November 2014: Trust and Privacy Exploitation in Online Social Networks

posted Nov 11, 2014, 4:03 AM by Symeon Papadopoulos
Kaze Wong, Angus Wong, Alan Yeung, Wei Fan, Su-Kit Tang, "Trust and Privacy Exploitation in Online Social Networks", IT Professional, vol.16, no. 5, pp. 28-33, Sept.-Oct. 2014, doi:10.1109/MITP.2014.79

Abstract: Online social networks have been typically created for convenience -so they haven't been built from the ground up with security in mind. They often have confusing privacy settings and are susceptible to various kinds of attacks that exploit users' trust and privacy. In this article, the authors discuss security pitfalls in today's social networks, briefly introducing common attack methods. They implemented a proof-of-concept Facebook app, which is actually a harmless malware that uses common attack methods to demonstrate the vulnerability of online social networks. Although today's online social networks commonly offer users a variety of security settings, users tend to trust the information obtained from online social networks regardless of the settings. This kind of user mentality can be more crucial than technical aspects in determining the level of security in online social networks.