Skip to main content
SpringerLink
Log in

Online Social Networks Security: Threats, Attacks, and Future Directions

  • Chapter
  • First Online:
Social Media Shaping e-Publishing and Academia

Abstract

A list of well-known Online Social Networks extend to hundreds of available sites with hundreds of thousands, millions, and even billions of registered accounts; for instance, Facebook as of April 2016 has around two billion active users. Online Social Networks made a difference in many people’s lives and helped in opening avenues that were not possible before. However, as in any success story there is a downside. Cyber-attacks that used to have a small or limited effect can now have a huge distributed effect through utilizing those social network sites. Some attacks are more apparent than others in this context; hence this chapter discusses how serious attacks are possible in online social networks and what has been done to encounter them. It will discuss privacy, Sybil attacks, social engineering, spam, malware, botnet attacks, and the trade-off between services, security, and users’ rights.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 54.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Adusumalli SK, Vatsavayi VK, Vadisala J (2014) A study of privacy attacks on social network data. J Glob Res Comput Sci 5(7):12–18

    Google Scholar 

  2. Ahmed F, Abulaish M (2012) An mcl-based approach for spam profile detection in online social networks. In: 11th International conference on trust, security and privacy in computing and communications (TrustCom), 2012. IEEE, pp 602–608

    Google Scholar 

  3. Alqatawna J (2015) An adaptive multimodal biometric framework for intrusion detection in online social networks. IJCSNS Int J Comput Sci Netw Secur 15(4):19–25

    Google Scholar 

  4. Alqatawna J, Faris H, Jaradat K, Al-Zewairi M, Adwan O (2015) Improving knowledge based spam detection methods: the effect of malicious related features in imbalance data distribution. Int J Commun Netw Syst Sci 8:118–129

    Google Scholar 

  5. Alvisi L, Clement A, Epasto A, Lattanzi S, Panconesi A (2013) Sok: the evolution of sybil defense via social networks. In: 2013 IEEE Symposium on security and privacy (SP), pp 382–396

    Google Scholar 

  6. Athanasopoulos E, Makridakis A, Antonatos S, Antoniades D, Ioannidis S, Anagnostakis KG, Markatos EP (2008) Antisocial networks: turning a social network into a botnet. In: Information security. Springer, New york, pp 146–160

    Google Scholar 

  7. Backstrom L, Dwork C, Kleinberg J (2007) Wherefore art thou r3579x?: anonymized social net- works, hidden patterns, and structural steganography. In: Proceedings of the 16th international conference on World Wide Web. ACM, pp 181–190

    Google Scholar 

  8. Backstrom L, Leskovec J (2011) Supervised random walks: predicting and recommending links in social networks. In: Proceedings of the fourth ACM international conference on web search and data mining, WSDM’11. ACM, New York, NY, USA, pp 635–644

    Google Scholar 

  9. Baden R, Bender A, Spring N, Bhattacharjee B, Starin D (2009) Persona: an online social net- work with user-defined privacy. SIGCOMM Comput Commun Rev 39(4):135–146

    Article  Google Scholar 

  10. Beach A, Gartrell M, Han R (2009) Solutions to security and privacy issues in mobile social networking. In: Computational science and engineering, 2009, CSE’09, vol. 4, pp 1036–1042

    Google Scholar 

  11. Benevenuto F, Rodrigues T, Cha M, Almeida V (2012) Characterizing user navigation and in- teractions in online social networks. Inf Sci 195:1–24

    Article  Google Scholar 

  12. Beutel A, Xu W, Guruswami V, Palow C, Faloutsos C (2013) Copycatch: stopping group attacks by spotting lockstep behavior in social networks. In: Proceedings of the 22nd interna- tional conference on World Wide Web international World Wide Web conferences steering committee, pp 119–130

    Google Scholar 

  13. Bilge L, Strufe T, Balzarotti D, Kirda E (2009) All your contacts are belong to us: automated identity theft attacks on social networks. In: Proceedings of the 18th international conference on World Wide Web, WWW’09. ACM, New York, NY, USA, pp 551–560

    Google Scholar 

  14. Biskup J (2009) Security in computing systems: challenges, approaches and solutions, anonymization. Springer, Heidelberg, pp 513–525

    Google Scholar 

  15. Bodriagov O, Buchegger S (2011) Encryption for peer-to-peer social networks. In: Third inernational conference on privacy, security, risk and trust (PASSAT) and social computing (socialcom), 2011. IEEE, pp 1302–1309

    Google Scholar 

  16. Bonneau J, Preibusch S (2010) Economics of information security and privacy. the privacy jungle:on the market for data protection in social networks. Springer, Boston, pp 121–167

    Google Scholar 

  17. Boshmaf Y, Muslukhov I, Beznosov K, Ripeanu M (2013) Design and analysis of a social botnet. Comput Netw 57(2):556–578

    Google Scholar 

  18. Chakraborty M, Pal S, Pramanik R, Chowdary CR (2016) Recent developments in social spam detection and combating techniques: a survey. Inf Process Manag

    Google Scholar 

  19. Cheng SM, Ao WC, Chen PY, Chen KC (2011) On modeling malware propagation in generalized social networks. IEEE Commun Lett 15(1):25–27

    Google Scholar 

  20. Chester S, Srivastava G (2011) Social network privacy for attribute disclosure attacks. In: 2011 International conference on advances in social networks analysis and mining (ASONAM). IEEE, pp 445–449

    Google Scholar 

  21. Cutillo LA, Molva R, Strufe T (2009) Safebook: a privacy-preserving online social network leveraging on real-life trust. IEEE Commun Mag 47(12):94–101

    Article  Google Scholar 

  22. Danezis G, Mittal P (2009) Sybilinfer: detecting sybil nodes using social networks. In: NDSS. San Diego, CA

    Google Scholar 

  23. Farina P, Cambiaso E, Papaleo G, Aiello M (2016) Are mobile botnets a possible threat? the case of slowbot net. Comput Secur 58:268–283

    Article  Google Scholar 

  24. Fernandes DAB, Soares LFB, Gomes JV, Freire MM, Inácio PRM (2014) Security issues in cloud environments: a survey. Int J Inf Secur 13(2):113–170

    Google Scholar 

  25. Fire M, Tenenboim L, Lesser O, Puzis R, Rokach L, Elovici Y (2011) Link prediction in social networks using computationally efficient topological features. In: Third inernational conference on privacy, security, risk and trust (PASSAT) and social computing (SocialCom), 2011 IEEE, pp 73–80

    Google Scholar 

  26. Gao H, Hu J, Huang T, Wang J, Chen Y (2011) Security issues in online social networks. IEEE Int Comput 15(4):56–63

    Article  Google Scholar 

  27. Goolsby R, Shanley L, Lovell A (2013) On cybersecurity, crowdsourcing, and social cyber-attack. Technical. Report, DTIC document

    Google Scholar 

  28. Graffi K, Mukherjee P, Menges B, Hartung D, Kovacevic A, Steinmetz R (2009) Practical security in p 2p-based social networks. In: 34th Conference on local computer networks, 2009, LCN 2009. IEEE, pp 269–272

    Google Scholar 

  29. Gross R, Acquisti A (2005) Information revelation and privacy in online social networks. In: Proceedings of the 2005 ACM workshop on privacy in the electronic society, WPES’05. ACM, New York, NY, USA, pp 71–80

    Google Scholar 

  30. Heatherly R, Kantarcioglu M, Thuraisingham B (2013) Preventing private information inference attacks on social networks. IEEE Trans Knowl Data Eng 25(8):1849–1862

    Article  Google Scholar 

  31. Irani D, Balduzzi M, Balzarotti D, Kirda E, Pu C (2011) Reverse social engineering attacks in online social networks. In: Detection of intrusions and malware, and vulnerability assessment. Springer, New York, pp 55–74

    Google Scholar 

  32. Jahid S, Nilizadeh S, Mittal P, Borisov N, Kapadia A (2012) Decent: a decentralized architecture for enforcing privacy in online social networks. In: International conference on pervasive computing and communications workshops (PERCOM workshops), 2012. IEEE, pp 326–332

    Google Scholar 

  33. Jin L, Chen Y, Wang T, Hui P, Vasilakos AV (2013) Understanding user behavior in online social networks: a survey. IEEE Commun Mag 51(9):144–150

    Article  Google Scholar 

  34. Jin L, Joshi JB, Anwar M (2013) Mutual-friend based attacks in social network systems. Comput secur 37:15–30

    Article  Google Scholar 

  35. Kartaltepe EJ, Morales JA, Xu S, Sandhu R (2010) Applied cryptography and network security In: 8th International conference, ACNS 2010, Beijing, China, June 22--25, 2010. Proceedings, social network-based botnet command-and-control: emerging threats and countermeasures. Springer, Heidelberg, pp 511–528

    Google Scholar 

  36. Kaur R, Singh S (2015) A survey of data mining and social network analysis based anomaly detection techniques. Egypt Inf J

    Google Scholar 

  37. Krishnamurthy B, Wills CE (2009) On the leakage of personally identifiable information via online social networks. In: Proceedings of the 2nd ACM workshop on online social networks, WOSN’09. ACM, New York, NY, USA, pp 7–12

    Google Scholar 

  38. Krombholz K, Hobel H, Huber M, Weippl E (2015) Advanced social engineering attacks. J Inf Secur Appl 22:113–122

    Google Scholar 

  39. Mouton F, Leenen L, Venter H (2016) Social engineering attack examples, templates and scenarios. Comput Secur 59:186–209

    Article  Google Scholar 

  40. Narayanan A, Shmatikov V (2009) De-anonymizing social networks. In: 30th IEEE Symposium on security and privacy, 2009. IEEE, pp 173–187

    Google Scholar 

  41. Puneeth M, Farha JS, Yamini M, Sandhya N (2015) Social engineering on social networking sites. Int J Adv Eng Res Sci (IJAERS) 2(6):58–60

    Google Scholar 

  42. Rosenblum D (2007) What anyone can know: the privacy risks of social networking sites. IEEE Secur Priv 5(3):40–49

    Article  Google Scholar 

  43. Truta TM, Campan A, Gasmi A, Cooper N, Elstun A (2011) Centrality preservation in anonymized social networks. In: Proceedings of the international conference on data mining (DMIN11)

    Google Scholar 

  44. Tufekci Z (2008) Can you see me now? audience and disclosure regulation in online social network sites. Bull Sci Technol Soc 28(1):20–36

    Article  Google Scholar 

  45. Weber RH, Heinrich UI (2012) Anonymization, limitations of anonymization. Springer, London, pp 45–71

    Google Scholar 

  46. Wei W, Xu F, Tan CC, Li Q (2013) Sybildefender: a defense mechanism for sybil attacks in large social networks. IEEE Trans Parall Distrib Syst 24(12):2492–2502

    Article  Google Scholar 

  47. Weir GR, Toolan F, Smeed D (2011) The threats of social networking: old wine in new bottles? Information Security Technical Report. Soc Netw Threats 16(2):38–43

    Google Scholar 

  48. Williams J (2010) Social networking applications in health care: threats to the privacy and security of health information. In: Proceedings of the 2010 ICSE workshop on software engineering in health care, SEHC’10. ACM, New York, NY, USA, pp 39–49

    Google Scholar 

  49. Wondracek G, Holz T, Kirda E, Kruegel C (2010) A practical attack to de-anonymize social network users. In: IEEE Symposium on security and privacy (SP), 2010, IEEE, pp 223–238

    Google Scholar 

  50. Wu F, Shu J, Huang Y, Yuan Z (2016) Co-detecting social spammers and spam messages in microblogging via exploiting social contexts. Neurocomputing (2016)

    Google Scholar 

  51. Yan, G.: Peri-watchdog: hunting for hidden botnets in the periphery of online social networks. Comput Netw 57(2):540–555 (2013)

    Google Scholar 

  52. Yang Z, Wilson C, Wang X, Gao T, Zhao BY, Dai Y (2011) Uncovering social network sybils in the wild. In: Proceedings of the 2011 ACM SIGCOMM conference on internet measurement conference, IMC’11. ACM, New York, NY, USA, pp 259–268

    Google Scholar 

  53. Yu H, Kaminsky M, Gibbons PB, Flaxman A (2006) Sybilguard: defending against sybil attacks via social networks. ACM SIGCOMM Comput Commun Rev 36(4):267–278

    Article  Google Scholar 

  54. Zhao Z, Feng S, Wang Q, Huang JZ, Williams GJ, Fan J (2012) Topic oriented community detection through social objects and link analysis in social networks. Knowl Based Syst 26:164–173

    Article  Google Scholar 

  55. Zheleva E, Getoor L (2009) To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles. In: Proceedings of the 18th International Conference on World Wide Web, WWW’09. ACM, New York, NY, USA, pp 531–540

    Google Scholar 

  56. Zhu T, Wang S, Li X, Zhou Z, Zhang R (2013) Structural attack to anonymous graph of social networks. Math Probl Eng 2013

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. King Abdulla II School for Information Technology, University of Jordan, Amman, Jordan

    Ja’far Alqatawna, Alia Madain, Ala’ M. Al-Zoubi & Rizik Al-Sayyed

  2. Jordan Information Security & Digital Forensics Research Group (JISDF), Amman, Jordan

    Ja’far Alqatawna

Authors
  1. Ja’far Alqatawna
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alia Madain
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ala’ M. Al-Zoubi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Rizik Al-Sayyed
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ja’far Alqatawna .

Editor information

Editors and Affiliations

  1. The University of Jordan, Amman, Jordan

    Nashrawan Taha

  2. The University of Jordan , Amman, Jordan

    Rizik Al-Sayyed

  3. The University of Jordan, Amman, Jordan

    Ja'far Alqatawna

  4. Department of Business Information Technology, King Abdullah II School of Information Technology (KASIT) The University of Jordan, Amman, Jordan

    Ali Rodan

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this chapter

Cite this chapter

Alqatawna, J., Madain, A., Al-Zoubi, A.M., Al-Sayyed, R. (2017). Online Social Networks Security: Threats, Attacks, and Future Directions. In: Taha, N., Al-Sayyed, R., Alqatawna, J., Rodan, A. (eds) Social Media Shaping e-Publishing and Academia. Springer, Cham. https://doi.org/10.1007/978-3-319-55354-2_10

Download citation

Publish with us

Policies and ethics

Search

Navigation