Security and Privacy Issues in Social Networks
Online social networks (OSNs) have become extremely popular in recent years, and their widespread adoption has led to the presence of huge volumes of users’ personal information on the Internet. The ever-increasing number of social networks’ users on one hand and the massive amount of information being shared daily on the other hand have encouraged attackers to develop and use different techniques to collect and analyze such information for a number of malicious purposes, including spear-phishing attacks and identity theft. Clearly, this trend represents a significant challenge for both users and administrators. In fact, the widespread adoption of OSNs has raised a wide range of security and privacy concerns, which have not been fully addressed yet. In many cases, users are not even aware of the disclosure of their personal information through their profiles. Leakage of a user’s private information can happen in different ways. In this chapter, we discuss the main security and privacy issues associated with online social networks and investigate some attack models used to reveal a user’s private information. We also discuss different strategies and regulations that can prevent disclosure of private information through OSNs.
Unable to display preview. Download preview PDF.
- 1.Ashford, W.: RSA discloses phishing-attack data breach details. Online at http://www.computerweekly.com/news/1280095593/RSA-discloses-phishing-attack-data-breach-details (2011)
- 2.Benevenuto, F., Rodrigues, T., Almeida, V., Almeida, J., Zhang, C., Ross, K.: Identifying video spammers in online social networks. In: Proceedings of the 4th International Workshop on Adversarial Information Retrieval on the Web, pp. 45–52 (2008)Google Scholar
- 3.Brenner, J., Smith, A.: 72% of online adults are social networking site users. Online at http://www.pewinternet.org/ (2013)
- 5.Dhamija, R., Tygar, J.D.: The battle against phishing: dynamic security skins. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS 2005), Pittsburgh, pp. 77–88 (2005)Google Scholar
- 6.Faghani, M.R., Saidi, H.: Malware propagation in online social networks. In: Proceedings of the 4th International Conference on Malicious and Unwanted Software (MALWARE 2009), Montreal, pp. 8–14 (2009)Google Scholar
- 8.Gross, R., Acquisti, A.: Information revelation and privacy in online social networks. In: Proceedings of the 2005 ACM workshop on Privacy in the electronic society, pp. 71–80, (2005)Google Scholar
- 10.Irani, D., Balduzzi, M., Balzarotti, D., Kirda, E., Pu, C.: Reverse social engineering attacks in online social networks. In: Detection of Intrusions and Malware, and Vulnerability Assessment. Lecture Notes in Computer Science, vol. 6739, pp. 55–74. Springer, New York (2011)Google Scholar
- 11.Jin, L., Long, X., Takabi, H., Joshi, J.B.: Sybil attacks vs identity clone attacks in online social networks. In: Proceedings of the 6th International Conference on Information Security and Assurance (ISA 2012), Shanghai, pp. 125–127 (2012)Google Scholar
- 12.Mislove, A., Marcon, M., Gummadi, K.P., Druschel, P., Bhattacharjee, B.: Measurement and analysis of online social networks. In: Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement, pp. 29–42 (2007)Google Scholar
- 13.Potharaju, R., Carbunar, B., Nita-Rotaru, C.: 3-clique attacks in online social networks. Tech. Rep. CERIAS TR 2011-08, Purdue University (2011)Google Scholar
- 14.Statista - The Statistic Portal: Number of monthly active Facebook users worldwide. Online at http://www.statista.com/statistics/264810/number-of-monthly-active-facebook-users-worldwide/ (2014). Accessed April 2014
- 15.TrendLabs APT Research Team: Spear-phishing email: most favored APT attack bait. Online at http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-spear-phishing-email-most-favored-apt-attack-bait.pdf (2012)
- 16.Viswanath, B., Post, A., Gummadi, K.P., Mislove, A.: An analysis of social network-based sybil defenses. ACM SIGCOMM Comput. Commun. Rev. 41(4), 363–374 (2011)Google Scholar