Security Issues of Social Networking Sites

guarantor Issues of neighborly Networking SitesC. Divya Gowri,K. Rajalakshmi, PG Scholar,S.SureshAbstract well-disposed Networking Sites (SNS) argon a platform to build well-disposed relationship or social networks among people. It is web-based service which allows people to create populace profiles it is similar to online community. The only difference is social network service is individual centred whereas online community is stem centred. It groups the individuals into specific groups for communication exercise. Millions of people like to meet an other(pre no.inal) people, shargon and gather selective tuition, share information about their work like cooking, finding employment, e-business, e-commerce, etc., SNS involves getting access to the website you wish to socialize. Once you are granted, you can scan the profile pages of others and even impinging them. These SNS has greatest impact on the people who use them. Today billions of people across the world have their pr ofiles in social networking sites. SNS becomes reason for addiction and anxiety. It starts affecting the personal relationship. This paper focuses on the impacts of these social networking sites.Key Tems Social Networking Sites, Personal privacy, Security issues.I. IntroductionSocial Networks 13 involves use of network to connect the substance abusers with their family, friends and acquaintances. Web-based social networking services connect people to share interests and activities across political, economic, and geographic borders. Online Social Networking sites like Twitter, Facebook, and MySpace have become popular in new-made years. Social Networks have become a personal fabric of the world. In such SNS, each of your Followers (Twitter) or Friends (Facebook) will be friend with your other friends just like in real world. The connection between people is non one-on-one but a network of connection. These social networks persist dock of all interactions used by their users on t heir sites and save them for later use. It allows users to meet new people, stay in touch with friends, and discuss about everything including jokes, politics, news, etc.,Using Social networking sites marketers can directly reach customers, this is not only benefit for the marketers but it also benefits the users as they get more information about the organization and the product. thither is absolutely no doubt that online social networks have become part of every individual. Though the use of these SNS is increase day by day, the users are not aware of risks associated with updating sensitive information. Facts prove that majority of people comport information like photos, share location unaware of security and privacy concerns. SNS unquestionably needs many security policies to keep users information secured.II. Literature Survey2.1 Privacy IssuesSecurity RisksWith the use of SNSs, the security risks 4 12 associated is also increasing rapidly. Some of the risks include cyber sta lking, phishing, location disclosure, identity theft, Phreaking, Spoofing, Doxing, spam issue, profile cloning, fake product sale and cyber bullying.People pop the question their personal data piece of music creating accounting on SNSs like Facebook, Twitter, etc. The secured data is stored in SNS and because of scummy security the data stored are not secure.Cyber StalkingIt is the use of SNS to harass/stalk an individual, group or organization. It includes monitoring, vandalism 15, and gathering of information that may be used to threaten the SNS users.PhishingPhishing 7 is attempting to acquire sensitive information like username, password, and credit card information by masquerading through SNS.Location DisclosureSNS can disclose users information 10. An application named creepy can track location of the user on a map by photos uploaded in Flicker or Twitter.Identity TheftSome hackers attack through application in which they study license for accessing their profile of SNS ( Facebook, Twitter, etc.). When SNS users allow doing so, hackers get all information so that they can misuse users information without their knowledge or permission.PhreakingIt is gaining unauthorized access to a users profile. It is advisable not to give phone numbers, passwords that provide direct access to a users profile.SpoofingSome attackers deceive computers by faking ones identity. IP spoofing masks or hides computers IP address.DoxingIt is publicly posting a persons identity including full name, address, limnings, go out of birth typically witnessd from any social sites.Spam IssuesSNS is widely spread with spam. It includes message spam and content spam 5 6. Spammers attack legitimate users account and post unwanted messages/comment on their wall or send those content to their friends so that the composition of the legitimate users is spoiled.Profile CloningProfile Cloning 38 is that the hackers retrieve the profile information of the SNSs users and rat a clone of the profile. They make this clone to spoil the reputation of the users. This is one of the most popular risks associated with the SNSs and it is also tiree without the permission or knowledge of the SNS user.Another form of profile cloning is Cross-site profile cloning. In this method, hackers steal information from one social site and make this information to create a profile in another SNS.Fake Product SaleThe hackers advertise on the SNSs for selling products by offering great discount and free products. When users try to purchase these products, they are asked to provide account information which is retrieved by attackers and they misuse the information.Cyber bullyingCyber bullies 10 often post information that spoils the reputation of a SNS user also they spread lies about them, write hateful comments, and upload disgusting photos or abusive images.2.2 Attacking scenariosClick JackingIn this typecast of attack, attackers post videos and when the users click on the page, some mal icious actions takes place. This type of attack is common in Facebook where users like a page or a picture or a video and the users are trapped.Content Based Image RetrievalIn this attack 9, the attackers match the patterns of images associated with the profile of the SNS users so that attackers know the flowing location of a user.De-Anonymization AttackIn this De-Anonymization attack 1 the users anonymity can be revealed by history stealing and group social status information.Neighbourhood attackIn this attacker 2 finds the neighbors of the victim node. Based on users profile and personal information, attackers are attracted by users personal information like their name, date of birth, contact information, relationship status, current work and education background.There can be leakage of information because of poor privacy settings. Many profiles are made public to others i.e. anyone can view their profile. Next is leakage of information through third party application. Social ne tworking sites provide an Application Programming Interface (API) for third party developers to create applications. Once users access these applications the third party can access their information automatically.Malicious packet updatesAn attacker may deliver malicious software to update the system. This may be used to disrupt computer system, obtain sensitive information or gain access to any private information.Evil Twin AttackIn this attack 11, it allows attackers to impersonate people or companies in SNS. This is used for the purpose of financial gain, physical crimes, defamation and information gathering. The attackers create a twin profile in the name of other person (legitimate user) and send friend bay or messages to get money or just gather information.2.3 Prevention strategiesInternet is of all time Public SNS users post anything on the internet and it is always ready(prenominal) in public. Thus it is users responsibility to post information that users are comfortable with. This may include their personal information and photos in which users are tagged in. Also once when users post information online, it cannot be deleted. Even if the information is deleted from a site, cached copy remains on the World Wide Web. delimitate the amount Always limit the amount of personal information you post. Do not disclose private information such as your residential address, contact number, etc.Assess your settings Users must be aware of their privacy settings. The default settings of the site will allow anyone to see your profile. But you can customize your settings to confine certain people from seeing your profile.Be cautious of Third party applications Some third party applications will ask for your private information while you run those applications. Avoid running those applications that are suspicious and limit the amount of information that the applications can access.Create secure passwords provide your account with passwords which are nasty to be gu essed. If users password is compromised, somebody may access your account and pretend to be like you without your knowledge. Always provide distinguishable passwords for different accounts which may confuse the cyber criminals. Combine upper and lower case letters with symbols and numbers to create secure passwords. Change your passwords frequently.Activate your firewall Firewalls are considered as the for the first time line of cyber defence. They block connections to unknown sites and will protect the system from viruses and hackers.Avoid being scammed Prevent viruses/malware infecting your system by installing and frequently updating antivirus software. listen of things you post Whatever you post online, it remains in cache even if you are not able to see. It is advisable to think before posting pictures that you dont want your employers or parents to see.Know your friends Online friends should not be taken as real friends unless you know them personally. Beware of what you sha re with those strange friends.Install from believe source- Install applications or softwares that comes from well- known or trusted sites. Remember that free software may come with malware. Once you install an application, keep it up-to-date. If you no longer use an application, delete it.Avoid Wi-Fi spots Avoid accessing your personal accounts from public computers like Internet centres or through public Wi-Fi spots. It is always preferred to use high security settings on any SNS.IV. CONCLUSIONSNS have become a likely target for attackers due to sensitive information available. The growth of social networking sites shows tremendous changes in personal and social behavior of internet users. It has become an essential medium of communication and an entertainment among adults. Though it affects the everyday activities of the users, many cyber crime activities evolved, the popularity of such sites are not going to reduce.SNS can be used for sales and marketing, but the security risks can put a company or individual in a compromising position. Many cyber laws have to be fortified so that cyber criminals cannot escape from committing a crime. Many SNS are implementing different security mechanisms to SNS users. Also users must be careful and prevent themselves from being attacked.V. REFERENCES1 Gilbert Wondracek, Thorsten Holz, Engin Kirda, and Christopher Kruegel, Practical Attack to De-anonymize Social Network Users, IEEE Symposium on Security and Privacy, 2010, pp.223-238.2 Bin Zhou and Jian Pei, Preserving Privacy in Social Networks Against Neighborhood Attacks, Data Engineering, 2008. ICDE 2008. IEEE 24th International Conference on, Apr. 2008, pp.506-515.3 M. Balduzzi, C. Platzer, T. Holz, E. Kirda, D. Balzarotti, and C. Kruegel, Abusing Social Networks for Automated User Profiling, Symposium on new Advances in Intrusion Detection (RAID), vol. 6307, Sep. 2010, pp. 422-441.4 Dolvara Gunatilaka, A Survey of Privacy and Security Issues in Social Networks, ht tp//www.cse.wustl.edu/jain/cse57111/ftp/social/index.html5 Garrett Brown, Travis Howe, Micheal Ihbe, Atul Prakash, and Kevin Borders, Social networks and context-aware spam, CSCW 08 Proceedings of the 2008 ACM throng on Computer supported cooperative work, 2008, pp.403-412. http//www.eecs.umich.edu/aprakash/papers/cscw08_socialnetworkspam.pdf.6 B. Markines, C. Cattuto and F. Menczer, Social Spam Detection,Proc. 5th Intl Workshop Adversarial Information Retrieval on the Web(AIRWeb 09), ACM Press, 2009, pp. 4148.7T.N. Jagatic et al., Social Phishing,Comm. ACM,vol. 50, no. 10, 2007, pp. 94100.8 Khayyambashi, M.R. Rizi, F.S. An approach for detecting profile cloning in online social networks,e-Commerce in Developing Countries With Focus on e-Security (ECDC), 2013 7th Intenational Conference on,On page(s) 1 12.9 A. Acquisti and R. earthy Imagined Communities Awareness, Information Sharing, and Privacy on the Facebook. In 6th Workshop on Privacy Enhancing Technologies, June 2006.10 D. Rosenblum., What Anyone Can Know. In The Privacy Risks of Social Networking Sites, IEEE Security and Privacy, 2007.11 Carl Timm,Richard Perez, Seven Deadliest Social Network Attacks, Syngress/Elsevier, 201012 Dwyer, C., Hiltz, S. R., Passerini, K. Trust and privacy concern within social networking sites A comparison of Facebook and MySpace. Proceedings of AMCIS 2007, Keystone, CO. Retrieved September 21, 200713 D. D. Boyd and N. B. Ellison, Social Network Sites Definition, History and Scholarship, Journal of Computer-Mediated Communication, vol. 13, pp. 210-230, 2007.14 P. Heymann, G. Koutrika and H. Garcia-Molina, armed combat Spam on Social Web Sites A Survey of Approaches and Future Challenges,IEEE Internet Computing,vol. 11, no. 6, 2007, pp. 3645.15W. Xu, F. Zhang and S. Zhu, Toward Worm Detection in Online Social Networks,Proc. twenty-sixth Ann. Computer Security Applications Conf.(ACSAC 10), ACM Press, 2010, pp. 1120.