1

SOCIAL NETWORK PRIVACY & SECURITY

2

SOCIAL NETWORKS Personal Social Networks Status Update Social Networks Location Social Networks Content Sharing Social Networks Shared Interest Social Networks

3

SOCIAL NETWORK GROWTH

4

SOCIAL NETWORK GROWTH

5

PRIVACY AND SECURITYInfluencing factors in selecting a social network • Ease of use• Friends use it• Privacy• Security

6

SOCIAL NETWORK PRIVACY Shared Information

Profile dataGraph DataActivity Data

Third party application access Poor implementation Lack of awareness

7

SOCIAL NETWORK SECURITY

8

SECURITY THREATS

1.Identity Theft Issues

- Profile CloningExisting Profile CloningCross site Profile Cloning

- Social Phishing

9

SECURITY THREATS2. Spam Issues- Spam attack on social networking sites- Email based spam attack on social network users

Broadcast spamContext-aware spam

- Http session hijacking

10

HTTP SESSION HIJACKING

11

SECURITY THREATS3.Malware IssuesSpreading malware across social networks

- Fake accounts/ profiles- Social network API- Driven by download attack- Shortened and hidden links- Cross-Site scripting attack

12

TWITTER

13

PRIVACY & SECURITY IN TWITTER

Threats percentage-pose on social networks (Sophos 2010 Security Threat Report)

14

PRIVACY & SECURITY IN TWITTER Customize user profile data Link previews Private messaging HTTPS secured Twitter browsing

15

TWITTER SECURITY 2013 250,000 users Limited user information

User namesEmail AddressesSessions tokensEncrypted versions of passwords

16

REFERENCES [1] Wajeb Gharibi, Maha Shaabi, “Cyber Threats in Social Websites”, College of

Computer Science & Information Systems Jazan University, Kingdom of Saudi Arabia

[2] Joseph Bonneau, “Security & Privacy in Online Social Networks” University of Cambridge, Computer Laboratory

[3] William F. Pelgrin, “Security and Privacy on Social Networking Sites”, Multi-State Information Sharing & Analysis Center (MS-ISAC) Monthly Security Tips NEWSLETTER, March 2010

[4] Dr. Paul Judge, Chief Research Officer, “2011 Social Networking Security and Privacy Study”, Barracuda Networks Inc.

[5] George Danezis, “Inferring Privacy Policies for Social Networking Services” Microsoft Research, Cambridge,

[6] Dolvara Gunatilaka, “A Survey of Privacy and Security Issues in Social Networks” (http://www.cse.wustl.edu)

[7] Aaron Beach, Mike Gartrell, Richard Han “Solutions to Security and Privacy Issues in Mobile Social Networking” University of Colorado at Boulder

[8] Catherine Dwyer; Pace University, Starr Roxanne Hiltz ;New Jersey Institute of Technology, Katia Passerini ;New Jersey Institute of Technology, “Trust and privacy concern within social networking sites: A comparison of Facebook and MySpace”

[9] “Social Networks Overview: Current Trends and Research Challenges”, Coordinated by the “nextMEDIA” CSA. Supported by the Future Media Networks cluster. NEXT-Media is supported by FP7, DG Information Society, Unit D2 Networked Media

17

Thank You