This document discusses security and privacy issues related to social networks. It identifies different types of social networks and factors that influence social network selection like ease of use, friends using the network, and privacy and security. The document outlines key threats including identity theft through profile cloning, spam attacks, malware spreading, and privacy and data sharing issues. It provides statistics on common social network threats and outlines potential solutions for social networks to better protect user privacy and security.

1. 1

2.  Personal Social Networks
 Status Update Social Networks
 Location Social Networks
 Content Sharing Social Networks
 Shared Interest Social Networks
2

3. 3

4. 4

5. Influencing factors in selecting a social
network
• Ease of use
• Friends use it
• Privacy
• Security
5

6. Shared Information
Profile data
Graph Data
Activity Data
 Third party application access
 Poor implementation
 Lack of awareness
6

7. 7

8. 1.Identity Theft Issues
- Profile Cloning
Existing Profile Cloning
Cross site Profile Cloning
- Social Phishing
8

9. 2. Spam Issues
- Spam attack on social networking sites
- Email based spam attack on social network users
Broadcast spam
Context-aware spam
- Http session hijacking
9

10. 10

11. 3.Malware Issues
Spreading malware across social networks
- Fake accounts/ profiles
- Social network API
- Driven by download attack
- Shortened and hidden links
- Cross-Site scripting attack
11

12. 12

13. 13
Threats percentage-pose on social networks (Sophos 2010
Security Threat Report)

14.  Customize user profile data
 Link previews
 Private messaging
 HTTPS secured Twitter browsing
14

15.  2013
 250,000 users
 Limited user information
User names
Email Addresses
Sessions tokens
Encrypted versions of passwords
15

16.  [1] Wajeb Gharibi, Maha Shaabi, “Cyber Threats in Social Websites”, College of
Computer Science & Information Systems Jazan University, Kingdom of Saudi Arabia
 [2] Joseph Bonneau, “Security & Privacy in Online Social Networks” University of
Cambridge, Computer Laboratory
 [3] William F. Pelgrin, “Security and Privacy on Social Networking Sites”, Multi-State
Information Sharing & Analysis Center (MS-ISAC) Monthly Security Tips
NEWSLETTER, March 2010
 [4] Dr. Paul Judge, Chief Research Officer, “2011 Social Networking Security and
Privacy Study”, Barracuda Networks Inc.
 [5] George Danezis, “Inferring Privacy Policies for Social Networking Services”
Microsoft Research, Cambridge,
 [6] Dolvara Gunatilaka, “A Survey of Privacy and Security Issues in Social Networks”
(http://www.cse.wustl.edu)
 [7] Aaron Beach, Mike Gartrell, Richard Han “Solutions to Security and Privacy Issues
in Mobile Social Networking” University of Colorado at Boulder
 [8] Catherine Dwyer; Pace University, Starr Roxanne Hiltz ;New Jersey Institute of
Technology, Katia Passerini ;New Jersey Institute of Technology, “Trust and privacy
concern within social networking sites: A comparison of Facebook and MySpace”
 [9] “Social Networks Overview: Current Trends and Research
Challenges”, Coordinated by the “nextMEDIA” CSA. Supported by the Future Media
Networks cluster. NEXT-Media is supported by FP7, DG Information Society, Unit D2
Networked Media
16

17. Thank You
17