Social Networking Sites Security: Quo Vadis

Social networking sites have been studied extensively within the past five years, especially in the area of information security. Within this paper we discuss these emerging web services both regarding possible attack vectors as well as defense strategies. Our results suggest that a gap between attack and defense strategies exists. Furthermore we found that research focuses mainly on Facebook, while scant attention is paid to other social networking sites.

[1]  Saikat Guha,et al.  NOYB: privacy in online social networks , 2008, WOSN '08.

[2]  Bobby Bhattacharjee,et al.  Persona: an online social network with user-defined privacy , 2009, SIGCOMM '09.

[3]  Christopher Krügel,et al.  Abusing Social Networks for Automated User Profiling , 2010, RAID.

[4]  Sonia Livingstone,et al.  Taking risky opportunities in youthful content creation: teenagers' use of social networking sites for intimacy, privacy and self-expression , 2008, New Media Soc..

[5]  D. Boyd Why Youth (Heart) Social Network Sites: The Role of Networked Publics in Teenage Social Life , 2007 .

[6]  Sonja Buchegger,et al.  PeerSoN: P2P social networking: early experiences and insights , 2009, SNS '09.

[7]  Minas Gjoka,et al.  A Walk in Facebook: Uniform Sampling of Users in Online Social Networks , 2009, ArXiv.

[8]  Alec Wolman,et al.  Lockr: better privacy for social networks , 2009, CoNEXT '09.

[9]  George Danezis,et al.  Prying Data out of a Social Network , 2009, 2009 International Conference on Advances in Social Network Analysis and Mining.

[10]  Edgar R. Weippl,et al.  Who on Earth Is "Mr. Cypher": Automated Friend Injection Attacks on Social Networking Sites , 2010, SEC.

[11]  Stewart Kowalski,et al.  Towards Automating Social Engineering Using Social Networking Sites , 2009, 2009 International Conference on Computational Science and Engineering.

[12]  Ravi Kumar,et al.  Structure and evolution of online social networks , 2006, KDD '06.

[13]  Frank Stajano,et al.  Eight friends are enough: social graph approximation via public listings , 2009, SNS '09.

[14]  Leyla Bilge,et al.  All your contacts are belong to us: automated identity theft attacks on social networks , 2009, WWW '09.

[15]  Nikita Borisov,et al.  flyByNight: mitigating the privacy risks of social networking , 2009, SOUPS.

[16]  Seungyeop Han,et al.  Analysis of topological characteristics of huge online social networking services , 2007, WWW '07.

[17]  Kevin Borders,et al.  Social networks and context-aware spam , 2008, CSCW.

[18]  Krishna P. Gummadi,et al.  Measurement and analysis of online social networks , 2007, IMC '07.

[19]  A. Felt Privacy Protection for Social Networking APIs , 2008 .

[20]  Bernardo A. Huberman,et al.  Rhythms of social interaction: messaging within a massive online network , 2006, ArXiv.

[21]  Catherine Dwyer,et al.  Digital Relationships in the "MySpace" Generation: Results From a Qualitative Study , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[22]  Scott A. Golder,et al.  Security Issues and Recommendations for Online Social Networks. , 2007 .

[23]  Qi Xie,et al.  FaceCloak: An Architecture for User Privacy on Social Networking Sites , 2009, 2009 International Conference on Computational Science and Engineering.

[24]  Danah Boyd,et al.  Social network sites: definition, history, and scholarship , 2007, IEEE Engineering Management Review.