, 2632–2639 (2013)CrossRefGoogle Scholar
  9. 9.
    Adewole, K.S., Anuar, N.B., Kamsin, A., Varathan, K.D., Razak, S.A.: Malicious accounts: dark of the social networks. J. Netw. Comput. Appl. 79, 41–67 (2017).  https://doi.org/10.1016/j.jnca.2016.11.030CrossRefGoogle Scholar
  10. 10.
    Kumari, P.: Requirements analysis for privacy in social networks. In: 8th International Workshop for Technical, Economic and Legal Aspects of Business Models for Virtual Goods (2010)Google Scholar
  11. 11.
    Novak, E., Li, Q.: A survey of security and privacy in online social networks. College of William and Mary Computer Science Technical report, vol. X, pp. 1–32 (2012)Google Scholar
  12. 12.
    Fire, M., Goldschmidt, R., Elovici, Y.: Online social networks: threats and solutions. IEEE Commun. Surv. Tutorials 16, 2019–2036 (2014).  https://doi.org/10.1109/COMST.2014.2321628CrossRefGoogle Scholar
  13. 13.
    Deliri, S., Albanese, M.: Data Management in Pervasive Systems, pp. 195–209. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-319-20062-0CrossRefGoogle Scholar
  14. 14.
    Pham, V.V.H., Yu, S., Sood, K., Cui, L.: Privacy issues in social networks and analysis: a comprehensive survey. IET Netw. 7, 74–84 (2017).  https://doi.org/10.1049/iet-net.2017.0137CrossRefGoogle Scholar
  15. 15.
    Rathore, S., Sharma, P.K., Loia, V., Jeong, Y.S., Park, J.H.: Social network security: issues, challenges, threats, and solutions. Inf. Sci. 421, 43–69 (2017).  https://doi.org/10.1016/j.ins.2017.08.063CrossRefGoogle Scholar
  16. 16.
    Ali, S., Islam, N., Rauf, A., Din, I.U., Guizani, M., Rodrigues, J.J.P.C.: Privacy and security issues in online social networks. Future Internet 10, 114 (2018).  https://doi.org/10.3390/fi10120114CrossRefGoogle Scholar
  17. 17.
    Sahoo, S.R., Gupta, B.B.: Classification of various attacks and their defence mechanism in online social networks: a survey. Enterp. Inf. Syst. 00, 1–33 (2019).  https://doi.org/10.1080/17517575.2019.1605542CrossRefGoogle Scholar
  18. 18.
    Krishnamurthy, B., Wills, C.E.: On the leakage of personally identifiable information via online social networks. In: ACM SIGCOMM Computer Communication Review, p. 112. ACM (2012)CrossRefGoogle Scholar
  19. 19.
    Schneier, B.: A taxonomy of social networking data. IEEE Secur. Priv. 8, 88 (2010).  https://doi.org/10.1109/MSP.2010.118CrossRefGoogle Scholar
  20. 20.
    Islam, M.B., Watson, J., Iannella, R., Geva, S.: A greater understanding of social networks privacy requirements: the user perspective. J. Inf. Secur. Appl. 33, 30–44 (2017).  https://doi.org/10.1016/j.jisa.2017.01.004CrossRefGoogle Scholar
  21. 21.
    Öğütçü, G., Testik, Ö.M., Chouseinoglou, O.: Analysis of personal information security behavior and awareness (2016).  https://doi.org/10.1016/j.cose.2015.10.002CrossRefGoogle Scholar
  22. 22.
    Obar, J.A., Oeldorf-Hirsch, A.: The biggest lie on the Internet: ignoring the privacy policies and terms of service policies of social networking services. Inf. Commun. Soc. 1–20 (2018).  https://doi.org/10.1080/1369118x.2018.1486870CrossRefGoogle Scholar
  23. 23.
    Kavianpour, S., Ismail, Z., Shanmugam, B.: Classification of third-party applications on Facebook to mitigate users’ information leakage. Adv. Intell. Syst. Comput. 569, 144–154 (2017).  https://doi.org/10.1007/978-3-319-56535-4_15CrossRefGoogle Scholar
  24. 24.
    Tian, Y.: Privacy Preserving Information Sharing in Modern and Emerging Platforms (2018).  https://doi.org/10.1184/R1/6721127.v1
  25. 25.
    Lipschultz, J.H.: Social Media Communication: Concepts, Practices, Data, Law and Ethics. Routledge, Abingdon (2017)CrossRefGoogle Scholar
  26. 26.
    Statista: Facebook: annual revenue 2018| Statistic. https://www.statista.com/statistics/268604/annual-revenue-of-facebook/
  27. 27.
    Whitaker, C., Stevelink, S., Fear, N.: The use of Facebook in recruiting participants for health research purposes: a systematic review. J. Med. Internet Res. 19 (2017).  https://doi.org/10.2196/jmir.7071CrossRefGoogle Scholar
  28. 28.
    Williams, M.L., Burnap, P., Sloan, L.: Crime sensing with big data: the affordances and limitations of using open-source communications to estimate crime patterns. Br. J. Criminol. 57, 320–340 (2017).  https://doi.org/10.1093/bjc/azw031CrossRefGoogle Scholar
  29. 29.
    Williams, M.L., Burnap, P., Sloan, L.: Towards an ethical framework for publishing Twitter data in social research: taking into account users’ views. Online Context Algorithmic Estimation Sociol. 51, 1149–1168 (2017).  https://doi.org/10.1177/0038038517708140CrossRefGoogle Scholar
  30. 30.
    Goga, O., Perito, D., Lei, H., Teixeira, R., Sommer, R., Tr‐13‐002, Open image in new window ɣ: Large‐scale Correlation of Accounts Across Social Networks. (2013)Google Scholar
  31. 31.
    Shu, K., Wang, S., Tang, J., Zafarani, R., Liu, H.: User identity linkage across online social networks. ACM SIGKDD Explor. Newsl. 18, 5–17 (2017).  https://doi.org/10.1145/3068777.3068781CrossRefGoogle Scholar
  32. 32.
    Pew Research Center: Social Media Use 2018: Demographics and Statistics. https://www.pewinternet.org/2018/03/01/social-media-use-in-2018/
  33. 33.
    Beilinson, J.: Facebook Data May Have Been Illicitly Used for Politics, and It Started With a Quiz - Consumer Reports. https://www.consumerreports.org/privacy/facebook-data-illicitly-collected-for-politics-and-what-it-means-for-privacy/
  34. 34.
    Isaak, J., Hanna, M.J.: User data privacy: Facebook, Cambridge analytica, and privacy protection. Computer 51, 56–59 (2018).  https://doi.org/10.1109/MC.2018.3191268CrossRefGoogle Scholar
  35. 35.
    Abawajy, J.H., Ninggal, M.I.H., Herawan, T.: Privacy preserving social network data publication. IEEE Commun. Surv. Tutorials 18, 1974–1997 (2016).  https://doi.org/10.1109/COMST.2016.2533668CrossRefGoogle Scholar
  36. 36.
    Cross, M.: Social Media Security. Syngress (2014)Google Scholar
  37. 37.
    Albladi, S.M., Weir, G.R.S.: User characteristics that influence judgment of social engineering attacks in social networks. Hum.-Centric Comput. Inf. Sci. 8, 5 (2018).  https://doi.org/10.1186/s13673-018-0128-7CrossRefGoogle Scholar
  38. 38.
    Al-Qurishi, M., Al-Rakhami, M., Alamri, A., AlRubaian, M., Rahman, S.M.M., Hossain, M.S.: Sybil defense techniques in online social networks: a survey. IEEE Access 5, 1200–1219 (2017).  https://doi.org/10.1109/ACCESS.2017.2656635CrossRefGoogle Scholar
  39. 39.
    Apte, M., Palshikar, G.K., Baskaran, S.: Frauds in Online Social Networks: A Review, pp. 1–18 (2018).  https://doi.org/10.1007/978-3-319-78256-0_1Google Scholar
  40. 40.
    Ferrara, E., Varol, O., Davis, C., Menczer, F., Flammini, A.: The rise of social bots. Commun. ACM. 59, 96–104 (2014).  https://doi.org/10.1145/2818717CrossRefGoogle Scholar
  41. 41.
    Rosen, G.: Facebook Publishes Enforcement Numbers for the First Time. https://newsroom.fb.com/news/2018/05/enforcement-numbers/
  42. 42.
    Li, F., Mittal, P., Caesar, M., Borisov, N.: SybilControl, vol. 67 (2012).  https://doi.org/10.1145/2382536.2382548
  43. 43.
    Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All your contacts are belong to us, vol. 551 (2009).  https://doi.org/10.1145/1526709.1526784
  44. 44.
    Egele, M., Stringhini, G., Kruegel, C., Vigna, G.: Towards detecting compromised accounts on social networks. IEEE Trans. Dependable Secur. Comput. 14, 447–460 (2017).  https://doi.org/10.1109/TDSC.2015.2479616CrossRefGoogle Scholar
  45. 45.
    Ruan, X., Wu, Z., Wang, H., Jajodia, S.: Profiling online social behaviors for compromised account detection. IEEE Trans. Inf. Forensics Secur. 11, 176–187 (2016).  https://doi.org/10.1109/TIFS.2015.2482465CrossRefGoogle Scholar
  46. 46.
    Hong, J.: The state of phishing attacks. Commun. ACM 55, 74 (2012).  https://doi.org/10.1145/2063176.2063197CrossRefGoogle Scholar
  47. 47.
    Thomas, J.E.: Individual cyber security: empowering employees to resist spear phishing to prevent identity theft and ransomware attacks. Int. J. Bus. Manag. 13, 1 (2018).  https://doi.org/10.5539/ijbm.v13n6p1CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  1. 1.National Advanced IPv6 Centre (NAv6)Universiti Sains Malaysia (USM)PenangMalaysia

Personalised recommendations