This document summarizes four different privacy preserving policies for online social networks: Safebook, Lockr, flyByNight, and Persona. Safebook is a decentralized social network that leverages real-life trust between users, with users' data stored and routed by trusted peers. Lockr improves privacy in centralized and decentralized content sharing systems. flyByNight aims to mitigate privacy risks through encrypting information on Facebook. Persona allows users to control who accesses their information. The policies differ in their trust models, ability to form flexible groups, and architectural approaches. Persona is identified as the relatively best method based on these parameters.
This document discusses methods for measuring privacy in online social networks. It first introduces the concept of the Privacy Index (PIDX), which quantifies a user's privacy exposure based on their visible attributes. It then describes calculating a user's Privacy Quotient (PQ) using a naive approach, which considers the sensitivity and visibility of shared profile items. Finally, it proposes a new model called Privacy Armor that would measure privacy leaks in unstructured data like posts and messages using an Item Response Theory model to calculate sensitivity, visibility, and privacy quotient. The goal is to warn users about unintended sharing of private information online.
There is no argument about the popularity of the social platforms such as Facebook, YouTube, twitter, etc. These platforms can be used to stay in touch with your friends, increase sales revenues for organizations and as a collaboration tool to stay connected with the public. However, each of these benefits comes at a cost, putting your private information at a risk/ exposed. We aim to discuss the common security risks associated with usage of these platforms including risk mitigation strategies.
Intro Video : https://www.youtube.com/watch?v=zxpa4dNVd3c
Presentation for Computer Society of Sri Lanka on 24 Feb 2015
Trust Based Content Distribution for Peer-ToPeer Overlay NetworksIJNSA Journal
In peer-to-peer content distribution the lack of a central authority makes authentication difficult. Without authentication, adversary nodes can spoof identity and falsify messages in the overlay. This enables malicious nodes to launch man-in-the-middle or denial-of-service attacks. In this paper, we present a trust based content distribution for peer-to-peer overlay networks, which is built on the trust management scheme. The main concept is, before sending or accepting the traffic, the trust of the peer must be validated. Based on the success of data delivery and searching time, we calculate the trust index of a node. Then the aggregated trust index of the peers whose value is below the threshold value is considered as distrusted and the corresponding traffic is blocked. By simulation results we show that our proposed scheme achieves increased success ratio with reduced delay and drop.
Deterring Sybil Attack in Online Communication System via Peer-to-peer Audio ...Eswar Publications
In recent time the use of communication gadgets (mobile phones, laptop, desktop etc.) and service for online communication between two parties over a long distance has become sine-qua-non. Some criminal minded people are using this online communication method to deceive their prey via proxy communication where individual claiming to be discussing is not really the one. In this paper, we focus on prevention of identity impersonation attacks in an Online Communication System. Peer-peer Audio Visual Communication System is design to enhance security through online communication system by revealing the identity of the communicators and records the communication if necessary. Embedded application system was design for mobile and desktop devices for audio
visual charting using modern IT devices.
Multi facet trust model for online social network environmentIJNSA Journal
Online Social Network (OSN) has become the most popular platform on the Internet that can provide an interesting and creative ways to communicate, sharing and meets with peoples. As OSNs mature, issues regarding proper use of OSNs are also growing. In this research, the challenges of online social networks have been investigated. The current issues in some of the Social Network Sites are being studied and compared. Cyber criminals, malware attacks, physical threat, security and usability and some privacy issues have been recognized as the challenges of the current social networking sites. Trust concerns have been raised and the trustworthiness of social networking sites has been questioned. Currently, the trust in social networks is using the single- faceted approach, which is not well personalized, and doesn’t account for the subjective views of trust, according to each user, but only the general trust believes of a group of population. The trust level towards a person cannot be calculated and trust is lack of personalization. From our initial survey, we had found that most people can share their information without any doubts on OSN but they normally do not trust all their friends equally and think there is a need of trust management. We had found mixed opinions in relation to the proposed rating feature in OSNs too. By adopting the idea of multi-faceted trust model, a user-centric model that can personalize the comments/photos in social network with user’s customized traits of trust is proposed. This model can probably solve many of the trust issues towards the social networking sites with personalized trust features, in order to keep the postings on social sites confidential and integrity.
My Privacy My decision: Control of Photo Sharing on Online Social NetworksIRJET Journal
This document summarizes a research paper that proposes a facial recognition system to help users control photo sharing on social networks while protecting privacy. It discusses how photo sharing on social networks can unintentionally reveal private user information through tags, comments or metadata. The proposed system would recognize faces in photos and allow users to choose privacy settings during the photo posting process. It would also use private user photos to train the facial recognition model while preserving privacy through a distributed consensus method. The goal is to give users more awareness and control over how their photos are shared and help prevent unintended disclosure of personal information.
The document discusses various security threats that exist on social networks, including phishing attacks, vulnerabilities in third-party applications, weak password security, cross-site scripting attacks, clickjacking, insecure frameworks, SQL injections, and DDOS attacks. It provides examples of each type of attack, such as phishing links that install malware, apps that access too much user data if hacked, passwords being easily guessed, malicious JavaScript that can be installed through photo tags, and privacy settings being exploited to view other profiles. The document emphasizes that with over a billion users exchanging personal information, social networks face many potential threats but that Facebook focuses heavily on security to prevent hacks of its own system.
This presentation provides an inside view of how the Social media presence could harm any individual if no proper vigilance is kept while being active on various social platforms.
This document discusses methods for measuring privacy in online social networks. It first introduces the concept of the Privacy Index (PIDX), which quantifies a user's privacy exposure based on their visible attributes. It then describes calculating a user's Privacy Quotient (PQ) using a naive approach, which considers the sensitivity and visibility of shared profile items. Finally, it proposes a new model called Privacy Armor that would measure privacy leaks in unstructured data like posts and messages using an Item Response Theory model to calculate sensitivity, visibility, and privacy quotient. The goal is to warn users about unintended sharing of private information online.
There is no argument about the popularity of the social platforms such as Facebook, YouTube, twitter, etc. These platforms can be used to stay in touch with your friends, increase sales revenues for organizations and as a collaboration tool to stay connected with the public. However, each of these benefits comes at a cost, putting your private information at a risk/ exposed. We aim to discuss the common security risks associated with usage of these platforms including risk mitigation strategies.
Intro Video : https://www.youtube.com/watch?v=zxpa4dNVd3c
Presentation for Computer Society of Sri Lanka on 24 Feb 2015
Trust Based Content Distribution for Peer-ToPeer Overlay NetworksIJNSA Journal
In peer-to-peer content distribution the lack of a central authority makes authentication difficult. Without authentication, adversary nodes can spoof identity and falsify messages in the overlay. This enables malicious nodes to launch man-in-the-middle or denial-of-service attacks. In this paper, we present a trust based content distribution for peer-to-peer overlay networks, which is built on the trust management scheme. The main concept is, before sending or accepting the traffic, the trust of the peer must be validated. Based on the success of data delivery and searching time, we calculate the trust index of a node. Then the aggregated trust index of the peers whose value is below the threshold value is considered as distrusted and the corresponding traffic is blocked. By simulation results we show that our proposed scheme achieves increased success ratio with reduced delay and drop.
Deterring Sybil Attack in Online Communication System via Peer-to-peer Audio ...Eswar Publications
In recent time the use of communication gadgets (mobile phones, laptop, desktop etc.) and service for online communication between two parties over a long distance has become sine-qua-non. Some criminal minded people are using this online communication method to deceive their prey via proxy communication where individual claiming to be discussing is not really the one. In this paper, we focus on prevention of identity impersonation attacks in an Online Communication System. Peer-peer Audio Visual Communication System is design to enhance security through online communication system by revealing the identity of the communicators and records the communication if necessary. Embedded application system was design for mobile and desktop devices for audio
visual charting using modern IT devices.
Multi facet trust model for online social network environmentIJNSA Journal
Online Social Network (OSN) has become the most popular platform on the Internet that can provide an interesting and creative ways to communicate, sharing and meets with peoples. As OSNs mature, issues regarding proper use of OSNs are also growing. In this research, the challenges of online social networks have been investigated. The current issues in some of the Social Network Sites are being studied and compared. Cyber criminals, malware attacks, physical threat, security and usability and some privacy issues have been recognized as the challenges of the current social networking sites. Trust concerns have been raised and the trustworthiness of social networking sites has been questioned. Currently, the trust in social networks is using the single- faceted approach, which is not well personalized, and doesn’t account for the subjective views of trust, according to each user, but only the general trust believes of a group of population. The trust level towards a person cannot be calculated and trust is lack of personalization. From our initial survey, we had found that most people can share their information without any doubts on OSN but they normally do not trust all their friends equally and think there is a need of trust management. We had found mixed opinions in relation to the proposed rating feature in OSNs too. By adopting the idea of multi-faceted trust model, a user-centric model that can personalize the comments/photos in social network with user’s customized traits of trust is proposed. This model can probably solve many of the trust issues towards the social networking sites with personalized trust features, in order to keep the postings on social sites confidential and integrity.
My Privacy My decision: Control of Photo Sharing on Online Social NetworksIRJET Journal
This document summarizes a research paper that proposes a facial recognition system to help users control photo sharing on social networks while protecting privacy. It discusses how photo sharing on social networks can unintentionally reveal private user information through tags, comments or metadata. The proposed system would recognize faces in photos and allow users to choose privacy settings during the photo posting process. It would also use private user photos to train the facial recognition model while preserving privacy through a distributed consensus method. The goal is to give users more awareness and control over how their photos are shared and help prevent unintended disclosure of personal information.
The document discusses various security threats that exist on social networks, including phishing attacks, vulnerabilities in third-party applications, weak password security, cross-site scripting attacks, clickjacking, insecure frameworks, SQL injections, and DDOS attacks. It provides examples of each type of attack, such as phishing links that install malware, apps that access too much user data if hacked, passwords being easily guessed, malicious JavaScript that can be installed through photo tags, and privacy settings being exploited to view other profiles. The document emphasizes that with over a billion users exchanging personal information, social networks face many potential threats but that Facebook focuses heavily on security to prevent hacks of its own system.
This presentation provides an inside view of how the Social media presence could harm any individual if no proper vigilance is kept while being active on various social platforms.
Posn private information protection in online social networks 2IAEME Publication
This document summarizes a research paper on protecting private information in online social networks. The paper proposes a Protected Online Social Network (POSN) system that uses cryptographic techniques like RC4, AES, and RSA to encrypt user data and encryption keys. The POSN system provides different privacy levels for user profiles and sharing that control who can access information. This allows the system to function like a regular online social network while adding privacy benefits and preventing unauthorized access to private user data.
SECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKSZac Darcy
This document summarizes a research paper that proposes a framework called SecureWall to implement fine-grained access controls on online social networks to mitigate privacy leaks. The framework combines multiple security models - Chinese Wall policy for community privacy, Biba model for integrity, and Bell-LaPadula (BLP) model for confidentiality. It was implemented on a prototype social network and evaluated based on information flow metrics and user surveys. Results found the framework reduced information leakage compared to popular social networks while maintaining usability and sociability according to majority of user feedback.
Detecting and Resolving Privacy Conflicts in Online Social NetworksIRJET Journal
This document discusses privacy issues with sharing data on online social networks. It proposes an approach to enable collaborative privacy management of shared data between multiple users. The key issues are that current social networks only allow individual users to control privacy of their own data, but not over data involving multiple users. The proposed approach aims to provide a system and mechanisms for managing privacy of data associated with groups of users on social networks in a collaborative way.
Secure encounter based mobile social networks requirements, designs, and trad...JPINFOTECH JAYAPRAKASH
This document discusses the requirements, designs, and tradeoffs for secure encounter-based mobile social networks. It analyzes an existing design called SMILE and identifies vulnerabilities. It then proposes a new flexible framework and two example constructions that fulfill more security and privacy requirements. One design is implemented in an iPhone app called MeetUp, which experiments show can work on a large scale.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Cryptographic techniques can help reduce threats to information security from industrial espionage, e-commerce, and private networks. They encrypt data during transmission and storage to prevent unauthorized access. For industrial espionage, cryptographic file systems and virtual private networks (VPNs) encrypt data. For e-commerce, digital signatures and secure socket layers (SSLs) provide encryption. Private networks can use firewalls and network intrusion detection systems to monitor traffic. However, cryptographic techniques are not effective against threats like theft, pickpocketing, or stolen vehicles where information is in physical rather than digital form.
Impact of trust, security and privacy concerns in social networking: An explo...Anil Dhami
This document summarizes a research study that examined the impact of trust, security, and privacy concerns on information sharing in Facebook. The study developed a research model to understand how security and privacy concerns influence trust in social networking sites and willingness to share information. An online survey was administered to 250 Facebook users of different age groups over 4 months. Statistical analysis of the data supported the hypotheses that privacy concerns, security, and trust positively influence information sharing in social networking sites like Facebook. The findings provide insight into how privacy, security, and trust impact users' behaviors for revealing information on social media platforms.
Social media and security essentials.pptxPink Elephant
Social media use has grown tremendously, with over 500 million Facebook users and 105 million Twitter users. However, this growth has also increased security risks. Research from Websense found a 111% increase in malicious websites from 2009 to 2010, with nearly 80% of compromised legitimate sites. Additionally, 40% of Facebook status updates contain links, with 10% of those links being spam or malicious. The Cisco annual security report also warns that social media is blurring network security boundaries and that criminals are effectively using social networks to scam users.
International Journal of Engineering Research and DevelopmentIJERD Editor
Electrical, Electronics and Computer Engineering,
Information Engineering and Technology,
Mechanical, Industrial and Manufacturing Engineering,
Automation and Mechatronics Engineering,
Material and Chemical Engineering,
Civil and Architecture Engineering,
Biotechnology and Bio Engineering,
Environmental Engineering,
Petroleum and Mining Engineering,
Marine and Agriculture engineering,
Aerospace Engineering.
This document provides an overview of Laura Janet Rodriguez's thesis proposal on developing a cognitive artifact to encourage reflective cognition among 18-24 year old social media users. The proposal outlines the research question, sub-questions, areas of investigation, assumptions, justification, limitations, and initial literature review. The research question centers around how a cognitive artifact could be integrated into young adults' social media profile management to encourage reflection on online behavior and the permanence of online information. The proposal assumes it will focus on personal social networks and justifies the need due to legal ambiguity around data privacy and risks faced by 18-24 year olds who are prolific social media sharers.
Утечка персональной информации через социальные сетиJet-Co Media
This document discusses how personally identifiable information (PII) can leak from online social networks (OSNs) to third-party aggregators. It finds that most OSN users are vulnerable to having their OSN identity information linked with tracking cookies from third-party sites. This leakage allows third-parties to associate a user's identity with their past internet browsing history and future online actions. The document analyzes how different types of PII can leak via HTTP headers and cookies to third-party tracking servers from OSNs.
Capabilities of Cyber-Trerrorists - IT infrastructure and associated risks, H...Cristian Driga
Introductory presentation from a NATO Advanced Training Seminar in Kiev, Ukraine back in 2010. The seminar was titled CYBER TERRORISM PREVENTION & COUNTERACTION.
Security techniques for intelligent spam sensing and anomaly detection in onl...IJECEIAES
The recent advances in communication and mobile technologies made it easier to access and share information for most people worldwide. Among the most powerful information spreading platforms are the Online Social Networks (OSN)s that allow Internet-connected users to share different information such as instant messages, tweets, photos, and videos. Adding to that many governmental and private institutions use the OSNs such as Twitter for official announcements. Consequently, there is a tremendous need to provide the required level of security for OSN users. However, there are many challenges due to the different protocols and variety of mobile apps used to access OSNs. Therefore, traditional security techniques fail to provide the needed security and privacy, and more intelligence is required. Computational intelligence adds high-speed computation, fault tolerance, adaptability, and error resilience when used to ensure security in OSN apps. This research provides a comprehensive related work survey and investigates the application of artificial neural networks for intrusion detection systems and spam filtering for OSNs. In addition, we use the concept of social graphs and weighted cliques in the detection of suspicious behavior of certain online groups and to prevent further planned actions such as cyber/terrorist attacks before they happen.
This is a presentation Bill gave at the May 2009 NAISG meeting on the security dangers of such social networking entities as Facebook, LinkedIn and Twitter.
International Journal of Pharmaceutical Science Invention (IJPSI) is an international journal intended for professionals and researchers in all fields of Pahrmaceutical Science. IJPSI publishes research articles and reviews within the whole field Pharmacy and Pharmaceutical Science, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...IOSR Journals
This document discusses an automated model for detecting fake profiles and botnets in online social networks. It begins with background on the prevalence of fake accounts, which can compromise user privacy and security. Next, it reviews related work on using data hiding techniques like steganography and watermarking to embed information in profile pictures in order to identify suspicious accounts. The proposed model aims to automatically detect fake profiles and botnets to replace current manual methods that are costly and labor-intensive.
Online Social Network (OSN) sites act as a medium to spread their own views, activities and their thoughts to some camaraderie. Contents of this network are spread over web, so it was hard to determine by a human decision. Currently, they do not provide any mechanism to ensure privacy concerns towards data associated with each user. Due to this problem, number of users lacks from their ownership control. In this paper, we proposed AC2P (Activity Control-Access Control Protocol) for information control on the web. Alternatively, Tag Refinement strategy determines illegal tagging over images and send notification about particular image spread within different communities/groups. These techniques reduce risk of information flow and avoid unwanted tagging toward images.
Puppetnets and Botnets: Information Technology Vulnerability Exploitsecarrow
The focus of this paper is to identify dominant trends of
information security threats to the Internet 2001 to 2007. This
paper is intended to provide an understanding of the new
emphasis of attacks through use of robotic networks and how
some users and organizations are already preparing a response
using innovative visualization techniques in conjunction with
traditional methods. The scope of research will focus on basic
enterprise level services that are commonly provided by various
corporations; e.g., e-mail, browser applications, wireless and
mobile devices, IP telephony, and online banking. The research
will first review the network infrastructure common to most
corporate organizations and assume basic enterprise components
and functionality in response to the current security threats. The
second emphasis will consider the impact of malware robotic
networks (Botnets and Puppetnets) on the corporate network
infrastructure and how to address these threats with new and
innovative techniques. This approach is pragmatic in application
and focuses on assimilation of existing data to present a
functional rationale of attacks to anticipate and prepare for this
coming year.
Implementation of Knowledge Based Authentication System Using Persuasive Cued...IOSR Journals
This document presents a graphical password authentication system called Persuasive Cued Click Points (PCCP) that uses images and sound signatures. PCCP aims to improve usability and security over traditional text passwords. A user selects a sequence of click points, one on each of 5 images. Each click point is associated with a sound signature to help the user recall it. The system creates a profile vector from the click points. At login, the user's click points are compared to the profile vector. If they match within a tolerance level, the user is authenticated. The document discusses related work, the proposed system's algorithms and design, and concludes PCCP increases the effective password space while allowing user choice. Users found P
This document discusses developing a mobile enrollment system for universities in Nigeria. Currently, most university enrollment processes in Nigeria are done manually, which causes long wait times and errors. The authors propose creating a mobile application that would allow students to complete the enrollment process from any location using a mobile device. They conducted a survey that found undergraduate students would most favor such a system and that the main motivations for using a mobile app would be to save time and costs. The authors conclude a mobile enrollment system could speed up the process, reduce errors and provide users with increased convenience and security.
Business Intelligence: A Rapidly Growing Option through Web MiningIOSR Journals
This document discusses web mining techniques for business intelligence. It begins with an introduction to web mining and its subfields of web content mining, web structure mining, and web usage mining. It then focuses on web usage mining, describing the process of preprocessing log data, discovering patterns using techniques like statistical analysis and association rule mining, and analyzing the patterns. The goal is to understand customer behavior and improve business functions like marketing through data collected from web servers, proxy servers, and clients.
Software Development Multi-Sourcing Relationship Management Model (Sdmrmm) P...IOSR Journals
This document describes a systematic literature review protocol to investigate challenges and critical success factors for managing relationships in software development multi-sourcing. Multi-sourcing involves one client contracting with multiple vendors. The review aims to identify challenges vendors face in establishing and maintaining relationships with clients and other vendors. It also seeks to identify critical factors for developing long-lasting relationships. The anticipated outcomes are a list of key challenges and success factors to help vendors improve multi-sourcing relationship management. The protocol outlines the planning, search strategy, and reporting that will be followed to conduct the review.
Posn private information protection in online social networks 2IAEME Publication
This document summarizes a research paper on protecting private information in online social networks. The paper proposes a Protected Online Social Network (POSN) system that uses cryptographic techniques like RC4, AES, and RSA to encrypt user data and encryption keys. The POSN system provides different privacy levels for user profiles and sharing that control who can access information. This allows the system to function like a regular online social network while adding privacy benefits and preventing unauthorized access to private user data.
SECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKSZac Darcy
This document summarizes a research paper that proposes a framework called SecureWall to implement fine-grained access controls on online social networks to mitigate privacy leaks. The framework combines multiple security models - Chinese Wall policy for community privacy, Biba model for integrity, and Bell-LaPadula (BLP) model for confidentiality. It was implemented on a prototype social network and evaluated based on information flow metrics and user surveys. Results found the framework reduced information leakage compared to popular social networks while maintaining usability and sociability according to majority of user feedback.
Detecting and Resolving Privacy Conflicts in Online Social NetworksIRJET Journal
This document discusses privacy issues with sharing data on online social networks. It proposes an approach to enable collaborative privacy management of shared data between multiple users. The key issues are that current social networks only allow individual users to control privacy of their own data, but not over data involving multiple users. The proposed approach aims to provide a system and mechanisms for managing privacy of data associated with groups of users on social networks in a collaborative way.
Secure encounter based mobile social networks requirements, designs, and trad...JPINFOTECH JAYAPRAKASH
This document discusses the requirements, designs, and tradeoffs for secure encounter-based mobile social networks. It analyzes an existing design called SMILE and identifies vulnerabilities. It then proposes a new flexible framework and two example constructions that fulfill more security and privacy requirements. One design is implemented in an iPhone app called MeetUp, which experiments show can work on a large scale.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Cryptographic techniques can help reduce threats to information security from industrial espionage, e-commerce, and private networks. They encrypt data during transmission and storage to prevent unauthorized access. For industrial espionage, cryptographic file systems and virtual private networks (VPNs) encrypt data. For e-commerce, digital signatures and secure socket layers (SSLs) provide encryption. Private networks can use firewalls and network intrusion detection systems to monitor traffic. However, cryptographic techniques are not effective against threats like theft, pickpocketing, or stolen vehicles where information is in physical rather than digital form.
Impact of trust, security and privacy concerns in social networking: An explo...Anil Dhami
This document summarizes a research study that examined the impact of trust, security, and privacy concerns on information sharing in Facebook. The study developed a research model to understand how security and privacy concerns influence trust in social networking sites and willingness to share information. An online survey was administered to 250 Facebook users of different age groups over 4 months. Statistical analysis of the data supported the hypotheses that privacy concerns, security, and trust positively influence information sharing in social networking sites like Facebook. The findings provide insight into how privacy, security, and trust impact users' behaviors for revealing information on social media platforms.
Social media and security essentials.pptxPink Elephant
Social media use has grown tremendously, with over 500 million Facebook users and 105 million Twitter users. However, this growth has also increased security risks. Research from Websense found a 111% increase in malicious websites from 2009 to 2010, with nearly 80% of compromised legitimate sites. Additionally, 40% of Facebook status updates contain links, with 10% of those links being spam or malicious. The Cisco annual security report also warns that social media is blurring network security boundaries and that criminals are effectively using social networks to scam users.
International Journal of Engineering Research and DevelopmentIJERD Editor
Electrical, Electronics and Computer Engineering,
Information Engineering and Technology,
Mechanical, Industrial and Manufacturing Engineering,
Automation and Mechatronics Engineering,
Material and Chemical Engineering,
Civil and Architecture Engineering,
Biotechnology and Bio Engineering,
Environmental Engineering,
Petroleum and Mining Engineering,
Marine and Agriculture engineering,
Aerospace Engineering.
This document provides an overview of Laura Janet Rodriguez's thesis proposal on developing a cognitive artifact to encourage reflective cognition among 18-24 year old social media users. The proposal outlines the research question, sub-questions, areas of investigation, assumptions, justification, limitations, and initial literature review. The research question centers around how a cognitive artifact could be integrated into young adults' social media profile management to encourage reflection on online behavior and the permanence of online information. The proposal assumes it will focus on personal social networks and justifies the need due to legal ambiguity around data privacy and risks faced by 18-24 year olds who are prolific social media sharers.
Утечка персональной информации через социальные сетиJet-Co Media
This document discusses how personally identifiable information (PII) can leak from online social networks (OSNs) to third-party aggregators. It finds that most OSN users are vulnerable to having their OSN identity information linked with tracking cookies from third-party sites. This leakage allows third-parties to associate a user's identity with their past internet browsing history and future online actions. The document analyzes how different types of PII can leak via HTTP headers and cookies to third-party tracking servers from OSNs.
Capabilities of Cyber-Trerrorists - IT infrastructure and associated risks, H...Cristian Driga
Introductory presentation from a NATO Advanced Training Seminar in Kiev, Ukraine back in 2010. The seminar was titled CYBER TERRORISM PREVENTION & COUNTERACTION.
Security techniques for intelligent spam sensing and anomaly detection in onl...IJECEIAES
The recent advances in communication and mobile technologies made it easier to access and share information for most people worldwide. Among the most powerful information spreading platforms are the Online Social Networks (OSN)s that allow Internet-connected users to share different information such as instant messages, tweets, photos, and videos. Adding to that many governmental and private institutions use the OSNs such as Twitter for official announcements. Consequently, there is a tremendous need to provide the required level of security for OSN users. However, there are many challenges due to the different protocols and variety of mobile apps used to access OSNs. Therefore, traditional security techniques fail to provide the needed security and privacy, and more intelligence is required. Computational intelligence adds high-speed computation, fault tolerance, adaptability, and error resilience when used to ensure security in OSN apps. This research provides a comprehensive related work survey and investigates the application of artificial neural networks for intrusion detection systems and spam filtering for OSNs. In addition, we use the concept of social graphs and weighted cliques in the detection of suspicious behavior of certain online groups and to prevent further planned actions such as cyber/terrorist attacks before they happen.
This is a presentation Bill gave at the May 2009 NAISG meeting on the security dangers of such social networking entities as Facebook, LinkedIn and Twitter.
International Journal of Pharmaceutical Science Invention (IJPSI) is an international journal intended for professionals and researchers in all fields of Pahrmaceutical Science. IJPSI publishes research articles and reviews within the whole field Pharmacy and Pharmaceutical Science, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...IOSR Journals
This document discusses an automated model for detecting fake profiles and botnets in online social networks. It begins with background on the prevalence of fake accounts, which can compromise user privacy and security. Next, it reviews related work on using data hiding techniques like steganography and watermarking to embed information in profile pictures in order to identify suspicious accounts. The proposed model aims to automatically detect fake profiles and botnets to replace current manual methods that are costly and labor-intensive.
Online Social Network (OSN) sites act as a medium to spread their own views, activities and their thoughts to some camaraderie. Contents of this network are spread over web, so it was hard to determine by a human decision. Currently, they do not provide any mechanism to ensure privacy concerns towards data associated with each user. Due to this problem, number of users lacks from their ownership control. In this paper, we proposed AC2P (Activity Control-Access Control Protocol) for information control on the web. Alternatively, Tag Refinement strategy determines illegal tagging over images and send notification about particular image spread within different communities/groups. These techniques reduce risk of information flow and avoid unwanted tagging toward images.
Puppetnets and Botnets: Information Technology Vulnerability Exploitsecarrow
The focus of this paper is to identify dominant trends of
information security threats to the Internet 2001 to 2007. This
paper is intended to provide an understanding of the new
emphasis of attacks through use of robotic networks and how
some users and organizations are already preparing a response
using innovative visualization techniques in conjunction with
traditional methods. The scope of research will focus on basic
enterprise level services that are commonly provided by various
corporations; e.g., e-mail, browser applications, wireless and
mobile devices, IP telephony, and online banking. The research
will first review the network infrastructure common to most
corporate organizations and assume basic enterprise components
and functionality in response to the current security threats. The
second emphasis will consider the impact of malware robotic
networks (Botnets and Puppetnets) on the corporate network
infrastructure and how to address these threats with new and
innovative techniques. This approach is pragmatic in application
and focuses on assimilation of existing data to present a
functional rationale of attacks to anticipate and prepare for this
coming year.
Implementation of Knowledge Based Authentication System Using Persuasive Cued...IOSR Journals
This document presents a graphical password authentication system called Persuasive Cued Click Points (PCCP) that uses images and sound signatures. PCCP aims to improve usability and security over traditional text passwords. A user selects a sequence of click points, one on each of 5 images. Each click point is associated with a sound signature to help the user recall it. The system creates a profile vector from the click points. At login, the user's click points are compared to the profile vector. If they match within a tolerance level, the user is authenticated. The document discusses related work, the proposed system's algorithms and design, and concludes PCCP increases the effective password space while allowing user choice. Users found P
This document discusses developing a mobile enrollment system for universities in Nigeria. Currently, most university enrollment processes in Nigeria are done manually, which causes long wait times and errors. The authors propose creating a mobile application that would allow students to complete the enrollment process from any location using a mobile device. They conducted a survey that found undergraduate students would most favor such a system and that the main motivations for using a mobile app would be to save time and costs. The authors conclude a mobile enrollment system could speed up the process, reduce errors and provide users with increased convenience and security.
Business Intelligence: A Rapidly Growing Option through Web MiningIOSR Journals
This document discusses web mining techniques for business intelligence. It begins with an introduction to web mining and its subfields of web content mining, web structure mining, and web usage mining. It then focuses on web usage mining, describing the process of preprocessing log data, discovering patterns using techniques like statistical analysis and association rule mining, and analyzing the patterns. The goal is to understand customer behavior and improve business functions like marketing through data collected from web servers, proxy servers, and clients.
Software Development Multi-Sourcing Relationship Management Model (Sdmrmm) P...IOSR Journals
This document describes a systematic literature review protocol to investigate challenges and critical success factors for managing relationships in software development multi-sourcing. Multi-sourcing involves one client contracting with multiple vendors. The review aims to identify challenges vendors face in establishing and maintaining relationships with clients and other vendors. It also seeks to identify critical factors for developing long-lasting relationships. The anticipated outcomes are a list of key challenges and success factors to help vendors improve multi-sourcing relationship management. The protocol outlines the planning, search strategy, and reporting that will be followed to conduct the review.
This document compares the performance of three routing protocols for mobile ad hoc networks (MANETs): AOMDV, AOMDV with location information using the DREAM protocol, and AOMDV with energy information. AOMDV is a multipath routing protocol that finds multiple disjoint paths between nodes. AOMDV with DREAM uses location information to route packets more efficiently. AOMDV with energy information selects paths based on the residual energy of nodes to improve energy efficiency and network lifetime. The document provides an overview of these three protocols and reviews previous work comparing their performance based on metrics like energy consumption, packet delivery ratio, and throughput.
Investigation of Reducing Process of Uneven Shade Problem In Case Of Compact ...IOSR Journals
This document investigates reducing uneven shade problems in compact single jersey cotton knit fabrics dyed with turquoise reactive dyes. Scanning electron microscopy shows that stripping and scouring combined increases fabric porosity compared to scouring alone, allowing better dye penetration. Color measurement testing finds that combining stripping and scouring results in more consistent dye absorption and less uneven shading than separate processes, with CMC ΔE values below 1 indicating acceptable color matches. In conclusion, performing stripping and scouring simultaneously on compact single jersey fabrics before dyeing with turquoise reduces uneven dyeing compared to conventional pretreatment methods.
This document discusses image superresolution techniques in both the spatial and frequency domains. It compares a spatial domain algorithm by Keren et al. to a frequency domain algorithm by Vandewalle et al. for image registration. The spatial domain algorithm more accurately estimates shift and rotation parameters, especially when images contain strong directionality. For image reconstruction, it compares interpolation, iterative backpropagation, and a robust super resolution algorithm. Experimental results show the spatial domain approach works better for the application of image superresolution.
This document analyzes voltage stability in power systems using line voltage stability indices and proposes enhancing stability with a TCSC. It discusses four indices - Fast Voltage Stability Index (FVSI), Line Quadratic Programming (LQP), Reactive Power Index (VQI), and Line Stability Index (LMN) - that can identify the most critical line and bus. Under a single line outage, a TCSC is installed at the critical line identified by the indices. Simulation results on the IEEE 14-bus system show that a TCSC can improve voltage stability by modifying the line reactance. The TCSC provides both inductive and capacitive compensation depending on its firing angle to enhance power transfer and voltage profiles.
Classification of News and Research Articles Using Text Pattern MiningIOSR Journals
This document summarizes a research paper that proposes a method for classifying news and research articles using text pattern mining. The method involves preprocessing text to remove stop words and perform stemming. Frequent and closed patterns are then discovered from the preprocessed text. These patterns are structured into a taxonomy and deployed to classify new documents. The method also involves evolving patterns by reshuffling term supports within patterns to reduce the effects of noise from negative documents. Over 80% of documents were successfully classified using this pattern-based approach.
A Challenge to Analyze and Detect Altered Human FingerprintsIOSR Journals
This document analyzes and proposes a method to detect altered human fingerprints. It discusses three main types of fingerprint alterations: obliteration, distortion, and imitation. It also outlines a system to 1) analyze altered fingerprints, 2) classify alterations, 3) demonstrate detection using a fingerprint database, and 4) develop an automatic detection technique using image processing and matching algorithms. The goal is to highlight the problem of altered fingerprints and propose an algorithm to identify them.
Spatio-Temporal Database and Its Models: A ReviewIOSR Journals
This document provides a review of spatial-temporal databases and their models. It discusses the key components and characteristics of spatial databases, temporal databases, and spatial-temporal databases. Some of the main models of spatial-temporal data modeling that are described include the snapshot model, space-time composite data model, simple time-stamping models, event-oriented models, three-domain model, and history graph model. The review examines how these different models approach representing and querying spatial and temporal data.
The document provides an overview of steganography, including:
1) Steganography is the technique of hiding secret information within a cover file such that the existence of the secret information is concealed. It aims for invisible communication.
2) The main components of a steganographic system are the secret message, cover file, stego file, key, embedding and extracting methods.
3) Steganography differs from cryptography in that it does not alter the structure of the secret message and aims to conceal the very existence of communication, whereas cryptography scrambles messages and is known to transmit encrypted messages.
The document summarizes the development of a new web browser called JAN browser. It aims to provide more efficient and secure internet usage compared to existing browsers. Key features include speed dialing tabs to quickly access frequently used websites organized by topic, a virtual keyboard for secure password entry that shuffles keys to prevent hacking, and user login for security. The browser was developed using .NET for the front-end and SQL for the back-end database. Experimental results demonstrate the speed dialing, new tabs/windows, and virtual keyboard functions. The goal of JAN browser is to satisfy users by making resource searching more efficient, user-friendly, secure, and time-saving.
This document proposes a method for completing user profiles using their online social circles. It introduces the task of user profile completion and discusses how existing approaches do not leverage users' real social circles. The method presented uses non-negative matrix factorization to decompose a circle-profile matrix into a circle-user matrix and user-profile matrix. This allows the model to detect a user's multi-dimensional social characteristics from their various social circles. Experimental results on Facebook, LinkedIn, and Microsoft Academic Search datasets show the approach outperforms state-of-the-art methods for user profile completion.
Using Aspect Ratio to Classify Red Blood ImagesIOSR Journals
This document discusses a method for classifying red blood cell (RBC) images using aspect ratio. It involves extracting shape boundaries from RBC images through preprocessing steps. Fourier descriptors are then applied to the normalized shape signatures to represent the shapes. Aspect ratio and invariant moments are used to filter irrelevant shapes and improve retrieval accuracy when matching shapes to those in a database. Testing showed 92% accuracy when using 4 geometric features, decreasing to 90% accuracy when using more features. The method demonstrates potential for diagnosing anemia by analyzing abnormal RBC shapes.
Interference Aware & SINR Estimation in Femtocell NetworksIOSR Journals
This document discusses technical challenges in deploying femtocell networks. It describes how femtocells can help address issues with indoor coverage and capacity demands. However, interference management is a major challenge as femtocells and macrocells share the same licensed spectrum. There are two types of interference: co-tier between neighboring femtocells, and cross-tier between femtocells and macrocells. Effective interference mitigation techniques are needed to allocate subcarriers and reduce interference, in order to improve network throughput and prevent "dead zones" of degraded quality of service.
Multiple Equilibria and Chemical Distribution of Some Bio Metals With β-Amide...IOSR Journals
Abstract: Solution Chemistry of some bivalent metal ions (viz. CoII , NiII ,CuII ,ZnII ) with β-amide α-aminosuccinate (Asparagine)/ α-aminoisoverate( Valine ) (A) and 5-methyl 2,4- dioxopyrimidine ( Thymine ) (B)ligands have been analyzed. Formation constant of quaternary metal complexes and complexation equilibria at 30±1ºC and at constant ionic strength (I=0.1M NaNO3 ) have been explored potentiometrically. Formation of quaternary species in addition to hydroxyl, protonated, binary and ternary species have been reported. Overall formation constant have been evaluated using SCOGS computer program.Species distribution curves of complexes have been plotted as a function of pH to visualize the equlibria system and was refined using ORIGIN program.The metal ligand formation constant of MA,MB,MAB and M1M2AB type of complexes follow Irving William order. The order of stability constants of quaternary systems have been observed as: Cu – Ni > Cu –Zn > Cu–Co > Ni – Zn > Ni – Co > Co –Zn. Solution structures of metal complexes with said ligands have been compared and discussed.
IOSR Journal of Electrical and Electronics Engineering(IOSR-JEEE) is an open access international journal that provides rapid publication (within a month) of articles in all areas of electrical and electronics engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in electrical and electronics engineering. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Needs Assessment Approach To Product Bundling In Banking EnterpriseIOSR Journals
The document proposes a needs assessment approach to product bundling in retail banking. It involves understanding customer needs through a questionnaire, analyzing responses using business rules to recommend products, and allowing customers to select products for bundles. A multi-layer architecture is proposed to make needs assessment accessible across delivery channels. The approach aims to increase sales by bundling related products based on customer needs.
Microscopic Image Analysis of Nanoparticles by Edge Detection Using Ant Colon...IOSR Journals
This document presents a method for analyzing nanoparticles using microscopic images through edge detection with Ant Colony Optimization (ACO). Initially, edges are extracted from images using various detectors and adaptive thresholding. Ants are placed at endpoint pixels and move between pixels probabilistically based on pheromone levels, connecting discontinuities. Results on cerium oxide and zinc oxide nanoparticle images show the ACO-improved edges better distinguish particles and determine sizes/shapes compared to conventional detectors alone.
Posn private information protection in online social networks 2IAEME Publication
This document summarizes a research paper on protecting private information in online social networks. The paper proposes a Protected Online Social Network (POSN) system that uses cryptographic techniques like RC4, AES and RSA to encrypt user data. The POSN system provides different privacy levels for user profiles and sharing that control who can access information. It encrypts sensitive user data with symmetric and asymmetric encryption and redistributes encryption keys when privacy settings or friends lists change to strengthen security. The POSN aims to offer the functionality of online social networks while enhancing privacy through encryption methods and access controls.
The document discusses decentralized online social networks as an alternative to centralized social networks. It provides definitions of key concepts related to online social networks. Centralized social networks face challenges like privacy issues and information silos. Decentralized networks that use semantic web technologies like FOAF and SIOC can address these challenges by distributing user data across multiple servers rather than centralized locations. However, decentralized networks also present challenges around peer availability and developing efficient infrastructure.
Online social networks (OSNs) contain data about users, their relations, interests and daily activities and
the great value of this data results in ever growing popularity of OSNs. There are two types of OSNs data,
semantic and topological. Both can be used to support decision making processes in many applications
such as in information diffusion, viral marketing and epidemiology. Online Social network analysis (OSNA)
research is used to maximize the benefits gained from OSNs’ data. This paper provides a comprehensive
study of OSNs and OSNA to provide analysts with the knowledge needed to analyse OSNs. OSNs’
internetworking was found to increase the wealth of the analysed data by depending on more than one OSN
as the source of the analysed data.
Paper proposes a generic model of OSNs’ internetworking system that an analyst can rely on. Two
different data sources in OSNs were identified in our efforts to provide a thorough study of OSNs, which
are the OSN User data and the OSN platform data. Additionally, we propose a classification of the OSN
User data according to its analysis models for different data types to shed some light into the current used
OSNA methodologies. We also highlight the different metrics and parameters that analysts can use to
evaluate semantic or topologic OSN user data. Further, we present a classification of the other data types
and OSN platform data that can be used to compare the capabilities of different OSNs whether separate or
in a OSNs’ internetworking system. To increase analysts’ awareness about the available tools they can use,
we overview some of the currently publically available OSNs’ datasets and simulation tools and identify
whether they are capable of being used in semantic, topological OSNA, or both. The overview identifies
that only few datasets includes both data types (semantic and topological) and there are few analysis tools
that can perform analysis on both data types. Finally paper present a scenario that shows that an
integration of semantic and topologic data (hybrid data) in the OSNA is beneficial.
Social Networking Websites and Image PrivacyIOSR Journals
The document discusses privacy issues related to social networking websites. It begins by providing background on social networking sites and how they allow users to construct profiles, connect with other users, and share content. However, it notes that a lack of awareness and proper privacy tools means users' personal data is at risk.
It then proposes several new privacy policies and describes their implementation in a social networking site built with PHP. These include an "Album Privacy Policy" that allows customizing access permissions for specific albums and photos, and an "Image Protection Policy" that prevents other users from copying or downloading protected images without permission. The goal is to provide users more flexible privacy controls over their data.
Privacy Perspectives, Requirements and Design trade-offs of Encounter- based ...AM Publications
Encounter-based social networks link users who share a location at the same time, as opposed to the traditional
social network model of linking users who have an offline friendship. Privacy is one of the friction points that emerge when
communications get mediated in Encounter-based Social Networks. Different communities of computer science researchers have
framed the ‘Online Social Network privacy problem’ as one of surveillance, institutional or social privacy. In this article, we first
provide an introduction to the surveillance, social and institutional privacy perspectives. We then explore the differences between
these approaches in order to understand their complementarity. In this paper, we explore the privacy requirements for Encounterbased
social networks. We provide an overview on the privacy guarantees and feasibility of SMILE and also its drawback in meeting certain requirements.
Comprehensive Social Media Security Analysis & XKeyscore Espionage TechnologyCSCJournals
Social networks can offer many services to the users for sharing activities events and their ideas. Many attacks can happened to the social networking websites due to trust that have been given by the users. Cyber threats are discussed in this paper. We study the types of cyber threats, classify them and give some suggestions to protect social networking websites of variety of attacks. Moreover, we gave some antithreats strategies with future trends.
This document discusses two approaches to privacy in online social networks - surveillance privacy and social privacy. Surveillance privacy addresses how personal information is used by governments and providers, while social privacy focuses on negotiating privacy boundaries as social interactions move online. However, these problems are entangled. The document argues that integrating all three privacy approaches - surveillance, social, and institutional - could benefit users by addressing the complex, interconnected nature of privacy issues in online social networks.
Retrieving Hidden Friends a Collusion Privacy Attack against Online Friend Se...ijtsrd
Online Social Networks OSNs are providing a diversity of application for human users to network through families, friends and even strangers. One of such application, friend search engine, allows the universal public to inquiry individual client friend lists and has been gaining popularity recently. Proper design, this application may incorrectly disclose client private relationship information. Existing work has a privacy perpetuation clarification that can effectively boost OSNs' sociability while protecting users' friendship privacy against attacks launched by individual malicious requestors. In this project proposed an advanced collusion attack, where a victim user's friendship privacy can be compromise from side to side a series of cautiously designed queries coordinately launched by multiple malicious requestors. The result of the proposed collusion attack is validate through synthetic and real world social network data sets. The project on the advanced collusion attacks will help us design a more vigorous and securer friend search engine on OSNs in the near future. R. Brintha | H. Parveen Bagum "Retrieving Hidden Friends a Collusion Privacy Attack against Online Friend Search Engine" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-4 , June 2020, URL: https://www.ijtsrd.com/papers/ijtsrd31687.pdf Paper Url :https://www.ijtsrd.com/computer-science/world-wide-web/31687/retrieving-hidden-friends-a-collusion-privacy-attack-against-online-friend-search-engine/r-brintha
The document discusses social networks and social network analysis. It defines a social network as connections between individuals or organizations through various social relationships. It then discusses how social network analysis can be applied to map and measure relationships between people, groups, and other entities. Key aspects of social network analysis include degree centrality, betweenness centrality, and closeness centrality. The document provides examples of how social network analysis has been applied and discusses how technologies like LinkedIn and future modeling techniques could further social network analysis.
The document discusses social networks and social network analysis. It defines a social network as connections between individuals or organizations through various social relationships. It then discusses how social network analysis can be applied to map and measure relationships between people, groups, and other entities. Key aspects of social network analysis include degree centrality, betweenness centrality, and closeness centrality. The document provides examples of how social network analysis has been applied and discusses how technologies like LinkedIn and future modeling could further social network analysis.
The document discusses social networks and social network analysis. It defines a social network as connections between individuals or organizations through various social relationships. It then discusses how social network analysis can be applied to map and measure relationships between people, groups, and other entities. Key aspects of social network analysis include degree centrality, betweenness centrality, and closeness centrality. The document provides examples of how social network analysis has been applied and discusses how technologies like LinkedIn and future advances may impact social networks and social network analysis.
Trust-based Collaborative Privacy Management in Online Social NetworksJAYAPRAKASH JPINFOTECH
Trust-based Collaborative Privacy Management in Online Social Networks
To buy this project in ONLINE, Contact:
Email: jpinfotechprojects@gmail.com,
Website: https://www.jpinfotech.org
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.co¬m-Visit Our Website: www.finalyearprojects.org
The advancement of Information Technology has hastened the ability to disseminate information across the globe. In particular, the recent trends in ‘Social Networking’ have led to a spark in personally sensitive information being published on the World Wide Web. While such socially active websites are creative tools for expressing one’s personality it also entails serious privacy concerns. Thus, Social Networking websites could be termed a double edged sword. It is important for the law to keep abreast of these developments in technology. The purpose of this paper is to demonstrate the limits of extending existing laws to battle privacy intrusions in the Internet especially in the context of social networking. It is suggested that privacy specific legislation is the most appropriate means of protecting online privacy. In doing so it is important to maintain a balance between the competing right of expression, the failure of which may hinder the reaping of benefits offered by Internet technology
This document describes a system called Filtered Wall (FW) that aims to filter unwanted messages from users' walls on online social networks (OSNs). The system uses machine learning techniques like radial basis function networks to classify short text messages as neutral or non-neutral. Non-neutral messages are further classified into categories. The system also provides flexible rules that allow users to specify which content should not be displayed on their walls based on criteria like user relationships, profiles, and user-defined blacklists. When a user posts a message, the system extracts metadata using text classification and enforces the user's filtering rules to determine if the message will be published or filtered.
A Batch-authenticated And Key AgreementFramework For P2p-based Online Social...Sahithi Naraparaju
The document proposes a security framework for authenticating multiple users simultaneously to improve efficiency and security in peer-to-peer online social networks. It identifies weaknesses in existing protocols such as only supporting one-to-one authentication and high communication costs. The proposed framework includes three batch authentication protocols using one-way hash functions, ElGamal proxy encryption, and certificates. The protocols aim to reduce communication costs, support one-to-many authentication, and allow trusted users to help authenticate others. Formal analysis shows the protocols are secure against attacks and implicit key authentication.
An iac approach for detecting profile cloningIJNSA Journal
Nowadays, Online Social Networks (OSNs) are popular websites on the internet, which millions of users
register on and share their own personal information with others. Privacy threats and disclosing personal
information are the most important concerns of OSNs’ users. Recently, a new attack which is named
Identity Cloned Attack is detected on OSNs. In this attack the attacker tries to make a fake identity of a real
user in order to access to private information of the users’ friends which they do not publish on the public
profiles. In today OSNs, there are some verification services, but they are not active services and they are
useful for users who are familiar with online identity issues. In this paper, Identity cloned attacks are
explained in more details and a new and precise method to detect profile cloning in online social networks
is proposed. In this method, first, the social network is shown in a form of graph, then, according to
similarities among users, this graph is divided into smaller communities. Afterwards, all of the similar
profiles to the real profile are gathered (from the same community), then strength of relationship (among
all selected profiles and the real profile) is calculated, and those which have the less strength of
relationship will be verified by mutual friend system. In this study, in order to evaluate the effectiveness of
proposed method, all steps are applied on a dataset of Facebook, and finally this work is compared with
two previous works by applying them on the dataset.
Location Sharing System Using GPS Technology for Minimizing SMS DeliveryIJERA Editor
Enhanced Privacy in Mobile Online Social Networks to providing the location information to the User /server in the
online location server. MOSNs, more and more users‘ location information will be collected by the service providers
in mOSN. The users‘ privacy, including location privacy and social network privacy can be improved using the User
Registration & encryption of the data stored into the server. It should aiming at achieving enhanced privacy against
the insider attack launched by the service providers in mOSNs, we introduce a new architecture with multiple location
servers for the first time and propose a secure solution supporting location sharing among friends and strangers in
location-based applications. In our construction, the user‘s friend set in each friend‘s query submitted to the location
servers is divided into multiple subsets by the social network server randomly. Location-based services (LBSs) are
one of the most important components in mOSNs, which provides information and entertainment service based on the
geographical position of the mobile device. The entity of users, with mobile devices, is able to communicate with
other users and share their locations. Online social network Server manages users‘ identity-related information such as
users‘ profiles and friend lists. Location server stores users‘ location information and provides LBSs according to the
requests sent from users. Here we are going to improve the user location privacy, social network privacy.
An Access Control Model for Collaborative Management of Shared Data in OSNSIJMER
This document presents a multi-party access control model for managing shared data in online social networks. It proposes that access control policies for shared data should be specified collaboratively by multiple associated users, not just the data owner. An access control policy format is defined that includes the controller, controller type, accessor, data specification, and authorization effect. A prototype application called MController is implemented that allows multiple users to specify access control policies and resolve conflicts for shared photos. An evaluation of MController found that users had a more positive view of its privacy controls compared to Facebook's default controls. Performance testing showed the policy evaluation mechanism scaled well as the number of controllers increased.
An IAC Approach for Detecting Profile Cloning in Online Social NetworksIJNSA Journal
Nowadays, Online Social Networks (OSNs) are popular websites on the internet, which millions of users register on and share their own personal information with others. Privacy threats and disclosing personal information are the most important concerns of OSNs’ users. Recently, a new attack which is named Identity Cloned Attack is detected on OSNs. In this attack the attacker tries to make a fake identity of a real user in order to access to private information of the users’ friends which they do not publish on the public profiles. In today OSNs, there are some verification services, but they are not active services and they are useful for users who are familiar with online identity issues. In this paper, Identity cloned attacks are explained in more details and a new and precise method to detect profile cloning in online social networks is proposed. In this method, first, the social network is shown in a form of graph, then, according to similarities among users, this graph is divided into smaller communities. Afterwards, all of the similar profiles to the real profile are gathered (from the same community), then strength of relationship (among all selected profiles and the real profile) is calculated, and those which have the less strength of relationship will be verified by mutual friend system. In this study, in order to evaluate the effectiveness of proposed method, all steps are applied on a dataset of Facebook, and finally this work is compared with two previous works by applying them on the dataset.
This document provides a technical review of secure banking using RSA and AES encryption methodologies. It discusses how RSA and AES are commonly used encryption standards for secure data transmission between ATMs and bank servers. The document first provides background on ATM security measures and risks of attacks. It then reviews related work analyzing encryption techniques. The document proposes using a one-time password in addition to a PIN for ATM authentication. It concludes that implementing encryption standards like RSA and AES can make transactions more secure and build trust in online banking.
This document analyzes the performance of various modulation schemes for achieving energy efficient communication over fading channels in wireless sensor networks. It finds that for long transmission distances, low-order modulations like BPSK are optimal due to their lower SNR requirements. However, as transmission distance decreases, higher-order modulations like 16-QAM and 64-QAM become more optimal since they can transmit more bits per symbol, outweighing their higher SNR needs. Simulations show lifetime extensions up to 550% are possible in short-range networks by using higher-order modulations instead of just BPSK. The optimal modulation depends on transmission distance and balancing the energy used by electronic components versus power amplifiers.
This document provides a review of mobility management techniques in vehicular ad hoc networks (VANETs). It discusses three modes of communication in VANETs: vehicle-to-infrastructure (V2I), vehicle-to-vehicle (V2V), and hybrid vehicle (HV) communication. For each communication mode, different mobility management schemes are required due to their unique characteristics. The document also discusses mobility management challenges in VANETs and outlines some open research issues in improving mobility management for seamless communication in these dynamic networks.
This document provides a review of different techniques for segmenting brain MRI images to detect tumors. It compares the K-means and Fuzzy C-means clustering algorithms. K-means is an exclusive clustering algorithm that groups data points into distinct clusters, while Fuzzy C-means is an overlapping clustering algorithm that allows data points to belong to multiple clusters. The document finds that Fuzzy C-means requires more time for brain tumor detection compared to other methods like hierarchical clustering or K-means. It also reviews related work applying these clustering algorithms to segment brain MRI images.
1) The document simulates and compares the performance of AODV and DSDV routing protocols in a mobile ad hoc network under three conditions: when users are fixed, when users move towards the base station, and when users move away from the base station.
2) The results show that both protocols have higher packet delivery and lower packet loss when users are either fixed or moving towards the base station, since signal strength is better in those scenarios. Performance degrades when users move away from the base station due to weaker signals.
3) AODV generally has better performance than DSDV, with higher throughput and packet delivery rates observed across the different user mobility conditions.
This document describes the design and implementation of 4-bit QPSK and 256-bit QAM modulation techniques using MATLAB. It compares the two techniques based on SNR, BER, and efficiency. The key steps of implementing each technique in MATLAB are outlined, including generating random bits, modulation, adding noise, and measuring BER. Simulation results show scatter plots and eye diagrams of the modulated signals. A table compares the results, showing that 256-bit QAM provides better performance than 4-bit QPSK. The document concludes that QAM modulation is more effective for digital transmission systems.
The document proposes a hybrid technique using Anisotropic Scale Invariant Feature Transform (A-SIFT) and Robust Ensemble Support Vector Machine (RESVM) to accurately identify faces in images. A-SIFT improves upon traditional SIFT by applying anisotropic scaling to extract richer directional keypoints. Keypoints are processed with RESVM and hypothesis testing to increase accuracy above 95% by repeatedly reprocessing images until the threshold is met. The technique was tested on similar and different facial images and achieved better results than SIFT in retrieval time and reduced keypoints.
This document studies the effects of dielectric superstrate thickness on microstrip patch antenna parameters. Three types of probes-fed patch antennas (rectangular, circular, and square) were designed to operate at 2.4 GHz using Arlondiclad 880 substrate. The antennas were tested with and without an Arlondiclad 880 superstrate of varying thicknesses. It was found that adding a superstrate slightly degraded performance by lowering the resonant frequency and increasing return loss and VSWR, while decreasing bandwidth and gain. Specifically, increasing the superstrate thickness or dielectric constant resulted in greater changes to the antenna parameters.
This document describes a wireless environment monitoring system that utilizes soil energy as a sustainable power source for wireless sensors. The system uses a microbial fuel cell to generate electricity from the microbial activity in soil. Two microbial fuel cells were created using different soil types and various additives to produce different current and voltage outputs. An electronic circuit was designed on a printed circuit board with components like a microcontroller and ZigBee transceiver. Sensors for temperature and humidity were connected to the circuit to monitor the environment wirelessly. The system provides a low-cost way to power remote sensors without needing battery replacement and avoids the high costs of wiring a power source.
1) The document proposes a model for a frequency tunable inverted-F antenna that uses ferrite material.
2) The resonant frequency of the antenna can be significantly shifted from 2.41GHz to 3.15GHz, a 31% shift, by increasing the static magnetic field placed on the ferrite material.
3) Altering the permeability of the ferrite allows tuning of the antenna's resonant frequency without changing the physical dimensions, providing flexibility to operate over a wide frequency range.
This document summarizes a research paper that presents a speech enhancement method using stationary wavelet transform. The method first classifies speech into voiced, unvoiced, and silence regions based on short-time energy. It then applies different thresholding techniques to the wavelet coefficients of each region - modified hard thresholding for voiced speech, semi-soft thresholding for unvoiced speech, and setting coefficients to zero for silence. Experimental results using speech from the TIMIT database corrupted with white Gaussian noise at various SNR levels show improved performance over other popular denoising methods.
This document reviews the design of an energy-optimized wireless sensor node that encrypts data for transmission. It discusses how sensing schemes that group nodes into clusters and transmit aggregated data can reduce energy consumption compared to individual node transmissions. The proposed node design calculates the minimum transmission power needed based on received signal strength and uses a periodic sleep/wake cycle to optimize energy when not sensing or transmitting. It aims to encrypt data at both the node and network level to further optimize energy usage for wireless communication.
This document discusses group consumption modes. It analyzes factors that impact group consumption, including external environmental factors like technological developments enabling new forms of online and offline interactions, as well as internal motivational factors at both the group and individual level. The document then proposes that group consumption modes can be divided into four types based on two dimensions: vertical (group relationship intensity) and horizontal (consumption action period). These four types are instrument-oriented, information-oriented, enjoyment-oriented, and relationship-oriented consumption modes. Finally, the document notes that consumption modes are dynamic and can evolve over time.
The document summarizes a study of different microstrip patch antenna configurations with slotted ground planes. Three antenna designs were proposed and their performance evaluated through simulation: a conventional square patch, an elliptical patch, and a star-shaped patch. All antennas were mounted on an FR4 substrate. The effects of adding different slot patterns to the ground plane on resonance frequency, bandwidth, gain and efficiency were analyzed parametrically. Key findings were that reshaping the patch and adding slots increased bandwidth and shifted resonance frequency. The elliptical and star patches in particular performed better than the conventional design. Three antenna configurations were selected for fabrication and measurement based on the simulations: a conventional patch with a slot under the patch, an elliptical patch with slots
1) The document describes a study conducted to improve call drop rates in a GSM network through RF optimization.
2) Drive testing was performed before and after optimization using TEMS software to record network parameters like RxLevel, RxQuality, and events.
3) Analysis found call drops were occurring due to issues like handover failures between sectors, interference from adjacent channels, and overshooting due to antenna tilt.
4) Corrective actions taken included defining neighbors between sectors, adjusting frequencies to reduce interference, and lowering the mechanical tilt of an antenna.
5) Post-optimization drive testing showed improvements in RxLevel, RxQuality, and a reduction in dropped calls.
This document describes the design of an intelligent autonomous wheeled robot that uses RF transmission for communication. The robot has two modes - automatic mode where it can make its own decisions, and user control mode where a user can control it remotely. It is designed using a microcontroller and can perform tasks like object recognition using computer vision and color detection in MATLAB, as well as wall painting using pneumatic systems. The robot's movement is controlled by DC motors and it uses sensors like ultrasonic sensors and gas sensors to navigate autonomously. RF transmission allows communication between the robot and a remote control unit. The overall aim is to develop a low-cost robotic system for industrial applications like material handling.
This document reviews cryptography techniques to secure the Ad-hoc On-Demand Distance Vector (AODV) routing protocol in mobile ad-hoc networks. It discusses various types of attacks on AODV like impersonation, denial of service, eavesdropping, black hole attacks, wormhole attacks, and Sybil attacks. It then proposes using the RC6 cryptography algorithm to secure AODV by encrypting data packets and detecting and removing malicious nodes launching black hole attacks. Simulation results show that after applying RC6, the packet delivery ratio and throughput of AODV increase while delay decreases, improving the security and performance of the network under attack.
The document describes a proposed modification to the conventional Booth multiplier that aims to increase its speed by applying concepts from Vedic mathematics. Specifically, it utilizes the Urdhva Tiryakbhyam formula to generate all partial products concurrently rather than sequentially. The proposed 8x8 bit multiplier was coded in VHDL, simulated, and found to have a path delay 44.35% lower than a conventional Booth multiplier, demonstrating its potential for higher speed.
This document discusses image deblurring techniques. It begins by introducing image restoration and focusing on image deblurring. It then discusses challenges with image deblurring being an ill-posed problem. It reviews existing approaches to screen image deconvolution including estimating point spread functions and iteratively estimating blur kernels and sharp images. The document also discusses handling spatially variant blur and summarizes the relationship between the proposed method and previous work for different blur types. It proposes using color filters in the aperture to exploit parallax cues for segmentation and blur estimation. Finally, it proposes moving the image sensor circularly during exposure to prevent high frequency attenuation from motion blur.
This document describes modeling an adaptive controller for an aircraft roll control system using PID, fuzzy-PID, and genetic algorithm. It begins by introducing the aircraft roll control system and motivation for developing an adaptive controller to minimize errors from noisy analog sensor signals. It then provides the mathematical model of aircraft roll dynamics and describes modeling the real-time flight control system in MATLAB/Simulink. The document evaluates PID, fuzzy-PID, and PID-GA (genetic algorithm) controllers for aircraft roll control and finds that the PID-GA controller delivers the best performance.
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3Data Hops
Free A4 downloadable and printable Cyber Security, Social Engineering Safety and security Training Posters . Promote security awareness in the home or workplace. Lock them Out From training providers datahops.com
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
D01112030
1. IOSR Journal of Computer Engineering (IOSR-JCE)
e-ISSN: 2278-0661, p- ISSN: 2278-8727Volume 11, Issue 1 (May. - Jun. 2013), PP 20-30
www.iosrjournals.org
www.iosrjournals.org 20 | Page
OSN: Privacy Preserving Policies
Shahina K1, Anand Pavithran2
(M E S College OfEngineering, India)
(M E S College Of Engineering, India)
Abstract: Online Social Networks (OSN) have become enormously popular in recent years. OSN enable people
to connect with their friends based on sharing details about their personal information, but they present a
number of privacy risks to their users. There are di_erent privacy preserving policies or mechanisms to handle
the privacy issues. The main such proposed policies are:
Safebook: A Privacy-PreservingOnline Social Network Leveraging on Real-
Life Trust
Lockr: Better Privacy for Social Networks
fl yByNight: Mitigating the Privacy Risks of Social Networking Persona: An Online Social Network with
User-Defined Privacy
Safebook is a new approach that tackles the security and privacy problemswith a special emphasis on the
privacy of users with respect to the application provider in addition to defense against intruders. Lockr
improves the privacy of centralized and decentralized online content sharing systems. Third one, aim to mitigate
the privacy risk by presenting a new architecture for protecting information published through the social
networking website, Facebook, through encryption privacy control. In Persona, users dictate who may access
their information. The architecture and implementation of the four mechanisms are different. The different
privacy preserving policies have been compared on the basis of three parameters: Trust on OSN provider,
Flexible grouping and Type of architecture and found that Persona is relatively better method.
Keywords - Integrity, Matryoshka, Insider attack, Time to live.
I. Introduction
The Internets wide adoption has contributed to online social networking sites thriving popularity.Over
the past several years, several social networking sites have arisen to facilitate social interactions on the Internet
while revolutionizing how online users interact with their friends, coworkers, colleagues, family, and even
strangers. Most social networking sites offer the basic features of online interaction, communication, and
interest sharing, letting individuals create online profiles thatother users can view.One of the most important
issues we must immediately address in this context is the security and privacy of sensitive information provided
by the users.
1.1 SECURITY OBJECTIVES IN OSN
In the context of OSNs, we generally identify three main security objectives, privacy, integrity and
availability, which come in slightly different flavors than in traditional systems.
1.1.1 Privacy
The protection of the users privacy to be the main objective for SNS. Privacy not only encompasses
the protection of personal information, which users publish on their profiles, presumably accessible by their
contacts only. Additionally, communication privacy has to be met. Hence, none but directly addressed or
explicitly trusted parties may have the possibility to trace which parties are communicating. Privacy calls for the
possibility to hide any information about any user, even to the extent of hiding their participation in the OSN in
the first place. Moreover privacy has to be met by default; that is, all information on all users and their actions
has to be hidden from any other party internal or external to the system, unless explicitly disclosed by the users
themselves.
1.1.2 Integrity
As part of integrity, the users identity and data must be protected against unauthorized modification
and tampering. In addition to conventional modification detection and message authentication, integrity in the
context of OSNs has to be extended: parties in an OSN are not arbitrary devices, but real, unambiguously
identifiable persons. In consequence, the authentication has to ensure the existence of real persons behind
registered OSN members.
2. OSN: Privacy Preserving Policies
www.iosrjournals.org 21 | Page
1.1.3 Availability
The data published by users has to be continuously available in OSNs. Availability of user profiles is
consequently required as a basic feature, even though considering recreational use, the availability of
somecontent may not seem a stringent requirement. In OSNs, this availability specifically has to include
robustness against censorship, and the seizure or hijacking of names and other key words. Apart from
availability of data access, availability has to be ensured along with message exchange among members.
1.2 SECURITY ANALYSIS OF OSN
First of all, there is a model for social network service, to get an overview on the aim and possible
implementation schemes of SNS. SNS can be divided into three different levels (Fig. 1.1):
• A social network(SN) level: The digital representation of members and their
Relationships
• An application services (AS) level: The application infrastructure, managed by the SNS provider
• A communication and transport(CT) level: Communication and transport services as provided by the network
Figure 1.1: OSN levels: three architectural layers of SNS
The SN level provides each member with a set of functions corresponding to social interactions in the real life,
like finding friends, accessing profiles, commenting, and the like. To implement these functions, the SN level
relies on the AS level. This second level includes the infrastructure managed by the SNS provider, together with
basic services to create the SN service, such as web access, storage, and communication. Data storage and
retrieval, indexing of content, management of access permissions to data, and node join or leave are
implemented in a centralized or decentralized, distributed fashion on the AS level. Other than these inside
attackers that primarily seem to be legitimate participants in the system but act in a malicious way in some
cases, there may be external attackers, orintruders. An intruder can perpetrate attacks at one or more
of the SNS levels.
II. Literature Survey
2.1 PRIVACY PRESERVING POLICIES
There are different privacy preserving policies for OSNs. The four such recently proposed policies are:
• Safebook: A Privacy-PreservingOnline Social Network Leveraging on Real Life Trust
• Lockr: Better Privacy for Social Networks
• flyByNight: Mitigating the Privacy Risks of Social Networking • Persona: An Online Social Network with User-
Defined Privacy
2.1.1 Safebook
The privacy of users data is at risk due to the central storage and management and hence threatened
by potentially malicious service providers or unintended access following short sighted publication, security
breaches, or plain misconfiguration of the OSN. It inherently cannot be ensured with centralized serve based
architectures on which all existing OSNs rely. Peer-to-peer architectures seem to offer a suitable alternative to
the centralized approach as the basis for a decentralized OSN, avoiding the all knowing service provider. As a
major drawback, P2P systems suffer from a lack of a priori trust, thus creating the need for cooperation
incentives. Safebook is a decentralized OSN based on a P2P architecture where by basic security and privacy
problems as well as the lack of a priori trust and incentives are addressed by leveraging on real life trust between
users, such that services like data storage or profile data routing are performed by peers who trust one another in
the social network.
3. OSN: Privacy Preserving Policies
www.iosrjournals.org 22 | Page
2.1.1.1 Safebook: Security Based On Real-life Trust
Safebook consists of a three-tier architecture with a direct mapping of layers to the OSN levels depicted
in Fig. 2.1 as follows:
• The user-centered social network layer implementing the SN level of the OSN
• The P2P substrate implementing the AS services
• The Internet, representing the CT level
Each party in Safebook is thus represented by a node that is viewed as a host node in the Internet, a peer node
in the P2P overlay, and a member in the SN layer. The nodes in Safebook form two types of overlays:
• A set of matryoshkas, concentric structures in the SN layer providing data storage and communication privacy
created around each node
• A P2P substrate providing lookup services
In addition to these nodes, Safebook also features a trusted identification service(TIS), providing each node
unambiguous identifiers: the node identifier for the SN level and a pseudonym.
Figure 2.1: Safebook overlays and main components
Matryoshka: Matryoshkas are concentric rings of nodes built around each members node in order to provide
trusted data storage, profile data retrieval, and communication obfuscation through indirection. Each matryoshka
thus protects the node in its center, the core, which on the SN layer is addressed by its node identifier. The nodes
in the matryoshka are connected through radial paths on which messages can be relayed recursively from the
outermost shell to the core and vice versa. The innermost and outermost shells of a matryoshka have a specific
role: the innermost shell is composed of direct contacts of the core, and each of them stores the cores data in an
encrypted form. Hence, they are called the mirrors. Every node in the outermost shell acts as a gateway for all
data requests addressed to the core, and is thus called an entry point.
P2P system: In order to provide a location service to find entry points for a users matryoshka, the nodes create a
P2P substrate. Unlike the path across a matryoshka, the communication through the P2P layer does not rely on
trusted links TIS: The TIS ensures that each Safebook user gets at most one unique identifier in each category of
identifiers. Based on an out-of-band identification procedure, the TIS grants each user a unique pair of a node
identifier and a pseudonym, computed as the result of a keyed hash function on the set of properties that
uniquely identify a party in real life.
2.1.1.2 Operations
Safebook implements different OSN operations:
• Account creation • Data publication
• Data retrieval
• Contact request and acceptance
• Message management
Account Creation: In order to join Safebook, a new member V has to be invited by one of its real life friends A
that must already be a registered user. Vs account is then created in the two steps of identity creation and
matryoshka creation.
Identity creation: After As invitation, V provides the TIS with its identity property set name together
with a proof of owning it. The TIS then computes the node identifier of V and its pseudonym by applying two
different keyed hash functions with two different unknown master keys to name. It becomes evident that even if
a valid member V repeats the account creation operation multiple times, it will always receive the same
4. OSN: Privacy Preserving Policies
www.iosrjournals.org 23 | Page
pseudonym and node identifier, since they are a function of Vs identity itself.
Matryoshka creation: V has only A as a contact to start with, so it sends A request for path creation
containing the distributed hash table (DHT) lookup keys it wants to register, a time to live (ttl), and the number of
members to whom A should forward the request, hereafter called the spanfactor. A then selects between its
friends a number span of next hops and forwards them this registration message. This process is recursively done
until the ttl expires. The receiving node Dregisters the lookup key in the P2P system together with its reference
Id.
Data Publication: The data managed in SNS can be generalized to:
• Profile information
• Contact relations
• Messages
The profile information is the part of the data each user intends to publish. Contact relations represent a
members real life relations and can be seen as the friend list of the use. Safebook each user associates a
particular trust level to each of its contacts. This level is used to select closely related contacts that primarily will
store the published data. Finally, personal messages or comments on profiles can be exchanged between
members. In case of comments, the receiver has the right to publish or discard them. To guarantee privacy, data
in Safebook can be private, protected, or public: in the first case the data is not published, in the second case it is
published and encrypted, and in the third case it is published without encryption.
Data Retrieval: The lookup of Vs data through member U starts with a recursive query in the P2P
system: according to the DHT structure, the node responsible for the lookup key responds with the entrypoint
list building Vs outer shell. Consequently, U can request that one of Vs entry points forward the request through
Vs matryoshka until a mirror is reached.Vs encrypted data then reaches U through the inverse path (Fig. 2.2 ).
The protocol of Safebook uses recursion to hide the source of requests. Additionally, the addressing and routing,
for both P2P lookup and data retrieval using the matryoshkas, are based on the pseudonyms of nodes. Attackers
consequently have no means to identify a source of a request for some content, as there is no way to distinguish
between generated and forwarded requests.
Contact Request and Acceptance: A member U that wants to add another member V to its contact list
sends a contact request message following the same steps as in the data request case. Assuming V accepts U as a
new contact, V associates with U a certain trust level and sends it back an opportune key that will enable U to
decrypt the selected parts of Vs published encrypted data. Message Management: Offline messaging, such as
wall posts, recommendations, and other annotations to a profile, is implemented using the steps of retrieving
some members data, decrypting the shared parts, annotating some content, and sending this data back, signed
with the key bound to the annotators node identifier and encrypted with the public key bound to the receivers
node identifier. Real-time messages, like chats, are forwarded to and handled by the core solely and responded
to with an error message if the core is offline.
Figure 2.2: Data lookup and retrieval
2.1.2 Lockr
It is a system that offers three key privacy benefits for OSN users.
• Social attestationsto decouple social network-ing information from other OSN functionality:
Lockr users need not provide a full copy of their social network to each online site they use to host their
5. OSN: Privacy Preserving Policies
www.iosrjournals.org 24 | Page
personal content. Instead, they exchange social attestations: application independent small pieces of digitally
signed meta data issued by one person to another that encapsulate social relationships. The recipient of a social
attestation can use it to prove the social relationship to any online system.
• The WHPOK protocol to protect social information from disclosure:
Lockr prevents an OSN from re-using the digitally signed social relationships revealed when users access their
data by applying to the attestation verification mechanism a variant of zero-knowledge protocols, called
awitness hiding proof of knowledge (WHPOK) protocol. This lets users prove the existence of a social rela-
tionship without providing a verifiable copy of the attestation that Web sites could store and later reuse.
• Relationship keys to solve social deadlock:
Sharing information in decentralized scenarios, such as peer-to-peer scenarios, give rise to the following
problem: two peers would like to exchange content with each other only if they share a specific common friend,
yet neither wants to reveal this social relationship to a random peer that does not share this common friend. This
creates a form of deadlock, where each peer is waiting on the other one to reveal its relation-ship first. Lockr lets
peers encrypt their communication to each other using a key specific to a relationship. In this way, no receiving
peer can decrypt a message unless it has the same social relationship as the messages sender.
2.1.2.1 Design Concepts and Components The components that comprise Lockr are:
• Personal Identities and Address Books
In Lockr, a personal identity is simply a public/private key pair. Identities are generated in a decentralized
manner, and individuals are in control of how these identities are shared. People can share their public keys with
their social networks in the same way they share their names, addresses, and phone numbers. When issuing an
attestation to a friend, a user retrieves the friends public key from their local address book and designates it (i.e.,
the friends identity) as the recipient of the attestation. Thus, people must be careful to record cor-rectly their
friends public keys; otherwise, attestations can be issued to nonexistent or even malicious identities.
• Social Attestations
A social attestation is a piece of data that certifies a social relationship. An attestation has six fields: an issuer, a
recipient, a social relationship, an expiration date, a relationship key and a digital signature (Figure 2.3 depicts
an attestation in XML format). By issuing an attestation, the issuer tells a recipient that they have formed a
relationship. Two parties can share more than one attestation since two people can have more than one
relationship. Attestations also have an expiration date, and they are signed to prevent anyone from tampering
with them.
Figure 2.3: The XML-based format of an attestation
• Social Access Control Lists (ACLs)
A traditional ACL enumerates the identities of those al-lowed access to certain objects. In contrast, a social ACL
does not rely only on identities to specify access control. Instead, they can also allow access to objects based on
the social relationship that an individual has with the objects owner. A social ACL contains the owners public
key, the public keys of all people who can access the object (as in traditional ACLs), and a social relationship
When a user requests access to an object protected by a social ACL, the ACL enforcer first provides the ACL to
the requester. The requester then uses it to access an object, the user must either: (1) have their public key listed
in the social ACL, or (2) present an attestation issued to them by the owner certifying the relationship listed in the
ACL. We also use XML to format social ACLs (fig.2.4).
6. OSN: Privacy Preserving Policies
www.iosrjournals.org 25 | Page
Figure 2.4: The XML-based format of a social ACL
2.1.2.2 Design Goals for Privacy
The main design goals include: (1) putting users in control of their social information by decoupling it from all
other functionality of an OSN site, (2) preventing OSN providers from reusing social information revealed by
users when requesting access to their friends content, and (3) improving the privacy of peers participating in a
P2P online social network
.• Decoupling Social Networking Information from OSNs
Lockr uses social attestations to encapsulate social networking information. Social attestations are OSN
independent; they can be issued and exchanged from person to person. There are many convenient ways to
issue attestations, such as over e-mail or over a cell phone Bluetooth interface. Lockr does not require the
recipient to acknowledge receiving the attestation, although this could be added by a higher level protocol.
• Protecting Social Information
People are reluctant to expose their sensitive social relationships to third party sites. When they have no choice,
they may seek assurance that these sites will not abuse the privilege of holding this information by re selling it
to others. Lockr is designed to make social information non transferable. Lockr ensures that no one can prove the
validity of an attestation other than its issuer and recipient. Thus, when OSN providers learn about an attestation,
they cannot transfer this information to others.
• Resolving Social Deadlock
In a decentralized scenario, two peers who do not know each other but share a common friend should be able to
verify these social relationships with no loss of privacy. This scenario is challenging because each peer wants to
first verify the others social relationship before exchanging content. Lockr solves this problem through the use
of relationship keys.
Lockr encrypts an attestation with its relationship key before presenting it to any other party. As its name
suggests, the relationship key is specific to a particular relationship; no relationship key can belong to more than
one relationship. Its purpose is to protect the confidentiality of the information contained in an attestation during
the verification process. The relationship key, shared by all who have that same relationship with the issuer,
must also be shared with any entity that needs to enforce a social ACL, such as a third party Web site that hosts
the content. This ensures that only people who have a copy of this relationship key can decrypt the attestation.
Lockrs attestation verification protocols make use of the WHPOK protocol and relationship keys to offer its
privacy properties. Lockr can perform two kinds of attestation verification depending on the usage scenario. In
the first scenario, an OSN site verifies the attestation. In this case, the verification process is one way: the person
seeking access uses the WHPOK protocol to verify the attestation. The second is a peer-to-peer scenario. In this
case, the verification process is two-way: both peers wanting to exchange content with each other use the
WHPOK protocol to verify the attestation.
2.1.3 flyByNight
flyByNight aim to mitigate the privacy risks in OSNs by creating a new architecture for protecting
information published through the social networking website, Facebook, through encryption. Our architecture
makes a trade off between security and usability in the interests of minimally affecting users' workflow and
maintaining universal accessibility.
2.1.3.1 flyByNight Architecture
This application has the following goals:
7. OSN: Privacy Preserving Policies
www.iosrjournals.org 26 | Page
• Protect personal information transmitted to Facebook by means of encryption
• Ensure that Facebook servers never store cleartext data or private key material and that clear text data
never appear on the Internet
• Support one-to-one and one-to-many communication
• Maintain universal accessibility and ease of use of Facebook
• Allow Facebook to manage social network friend relationships
• Use the Facebook interface for key management, storing as much key in formation on the server as possible
The last two goals represent a compromise between usability, security, and privacy. A fully private solution
would not reveal even friendship relationships toFacebook; however, this would require abandoning the
Facebook architecture, along with its large existing network of friends and useful search features. Similarly, using
the Facebook interface for key management introduces some risks, but this design allows users to easily access
and use the application from any web browser, requiring only the additional burden on the user of having to
remember a single extra password.
The architecture is shown in Figure 2.5. When a user first interacts with the application, he generates a
public/private key pair and provides a password. The key generation and other cryptographic operations are
performed in client side JavaScript. The password is used to encrypt the private key. The encrypted private key
is then transmitted to the flyByNight application server via Facebook servers and stored in a key database on the
flyByNight server.
Figure 2.5 flyByNight architecture
When a user wishes to send a private message or make an update to profile or status information, he first enters
the message text into the application. The application always has access to a complete list of the users friends
who have also installed the application and their public keys, and from this list the user selects which friends to
whom he would like the message to be delivered. The client side Java Script encrypts the message with the
necessary public keys and tags the encrypted versions with the ID numbers of their intended recipients before
sending them via Facebook to a message database on the flyByNight server, where they reside. The existence of
these messages is public, but their contents are encrypted.
To read messages, the user queriesthe message database for a list of all encrypted messages sent to him
and receives a list of message handles. When a user requests a specific message, the cipher text of the message
is delivered. The user decrypts his own private key by supplying his password, and he decrypts the message using
his private key. This model can easily be adapted to handle profiles and status messages by allocating in the
message database for each user a field to hold his profile text, a field to hold his status message, and so on, with
the contents of that field being replaced with a new message containing the users new profile or status every
time he makes an update.
2.1.3.2 Implementation
A fully functional prototype implementation of the flyByNight architecture as a Facebook application.
The application is accessible through Facebook under the URL http://apps.facebook.com/flybynight. A
screenshot of the application in action is shown in Figure 2.6.
Cryptographic Tools:
Implementation is based upon open source JavaScript implementations ofAES and RSA . The first
challenge faced was the limitations imposed on JavaScript by the Facebook platform. Facebook rewrites the
JavaScript supplied by the application developer to reduce the possibilities of cross site attacks.Variables are
8. OSN: Privacy Preserving Policies
www.iosrjournals.org 27 | Page
renamed and certain functions are disabled. In addition, Face book imposes a limit on the total size of the
JavaScript code that an application is able to use.
Figure 2.6: yByNight Facebook Application
One-to-Many Communication:
In Facebook, a user typically makes a single update to a profile, status message, or wall that
mustimmediately become visible to all his friends at once. To provide a private way to perform such actions,
flyByNight supports a one-to-many operation that encrypts a single message for a group of friends. This
operation cannot be handled by simple iteration because users commonly have a hundred friends or more, and so
a simple implementation of one-to-many encryption would therefore be a hundred or more times slower than a
single encryption would, since the message would be individually encrypted for each friend.
User Interface Concerns:
The most important requirement is that the implementation had to be universally accessible as a Web
application, just as Facebook is, without any technical knowledge required of the user or binary code. It was
imperative that flyByNight maintain the simplicity and platform-independence afforded by Facebook's web
interface.
Images:
One goal that was unable to achieve with the flyByNight implementation is encryption of photographs. Photos
on Facebook have great potential to be compromising to the individuals pictured in them, and providing them
9. OSN: Privacy Preserving Policies
www.iosrjournals.org 28 | Page
with the same protection as status updates or one-to-one communication would clearly be desirable.
Unfortunately, the JavaScript architecture makes doing so quite difficult. In particular, JavaScript is unable to
read local files from a disk. Files must be uploaded to a server first before they can appear in a JavaScript buffer.
Such an upload over the Internet in the clear would obviously defeat the purpose of encryption. A helper
application to upload photos could be used, but then that would restrict the accessibility of the social network,
since users would not be able to upload photos from dumb clients such as mobile phones.
2.1.4 PERSONA
Persona is an OSN where users dictate who may access their information. Persona hides user data with
attribute- based encryption (ABE), allowing users to apply fine grained policies over who may view their data.
Persona provides an effective means of creating applications in which users, not the OSN, define policy over
access to private data.
Persona achieves privacy by encrypting private content and prevents misuse of a user's applications through
authentication. Persona allows users to store private data persistently with intermediaries, but does not require
that users trust those intermediaries to keep private data secret. Modern web browsers can support the
cryptographic operations needed to automatically encrypt and decrypt private data in Persona with plugins that
intercept web pages to replace encrypted contents. Lastly, Persona divides the OSN entities into two categories:
users, who generate the content in the OSN, and applications, which provide services to users and manipulate the
OSN content.
Group Key Management:
Persona users define groups and users generate and use keys corresponding to groups. Keys guard access to two
types of objects in Persona: user data and abstract resources. In Persona, all users store their data encrypted for
groups that they define. Any user that can name a piece of data may retrieve it, but they can only read it if they
belong to the group for which the data was encrypted. Abstract resources represent non data objects, for example,
a user's storage space or a Facebook Wall.We use the notation shown in Figure 2.7 in the algorithm listings.
2.1.4.1 Operations
Persona operations allow users to manage group membership and mandate access to resources. The operations
combine ABE and traditional cryptography, allowing individuals to be securely added to groups de_ned using
ABE and allowing group members authenticated access to abstract resources.
Define Relationship:
Users invoke the DefineRelationship function to add individuals to a group.The user generates an appropriate
attribute secret key using the ABEKeyGen function, encrypts this key using the target user's public key, and
stores the encrypted key on her storage service. The target user can retrieve this encrypted key.(Fig 2.8)
DefineTransitiveRelationship:
The DefineTransitiveRelationship function allows a user Alice to define groups based on a group defned by
another user, Bob. Alice creates a new attribute to describe the new group bob-friend and generates an ASK bob-
friend with that attribute. Alice encrypts ASK bob-friend with the access structure using Bob's attribute public
key and stores the ciphertext on her storage service. (Algorithm2 in Fig 2.9) Users with the attribute may retrieve
and decrypt this key and use it to view the content encrypted within Alice's ABE domain. Alice may include a
traditional keypair, used for authentication to ACLs, in the cipher text C
Figure 2.7: Notations
10. OSN: Privacy Preserving Policies
www.iosrjournals.org 29 | Page
Figure 2.8: Algorithm 1
Figure 2.9: Algorithm 2
AssignRightsToIdentity:
Resource owners use AssignRightsToIdentity to provide other users specifirights to named resources. An
example of such a right would be the ability to storedata on another user's storage service.(Fig 2.10)
Figure 2.10: Algorithm 3
To assign rights, the user instructs the resource's home to add a (public key,set of rights ) pair to the
resource's ACL. If the public key was already in the ACL, then the rights are changed to those specifed in the new
rights set (Algorithm 3).
AssignRightsToGroup:
The AssignRightsToGroup function allows a user Alice to provide resource access to a group G rather than to an
individual.The group is speci_ed using attributes de_ned in Alice's ABE domain. (Algorithm 4, Fig 2.11 ).
First, Alice creates a new (TPK ,TSK ) pair speci_cally for G. Alice ABE-encrypts this keypair with an
access structure that identi_es members of G. Alice stores the resulting ciphertext on her storage service. This pair
of PKC keys becomes the group identity and Alice can assign rights according to AssignRightsToIdentity.
Figure 2.11: Algorithm 4
11. OSN: Privacy Preserving Policies
www.iosrjournals.org 30 | Page
2.1.4.2 Revocation of Group Membership
Removing a group member requires rekeying: all remaining group members must be given a new key.
Data encrypted with the old key remains visible to the revoked member. The nominal overhead is linear in the
number of group members but can be reduced . An ABE message can be encrypted with an access structure that
specifies an inequality and the message can be decrypted only if a user possesses a key that satisfies the access
structure.
2.1.4.3 Publishing and Retrieving Data
Private user data in Persona is always encrypted with a symmetric key. The symmetric key is encrypted
with an ABE key corresponding to the group that is allowed to read this data.This two phase encryption allows
data to be encrypted to groups; reuse of the symmetric key allows Persona to minimize expensive ABE
operations. Users put (encrypted) data onto their storage service and use applications to publish references to their
data. Data references have the specific format. The tag and storage service specify how to retrieve the encrypted
data item, and the key-tag and key-store specify how to obtain a decryption key.
III. Performance Comparison
Privacy concerns in OSN have been repeatedly raised in the last few years. There are a few architecture
that provide the ability for users to protect their privacy. TABLE 3.1 summarizes the comparison of important
privacy preserving mechanisms proposed for OSNs.
Safebook is completely trusted on OSN provider and adopts decentralized architecture. Flexible grouping is
available here. Lockr trust OSN provider and a third party server. It is centralized and exible grouping is also
possible.The third one, flyByNight relies on trustworthy of both yByNight servers and OSN. The user can only
communicate with one group at any given time and adopts a centralized architecture. Persona provides an effctive
means of creating applications in which users, not the OSN, define policy over access to private data.
It uses decentralized architecture and flexible grouping is also possible here. So it is the better method among
these policies.
IV. Conclusion
There are many benefits in joining the social networks, but online users require some restricting
mechanism on access to their personal data. There are a several architectures that provide the ability for users to
protect their privacy. Four types of recently proposed privacy preserving policies on OSNs are: (1). Safebook;
(2). Lockr; (3). yByNight; (4). Persona. These are compared using different performance parameters such as
trust on OSN provider, type of architecture, and possibility of flexible grouping. It is concluded that Persona is
relatively better method among these policies based on the specified parameters.
References
[1] L.A.Cutillo,R.molva, and T.Strufe Safebook:A privacy-preserving online social network leveraging on real-life trust,
Communications Magazine, IEEE,vol.47, no.12, pp.94-101, Dec. 2010
[2] Amin Tootoonchian, Stefan Saroiu,and Yashar Ganjali, Lockr: better privacy for social networks, CoNEXT '09.ACM Dec.2009
[3] Lucas Matthew M, Nikita Borisov, flyByNight: Mitigating the Privacy Risks of Social Networking, WPES Proceeding ACM 2009.
[4] Randy Baden, Adam Bender, and Neil Spring, Persona: an online social network with user-defined privacy, SIGCOMM '09
Proceeding,Vol.39, pp.135-146, ACM 2009