Information and Password Attacks on Social Networks: An Argument for Cryptography

@article{Franchi2015InformationAP,
  title={Information and Password Attacks on Social Networks: An Argument for Cryptography},
  author={Enrico Franchi and Agostino Poggi and Michele Tomaiuolo},
  journal={J. Inf. Technol. Res.},
  year={2015},
  volume={8},
  pages={25-42}
}
Online social networks have changed the way people interact, allowing them to stay in touch with their acquaintances, reconnect with old friends, and establish new relationships with other people based on hobbies, interests, and friendship circles. Unfortunately, the regrettable concurrence of the users' carefree attitude in sharing information, the often sub-par security measures from the part of the system operators and, eventually, the high value of the published information make online… 
Information Attacks and Defenses on the Social Web
TLDR
This work reviews some typical social attacks that are conducted on social networking systems, describing real-world examples of such violations and analyzing in particular the weakness of password mechanisms.
Blogracy: A Peer-to-Peer Social Network
TLDR
The authors propose a novel P2P system that leverages existing, widespread and stable technologies such as DHTs and BitTorrent, and introduces a key-based identity system and a model of social relations for distributing content efficiently among interested readers.
Participation in Online Social Networks: Theories and Models
TLDR
A survey of the basic features of SNA, participation theories and models are discussed, with emphasis on social capital, information spreading, motivations for participation, and anti-social behaviors of social network users.
Agent based P2P Social Neworks Modeling
TLDR
This paper presents the preliminary work on the design of a peer-to-peer social network architecture that took advantage of an actor based development system for the modelling and analysis of a set of possible algorithms that can support the availability of the profiles of the offline users in this kind of network.
A P2P Architecture for Social Networking
TLDR
This chapter proposes a novel P2P system that leverages existing, widespread, and stable technologies such as DHTs and BitTorrent, and introduces a key-based identity system and a model of social relations for distributing content efficiently among interested readers.
Supporting Participation in Online Social Networks
Social networking systems can be considered one of the most important social phenomena because they succeeded in involving billions of people all around the world and in attracting users from several
MoiPrivacy: Design and Evaluation of a Personal Password Meter
TLDR
The MoiPrivacy password meter is presented, that extends a neural network- and heuristic-based approach and considers a user’s personal information, while calculating the password strength and feedback and shows that Moi privacy significantly limits the inclusion of personal information in passwords.
Social Media for Online Collaboration in Firms and Organizations
TLDR
The role of social capital is shown in the participation in online social networking activities, in the various cases of Virtual Organizations, Virtual Teams, and online Networks of Practice.
Security analysis of Game Changer Password System
  • B. Brumen
  • Computer Science
    Int. J. Hum. Comput. Stud.
  • 2019
TLDR
The results of security analysis of the Game Changer Password System are presented and a solution that produces stronger passwords is proposed, however, the tradeoff between memorability and attack resilience must be taken into the account.
Social Network and Sentiment Analysis on Twitter: Towards a Combined Approach
TLDR
A possible combined approach between Social Network Analysis and Sentiment Analysis is presented, which has tried to associate a sentiment to the nodes of the graphs showing the social connections, and this may highlight the potential correlations.
...
1
2
...

References

SHOWING 1-10 OF 39 REFERENCES
All your contacts are belong to us: automated identity theft attacks on social networks
TLDR
This paper investigates how easy it would be for a potential attacker to launch automated crawling and identity theft attacks against a number of popular social networking sites in order to gain access to a large volume of personal user information.
Encryption for Peer-to-Peer Social Networks
  • Oleksandr Bodriagov, S. Buchegger
  • Computer Science
    2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int'l Conference on Social Computing
  • 2011
TLDR
This paper explores the requirements of encryption for P2P social networks in detail and proposes to use broadcast encryption schemes with high performance encryption/decryption regardless of the number of identities/groups for an efficient encryption-based access control in the P1P environment.
Safebook: A privacy-preserving online social network leveraging on real-life trust
TLDR
The suggested approach adopts a decentralized architecture relying on cooperation among a number of independent parties that are also the users of the online social network application to ensure users' privacy in the face of potential privacy violations by the provider.
To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles
TLDR
This work shows how an adversary can exploit an online social network with a mixture of public and private user profiles to predict the private attributes of users, and proposes practical models that use friendship and group membership information to infer sensitive attributes.
Modeling Unintended Personal-Information Leakage from Multiple Online Social Networks
TLDR
Experiments show the measure's usefulness in quantifying information leakage from publicly crawled information and suggest ways of better protecting privacy and reducing information leakage in the social Web.
Open Social Networking for Online Collaboration
TLDR
A novel peer-to-peer system, named Blogracy, leveraging the large BitTorrent network is proposed, offering protection of users' identity and privacy, absence of central control over published content, interoperability with other systems, and low costs and scalability of the infrastructure.
Personal knowledge questions for fallback authentication: security questions in the era of Facebook
TLDR
It is argued that today's personal security questions owe their strength to the hardness of an information-retrieval problem, and security provided by such questions will likely diminish over time as personal information becomes ubiquitously available online.
Supporting Social Networks With Agent-Based Services
TLDR
Blogracy takes advantages of multi-agent systems for simplifying the implementation of social network services in a decentralized setting and for being the basis of solid distributed social networking platforms.
dDelega: Trust Management for Web Services
In the context of Web services, access control presents some interesting challenges, especially when services are exposed to a global audience, with users accessing them from different systems and
Predicting Social Security numbers from public data
  • A. Acquisti, R. Gross
  • Computer Science, Medicine
    Proceedings of the National Academy of Sciences
  • 2009
TLDR
Using only publicly available information, a correlation between individuals' SSNs and their birth data is observed and it is found that for younger cohorts the correlation allows statistical inference of private SSNs.
...
1
2
3
4
...