social network privacy & security
TRANSCRIPT
1
SOCIAL NETWORK PRIVACY & SECURITY
2
SOCIAL NETWORKS Personal Social Networks Status Update Social Networks Location Social Networks Content Sharing Social Networks Shared Interest Social Networks
3
SOCIAL NETWORK GROWTH
4
SOCIAL NETWORK GROWTH
5
PRIVACY AND SECURITYInfluencing factors in selecting a social network • Ease of use• Friends use it• Privacy• Security
6
SOCIAL NETWORK PRIVACY Shared Information
Profile dataGraph DataActivity Data
Third party application access Poor implementation Lack of awareness
7
SOCIAL NETWORK SECURITY
8
SECURITY THREATS
1.Identity Theft Issues
- Profile CloningExisting Profile CloningCross site Profile Cloning
- Social Phishing
9
SECURITY THREATS2. Spam Issues- Spam attack on social networking sites- Email based spam attack on social network users
Broadcast spamContext-aware spam
- Http session hijacking
10
HTTP SESSION HIJACKING
11
SECURITY THREATS3.Malware IssuesSpreading malware across social networks
- Fake accounts/ profiles- Social network API- Driven by download attack- Shortened and hidden links- Cross-Site scripting attack
12
13
PRIVACY & SECURITY IN TWITTER
Threats percentage-pose on social networks (Sophos 2010 Security Threat Report)
14
PRIVACY & SECURITY IN TWITTER Customize user profile data Link previews Private messaging HTTPS secured Twitter browsing
15
TWITTER SECURITY 2013 250,000 users Limited user information
User namesEmail AddressesSessions tokensEncrypted versions of passwords
16
REFERENCES [1] Wajeb Gharibi, Maha Shaabi, “Cyber Threats in Social Websites”, College of
Computer Science & Information Systems Jazan University, Kingdom of Saudi Arabia
[2] Joseph Bonneau, “Security & Privacy in Online Social Networks” University of Cambridge, Computer Laboratory
[3] William F. Pelgrin, “Security and Privacy on Social Networking Sites”, Multi-State Information Sharing & Analysis Center (MS-ISAC) Monthly Security Tips NEWSLETTER, March 2010
[4] Dr. Paul Judge, Chief Research Officer, “2011 Social Networking Security and Privacy Study”, Barracuda Networks Inc.
[5] George Danezis, “Inferring Privacy Policies for Social Networking Services” Microsoft Research, Cambridge,
[6] Dolvara Gunatilaka, “A Survey of Privacy and Security Issues in Social Networks” (http://www.cse.wustl.edu)
[7] Aaron Beach, Mike Gartrell, Richard Han “Solutions to Security and Privacy Issues in Mobile Social Networking” University of Colorado at Boulder
[8] Catherine Dwyer; Pace University, Starr Roxanne Hiltz ;New Jersey Institute of Technology, Katia Passerini ;New Jersey Institute of Technology, “Trust and privacy concern within social networking sites: A comparison of Facebook and MySpace”
[9] “Social Networks Overview: Current Trends and Research Challenges”, Coordinated by the “nextMEDIA” CSA. Supported by the Future Media Networks cluster. NEXT-Media is supported by FP7, DG Information Society, Unit D2 Networked Media
17
Thank You