Social network security: Issues, challenges, threats, and solutions

Abstract Social networks are very popular in today's world. Millions of people use various forms of social networks as they allow individuals to connect with friends and family, and share private information. However, issues related to maintaining the privacy and security of a user's information can occur, especially when the user's uploaded content is multimedia, such as photos, videos, and audios. Uploaded multimedia content carries information that can be transmitted virally and almost instantaneously within a social networking site and beyond. In this paper, we present a comprehensive survey of different security and privacy threats that target every user of social networking sites. In addition, we separately focus on various threats that arise due to the sharing of multimedia content within a social networking site. We also discuss current state-of- the-art defense solutions that can protect social network users from these threats. We then present future direction and discuss some easy-to-apply response techniques to achieve the goal of a trustworthy and secure social network ecosystem.

[1]  R. Anitha,et al.  A multi-feature approach to detect Stegobot: a covert multimedia social network botnet , 2017, Multimedia Tools and Applications.

[2]  Jong Kim,et al.  WarningBird: A Near Real-Time Detection System for Suspicious URLs in Twitter Stream , 2013, IEEE Transactions on Dependable and Secure Computing.

[3]  Yuval Elovici,et al.  CoBAn: A context based model for data leakage prevention , 2014, Inf. Sci..

[4]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[5]  Serena Villata,et al.  A Social Semantic Web Access Control Model , 2012, Journal on Data Semantics.

[6]  Zhonghai Wu,et al.  Securing data services: a security architecture design for private storage cloud based on HDFS , 2013, Int. J. Grid Util. Comput..

[7]  Josep Domingo-Ferrer,et al.  Rational enforcement of digital oblivion , 2011, PAIS '11.

[8]  Jian Cao,et al.  Detection of Forwarding-Based Malicious URLs in Online Social Networks , 2016, International Journal of Parallel Programming.

[9]  Christopher Bronk,et al.  Exploiting military OpSec through open-source vulnerabilities , 2015, MILCOM 2015 - 2015 IEEE Military Communications Conference.

[10]  Guanhua Yan,et al.  Malware propagation in online social networks: nature, dynamics, and defense implications , 2011, ASIACCS '11.

[11]  Yao Lu,et al.  Detecting “Smart” Spammers on Social Network: A Topic Model Approach , 2016, NAACL.

[12]  Hyunggon Park,et al.  Video streaming over P2P networks: Challenges and opportunities , 2012, Signal Process. Image Commun..

[13]  Juan Carlos Augusto,et al.  Flexible context aware interface for ambient assisted living , 2014, Human-centric Computing and Information Sciences.

[14]  Seong-Jun Lee,et al.  An exploratory study on the core spectrum for mobile telecommunication , 2014 .

[15]  Benjamin Greschbach,et al.  The devil is in the metadata — New privacy challenges in Decentralised Online Social Networks , 2012, 2012 IEEE International Conference on Pervasive Computing and Communications Workshops.

[16]  Lior Rokach,et al.  Entity Matching in Online Social Networks , 2013, 2013 International Conference on Social Computing.

[17]  Constantinos Patsakis,et al.  Distributing privacy policies over multimedia content across multiple online social networks , 2014, Comput. Networks.

[18]  Rami Puzis,et al.  Organization Mining Using Online Social Networks , 2013, Networks and Spatial Economics.

[19]  Jie Wu,et al.  Dynamic access policy in cloud-based personal health record (PHR) systems , 2017, Inf. Sci..

[20]  Markus Dürmuth,et al.  Timed revocation of user data: long expiration times from existing infrastructure , 2012, WPES '12.

[21]  Chong-kwon Kim,et al.  PSD: Practical Sybil detection schemes using stickiness and persistence in online recommender systems , 2014, Inf. Sci..

[22]  Erdong Chen,et al.  Facebook immune system , 2011, SNS '11.

[23]  Krishna P. Gummadi,et al.  You are who you know: inferring user profiles in online social networks , 2010, WSDM '10.

[24]  Uyen Trang Nguyen,et al.  A study of clickjacking worm propagation in online social networks , 2014, Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014).

[25]  Sakshi Kaushal,et al.  COMPARATIVE ANALYSIS OF QUALITY METRICS FOR COMMUNITY DETECTION IN SOCIAL NETWORKS USING GENETIC ALGORITHM , 2016 .

[26]  Sotiris Ioannidis,et al.  Detecting social network profile cloning , 2011, 2011 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops).

[27]  Markus Jakobsson,et al.  Social phishing , 2007, CACM.

[28]  Ping Wang,et al.  Preserving privacy for free: Efficient and provably secure two-factor authentication scheme with user anonymity , 2015, Inf. Sci..

[29]  Michael Backes,et al.  X-pire! - A digital expiration date for images in social networks , 2011, ArXiv.

[30]  Jing Liu,et al.  An Analysis of Security in Social Networks , 2009, 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing.

[31]  Muhammad Abulaish,et al.  A generic statistical approach for spam detection in Online Social Networks , 2013, Comput. Commun..

[32]  Ali Yazdian Varjani,et al.  New rule-based phishing detection method , 2016, Expert Syst. Appl..

[33]  Cong Yan,et al.  Enhancing and identifying cloning attacks in online social networks , 2013, ICUIMC '13.

[34]  John Langford,et al.  CAPTCHA: Using Hard AI Problems for Security , 2003, EUROCRYPT.

[35]  Habib Youssef,et al.  Lightweight secure group communications for resource constrained devices , 2015, Int. J. Space Based Situated Comput..

[36]  Wei Hu,et al.  Twitter spammer detection using data stream clustering , 2014, Inf. Sci..

[37]  Arun Kumar Sangaiah,et al.  ESCAPE: Effective Scalable Clustering Approach for Parallel Execution of Continuous Position-Based Queries in Position Monitoring Applications , 2017, IEEE Transactions on Sustainable Computing.

[38]  Stan Matwin,et al.  YOURPRIVACYPROTECTOR, A recommender system for privacy settings in social networks , 2013, ArXiv.

[39]  George Danezis,et al.  SybilInfer: Detecting Sybil Nodes using Social Networks , 2009, NDSS.

[40]  Gillian Dobbie,et al.  Phishing Detection on Twitter Streams , 2016, PAKDD Workshops.

[41]  Thumrongrat Amornraksa,et al.  Image watermarking based on DWT coefficients modification for social networking services , 2013, 2013 10th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology.

[42]  Stan Matwin,et al.  Monitoring and recommending privacy settings in social networks , 2013, EDBT '13.

[43]  Athanasios V. Vasilakos,et al.  Understanding user behavior in online social networks: a survey , 2013, IEEE Communications Magazine.

[44]  Gail-Joon Ahn,et al.  Multiparty Access Control for Online Social Networks: Model and Mechanisms , 2013, IEEE Transactions on Knowledge and Data Engineering.

[45]  Ponnurangam Kumaraguru,et al.  PhishAri : Automatic Realtime Phishing Detection on Twitter Anupama Aggarwal , 2012 .

[46]  Anna Cinzia Squicciarini,et al.  Privacy policies for shared content in social network sites , 2010, The VLDB Journal.

[47]  Lakshminarayanan Subramanian,et al.  Optimal Sybil-resilient node admission control , 2011, 2011 Proceedings IEEE INFOCOM.

[48]  Alexandre Viejo,et al.  Preserving the User's Privacy in Social Networking Sites , 2013, TrustBus.

[49]  Aiman El Asam,et al.  Cyberbullying and the law: A review of psychological and legal challenges , 2016, Comput. Hum. Behav..

[50]  Christopher Krügel,et al.  A Practical Attack to De-anonymize Social Network Users , 2010, 2010 IEEE Symposium on Security and Privacy.

[51]  Wei Xu,et al.  Toward worm detection in online social networks , 2010, ACSAC '10.

[52]  Heng Xu,et al.  CoPE: Enabling collaborative privacy management in online social networks , 2011, J. Assoc. Inf. Sci. Technol..

[53]  Peng Gao,et al.  SybilFrame: A Defense-in-Depth Framework for Structure-Based Sybil Detection , 2015, ArXiv.

[54]  Christoph Sorge,et al.  A privacy-friendly architecture for future cloud computing , 2013, Int. J. Grid Util. Comput..

[55]  Marianna Diomidous,et al.  Social and Psychological Effects of the Internet Use , 2016, Acta informatica medica : AIM : journal of the Society for Medical Informatics of Bosnia & Herzegovina : casopis Drustva za medicinsku informatiku BiH.

[56]  Norberto Nuno Gomes de Andrade,et al.  "All the Better to See You with, My Dear": Facial Recognition and Privacy in Online Social Networks , 2013, IEEE Security & Privacy.

[57]  Hossein Saidi,et al.  Malware propagation in Online Social Networks , 2009, 2009 4th International Conference on Malicious and Unwanted Software (MALWARE).

[58]  Young-Sik Jeong,et al.  A survey on cloud computing security: Issues, threats, and solutions , 2016, J. Netw. Comput. Appl..

[59]  Yada Zhu,et al.  Social Phishing , 2018, Encyclopedia of Social Network Analysis and Mining. 2nd Ed..

[60]  Arun Kumar Sangaiah,et al.  CenLocShare: A centralized privacy-preserving location-sharing system for mobile online social networks , 2017, Future Gener. Comput. Syst..

[61]  Alex Hai Wang,et al.  Don't follow me: Spam detection in Twitter , 2010, 2010 International Conference on Security and Cryptography (SECRYPT).

[62]  Qun A. Li,et al.  A Survey of Security and Privacy in Online Social Networks , 2012 .

[63]  Edgar R. Weippl,et al.  Advanced social engineering attacks , 2015, J. Inf. Secur. Appl..

[64]  Kannan Ramchandran,et al.  Metadata-Conscious Anonymous Messaging , 2016, IEEE Transactions on Signal and Information Processing over Networks.

[65]  David Sánchez,et al.  Privacy-driven access control in social networks by means of automatic semantic annotation , 2016, Comput. Commun..

[66]  Jong Hyuk Park,et al.  Advanced lightweight encryption algorithms for IoT devices: survey, challenges and solutions , 2017, J. Ambient Intell. Humaniz. Comput..

[67]  José María de Fuentes,et al.  CooPeD: Co-owned Personal Data management , 2014, Comput. Secur..

[68]  Kyumin Lee,et al.  Uncovering social spammers: social honeypots + machine learning , 2010, SIGIR.

[69]  Bhavani M. Thuraisingham,et al.  Preventing Private Information Inference Attacks on Social Networks , 2013, IEEE Transactions on Knowledge and Data Engineering.

[70]  Lilian Mitrou,et al.  Which side are you on? A new Panopticon vs. privacy , 2013, 2013 International Conference on Security and Cryptography (SECRYPT).

[71]  Tomi Reiman,et al.  A Survey on Cloud Computing Security Issues , 2013 .

[72]  Constantinos Patsakis,et al.  Social Network Content Management through Watermarking , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[73]  Harald Dreßing,et al.  Cyberstalking in a Large Sample of Social Network Users: Prevalence, Characteristics, and Impact Upon Victims , 2014, Cyberpsychology Behav. Soc. Netw..

[74]  Steven Schockaert,et al.  Georeferencing Flickr resources based on textual meta-data , 2013, Inf. Sci..

[75]  Cheng Huang,et al.  MPPM: Malware propagation and prevention model in online SNS , 2014, 2014 IEEE International Conference on Communications Workshops (ICC).

[76]  Jun Hu,et al.  Security Issues in Online Social Networks , 2011, IEEE Internet Computing.

[77]  Nouman Azam,et al.  A three-way decision making approach to malware analysis using probabilistic rough sets , 2016, Inf. Sci..

[78]  Shina Sheen,et al.  Multilevel Analysis to Detect Covert Social Botnet in Multimedia Social Networks , 2015, Comput. J..

[79]  Kanliang Wang,et al.  A trust model for multimedia social networks , 2012, Social Network Analysis and Mining.

[80]  Niklas Carlsson,et al.  A peer-to-peer agent community for digital oblivion in online social networks , 2013, 2013 Eleventh Annual Conference on Privacy, Security and Trust.

[81]  Fengyuan Xu,et al.  SybilDefender: A Defense Mechanism for Sybil Attacks in Large Social Networks , 2013, IEEE Transactions on Parallel and Distributed Systems.

[82]  Massimiliano Albanese,et al.  Security and Privacy Issues in Social Networks , 2015, Data Management in Pervasive Systems.

[83]  Kim Seong Min,et al.  Realizing the Right to Be Forgotten in an SNS Environment , 2014 .

[84]  Lorenzo Martino,et al.  Content Analysis of Privacy Policies for Health Social Networks , 2012, 2012 IEEE International Symposium on Policies for Distributed Systems and Networks.

[85]  Kyung-Rog Kim,et al.  Content Modeling Based on Social Network Community Activity , 2014, J. Inf. Process. Syst..

[86]  Song Guo,et al.  Neighbor Similarity Trust against Sybil Attack in P2P E-Commerce , 2015, IEEE Trans. Parallel Distributed Syst..

[87]  Danai Koutra,et al.  Graph based anomaly detection and description: a survey , 2014, Data Mining and Knowledge Discovery.

[88]  M. Milton Joe,et al.  Novel authentication procedures for preventing unauthorized access in social networks , 2017, Peer Peer Netw. Appl..

[89]  Yuval Elovici,et al.  Online Social Networks: Threats and Solutions , 2013, IEEE Communications Surveys & Tutorials.

[90]  Mi Wen,et al.  Steganalysis Over Large-Scale Social Networks With High-Order Joint Features and Clustering Ensembles , 2016, IEEE Transactions on Information Forensics and Security.

[91]  Lakshminarayanan Subramanian,et al.  Cryptagram: photo privacy for online social media , 2013, COSN '13.

[92]  G. Geethakumari,et al.  Detecting misinformation in online social networks using cognitive psychology , 2014, Human-centric Computing and Information Sciences.

[93]  Alok N. Choudhary,et al.  Towards Online Spam Filtering in Social Networks , 2012, NDSS.

[94]  Prasant Mohapatra,et al.  Optimal System Maneuver for Trust Management in Social Networks , 2016, ArXiv.

[95]  Danielle H. Lee Personalizing Information Using Users' Online Social Networks: A Case Study of CiteULike , 2015, J. Inf. Process. Syst..

[96]  Andreas Pitsillides,et al.  The practice of online social networking of the physical world , 2012, Int. J. Space Based Situated Comput..

[97]  Yang Zhang,et al.  A New Access Control Scheme for Facebook-Style Social Networks , 2013, 2014 Ninth International Conference on Availability, Reliability and Security.