Privacy and Security Issues in Online Social Networks

Authors: Shaukat Ali, Naveed Islam, Azhar Rauf, Ikram Ud Din, Mohsen Guizani, Joel J. P. C. RodriguesAffiliations: Various institutions in Pakistan, Qatar, and BrazilReceived: September 29, 2018Accepted: November 21, 2018Published: November 22, 2018

Abstract

Online Social Networks (OSN) have transformed the landscape of user engagement, shifting individuals from passive readers to proactive content contributors. These platforms facilitate seamless information sharing, self-expression, and community interaction, creating virtual spaces where users can connect over common interests. However, as users increasingly share personal data, privacy and security issues emerge, especially concerning the potential misuse of this information. The paper discusses prevalent security and privacy challenges faced by OSN users and offers concrete protective measures to enhance user safety.

Introduction

Social Media Overview

Functional Role:Social networks serve as crucial conduits for communication between data owners and users, effectively forming virtual communities that share common interests and engage in dialogue.Definitions:

• Social Network: A graph that models the relationships among users and their activities within a digital ecosystem.

• OSN: Online platforms dedicated to establishing user connections based on shared interests, such as Facebook, Twitter, LinkedIn, etc.

Features of OSNs

OSNs are internet-based platforms accessible through cloud storage, allowing global connectivity. Users must create public profiles to engage meaningfully with the community. All content is user-generated, leading to a unique challenge where personal data is often exploited for commercial gain by advertisers, third-party applications, or even cybercriminals.

Privacy and Security Threats

User-Generated Content

Users often share a plethora of personal information on OSNs, including names, locations, preferences, and private photographs, which raises significant privacy concerns.

Sensitive Data Risks

OSNs collect a range of data types, which can reveal personal interests, ideological beliefs, and even behavioral patterns, resulting in privacy challenges. The perception of privacy may vary significantly depending on contextual factors, such as the type of platform and the nature of user interactions.

Privacy Definition:The right to restrict the disclosure of personal information or limit its sharing.

Classification of Threats

Classic Threats:

1. Malware:

   • Malicious software designed to hijack user data and compromise system integrity, exemplified by threats like the Koobface botnet, which targeted social networking sites.

2. Phishing Attacks:

   • Fraudulent attempts to acquire sensitive personal data through deceptive communication, often posing as legitimate entities to lure victims.

3. Spam Attacks:

   • Unsolicited communications, primarily in the form of unwanted messages aimed at promoting scams or phishing, tend to be more widespread on OSNs compared to traditional email communication.

4. Cross-Site Scripting (XSS):

   • A security vulnerability allowing attackers to execute arbitrary scripts in a user's browser, potentially compromising user data and session cookies.

Modern Threats:

1. Clickjacking:

   • A technique that tricks users into clicking on something different from what they perceive, often leading to interactions with spam or malicious content.

2. De-anonymization:

   • The process of linking anonymous data to identifiable information, violating user privacy through aggregated data.

3. Fake Profiles:

   • Illusory accounts created to mislead users, often utilized for data harvesting or deceptive interactions.

4. Identity Clone Attacks:

   • The theft of personal credentials to impersonate the victim, enabling illicit access to personal and professional networks.

5. Inference Attacks:

   • Attacks aimed at deducing undisclosed user attributes based on publicly available shared data, leading to intrusive profiling.

6. Information Leakage:

   • Instances of excessive sharing of personal or sensitive information, often resulting in negative social or professional repercussions.

7. Location Leakage:

   • Geographical details shared by users, which can attract opportunistic attackers by revealing real-time user whereabouts.

8. Cyberstalking:

   • Ongoing harassment or stalking via digital platforms, often leveraging OSN features for continued intimidation.

9. User Profiling:

   • The analysis of user behavior for targeted advertisements or unwanted solicitations, leading to greater invasion of privacy.

10. Surveillance:

    • The close monitoring of user activities on social media, which can substantially affect personal privacy and data security.

Survey Results & Discussion

Traveling deeper into user experiences and behaviors, a survey conducted among bachelor students highlighted the realities of OSN privacy management.

Key Findings:

• 23% of respondents expressed that they share personal information without any caution.

• 43% reported not customizing their privacy settings, exposing themselves to risks.

• A significant number of users were unaware of existing privacy settings or chose to skip reading the terms of service entirely.

• 42% do not regularly change their passwords, increasing vulnerability to account compromise.

Recommendations

To mitigate privacy and security threats, this paper outlines the following key practices for users:

1. Customize Privacy Settings:

   • Users should actively engage with their privacy controls for better protection of their information.

2. Limit Sharing of Personal Information:

   • Encourage the reduction of unnecessary personal disclosures on public profiles.

3. Location Information Awareness:

   • Users should refrain from sharing real-time location data to minimize attack vectors.

4. Install Antivirus Software:

   • Utilize security solutions to protect against malware and other threats.

5. Monitor Third-Party Applications:

   • Regular reviews of access permissions for third-party apps can help in identifying and removing potentially harmful access points.

Conclusion

Despite the integral role OSNs play in modern communication, the looming privacy and security concerns necessitate heightened awareness among users. Implementation of the recommended strategies is essential to safeguarding personal information and ensuring a safer online experience within the OSN environment.