Prying Data out of a Social Network

@article{Bonneau2009PryingDO,
  title={Prying Data out of a Social Network},
  author={Joseph Bonneau and Jonathan Anderson and George Danezis},
  journal={2009 International Conference on Advances in Social Network Analysis and Mining},
  year={2009},
  pages={249-254}
}
Preventing adversaries from compiling significant amounts of user data is a major challenge for social network operators. We examine the difficulty of collecting profile and graph information from the popular social networking website Facebook and report two major findings. First, we describe several novel ways in which data can be extracted by third parties. Second, we demonstrate the efficiency of these methods on crawled data. Our findings highlight how the current protection of personal… 

Figures and Tables from this paper

Online Social Networks: Privacy Threats and Defenses
  • Shah Mahmood
  • Computer Science
    Security and Privacy Preserving in Social Networks
  • 2013
TLDR
This chapter provides a brief overview of some threats to users’ privacy and discusses two defense mechanisms which deploy usable privacy through a visual and interactive flow of information and a rational privacy vulnerability scanner.
Social Networks : Privacy Threats and Defenses
TLDR
This chapter provides a brief overview of some threats to users’ privacy and discusses two defense mechanisms which deploy usable privacy through a visual and interactive flow of information and a rational privacy vulnerability scanner.
A summary of two practical attacks against social networks
TLDR
This chapter summarizes two practical attacks presented in the past: an impersonation attack in which a user profile is automatically clone and an attack that abuses the information provided by social networks to automatically correlate information extracted from different social networks.
De-anonymizing Social Networks
TLDR
A framework for analyzing privacy and anonymity in social networks is presented and a new re-identification algorithm targeting anonymized social-network graphs is developed, showing that a third of the users who can be verified to have accounts on both Twitter and Flickr can be re-identified in the anonymous Twitter graph.
Social Network Analysis on Highly Aggregated Data: What Can We Find?
TLDR
This paper presents the results of social network analysis of a very large volume of the telecommunication data acquired from a mobile phone operator, which is highly aggregated, with only limited information about individual connections between users.
Privacy settings from contextual attributes: A case study using Google Buzz
TLDR
Statistics on contextual data related to privacy settings that are derived from crawled datasets are shown and the characteristics of users who changed their privacy settings are analyzed.
Privacy suites: shared privacy for social networks
TLDR
A new paradigm is proposed which allows users to easily choose "suites" of privacy settings which have been specified by friends or trusted experts, only modifying them if they wish, which could dramatically increase the privacy protection that most users experience with minimal time investment.
A Metric to Evaluate Interaction Obfuscation in Online Social Networks
TLDR
The proposed mutual information as obfuscation metric measures the amount of information leaked by the (observable) obfuscated interactions in the system on the (concealed) real interactions between users.
Privacy Issues in Social Networking Websites: Is Facebook Revealing Our Social Life?
TLDR
It can be inferred that a lot of information can still be revealed about an OSN (Online Social Network) user?s social life to third parties.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 24 REFERENCES
Inferring private information using social network data
TLDR
This paper explores how to launch inference attacks using released social networking data to predict undisclosed private information about individuals and the effectiveness of possible sanitization techniques that can be used to combat such inference attacks under different scenarios.
Characterizing privacy in online social networks
TLDR
This study examines popular OSNs from a viewpoint of characterizing potential privacy leakage, and identifies what bits of information are currently being shared, how widely, and what users can do to prevent such sharing.
Wherefore art thou r3579x?: anonymized social networks, hidden patterns, and structural steganography
TLDR
A family of attacks is described such that even from a single anonymized copy of a social network, it is possible for an adversary to learn whether edges exist or not between specific targeted pairs of nodes.
Link Privacy in Social Networks
TLDR
Any social network that wishes to protect the link privacy of its users should take great care in choosing the lookahead of its interface, limiting it to 1 or 2, whenever possible.
Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook
TLDR
It is found that an individual's privacy concerns are only a weak predictor of his membership to the Facebook, and also privacy concerned individuals join the network and reveal great amounts of personal information.
Privacy Protection for Social Networking Platforms
TLDR
A privacy-by-proxy design for a privacy-preserving API is presented, motivated by an analysis of the data needs and uses of Facebook applications, which found that nearly all applications could maintain their functionality using a limited interface that only provides access to an anonymized social graph and placeholders for user data.
The Economics of Mass Surveillance and the Questionable Value of Anonymous Communications
TLDR
A model of surveillance based on social network theory, where observing one participant also leaks some information about third parties is presented, to provide important insights into the actual security of anonymous communication, and their ability to minimise surveillance and disruption in a social network.
Inferring privacy information via social relations
  • Wanhong Xu, Xi Zhou, Lei Li
  • Computer Science
    2008 IEEE 24th International Conference on Data Engineering Workshop
  • 2008
TLDR
This work presents an iterative algorithm, by combining a Bayesian label classification method and discriminative social relation choosing, for inferring personal information through mere social relations with high accuracy.
Eight friends are enough: social graph approximation via public listings
TLDR
It is demonstrated that it is difficult to safely reveal limited information about a social network from a "public view" which includes eight of the user's friendship links to search engines.
How To Break Anonymity of the Netflix Prize Dataset
TLDR
This work presents a new class of statistical de-anonymization attacks against high-dimensional micro-data, such as individual preferences, recommendations, transaction records and so on, and demonstrates that an adversary who knows only a little bit about an individual subscriber can easily identify this subscriber's record in the dataset.
...
1
2
3
...