Issue No. 05 - Sept.-Oct. (2014 vol. 16)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2014.79
Kaze Wong , Macao Polytechnic Institute
Angus Wong , The Open University of Hong Kong
Alan Yeung , City University of Hong Kong
Wei Fan , City University of Hong Kong
Su-Kit Tang , Macao Polytechnic Institute
Online social networks have been typically created for convenience--so they haven't been built from the ground up with security in mind. They often have confusing privacy settings and are susceptible to various kinds of attacks that exploit users' trust and privacy. In this article, the authors discuss security pitfalls in today's social networks, briefly introducing common attack methods. They implemented a proof-of-concept Facebook app, which is actually a harmless malware that uses common attack methods to demonstrate the vulnerability of online social networks. Although today's online social networks commonly offer users a variety of security settings, users tend to trust the information obtained from online social networks regardless of the settings. This kind of user mentality can be more crucial than technical aspects in determining the level of security in online social networks.
Facebook, Malware, Privacy, Games, Trust management, Social network services, Information networks, Web and Internet services, Computer security, Mobile communication
K. Wong, A. Wong, A. Yeung, W. Fan and S. Tang, "Trust and Privacy Exploitation in Online Social Networks," in IT Professional, vol. 16, no. 5, pp. 28-33, 2014.