The popularity of social networking sites has increased at astonishing levels. Social Networking websites such as Facebook, Twitter, MySpace and LinkedIn have been growing rapidly within the past few years with now over two billions users. Almost every computer literate person has at least one social network account, and they spend a large amount of their time on social networks each day.
Social networks can be described as web applications. People may use social networking services for different reasons: to network with new contacts, reconnect with former friends, maintain current relationships, build or promote a business or project, participate in discussions about a certain topic, or just have fun meeting and interacting with other users. Some services, such as Facebook and Twitter, have a broad range of users, while others cater to specific interests. For example, LinkedIn has positioned itself as a professional networking site—profiles include resume information, and groups are created to share questions and ideas with peers in similar fields. On the other hand, MySpace is known for its emphasis on music and other entertainment. There are also social networking services that have been designed specifically to reconnect former classmates.
Most people join social networks to share their information and keep in contact with people they know. The main feature of social networks is a friend finder that allows social network users to search for people that they know and then build up their own online community. Most social network users share a large amount of their private information in their social network space. This information ranges from demographic information, contact information, comments, images, videos, etc. Many users publish their information publicly without careful consideration. Hence, social networks have become a large pool of sensitive data. Moreover, social network users tend to have a high level of trust toward other social network users. They tend to accept friend requests easily, and trust items that friends send to them. Because of social networks large population and information base, and its simple accessibility, social networking websites have become new targets that attract cyber criminals.
With these social network characteristics and the more aggressiveness of attacker’s methods, privacy and security issues in social networks has become a critical issue in the cyber world. Therefore, this paper will present a survey on privacy and security issues that occur in online social networks. The next section of the paper will present different privacy and security issues in online social networks. The issues include privacy issues, identity theft issues, spam issues, malware issues, and physical threats issues.
Types of Social Networks
There are many types of social networks available. Most social networks combine elements of more than one of these types of networks, and the focus of a social network may change over time. Many of the security and privacy recommendations are applicable to other types of networks.
- Personal networks. These networks allow users to create detailed online profiles and connect with other users, with an emphasis on social relationships such as friendship. For example, Facebook, Friendster and MySpace are platforms for communicating with contacts. These networks often involve users sharing information with other approved users, such as one’s gender, age, interests, educational background and employment, as well as files and links to music, photos and videos. These platforms may also share selected information with individuals and applications that are not authorized contacts.
- Status update networks. These types of social networks are designed to allow users to post short status updates in order to communicate with other users quickly. For example, Twitter focuses its services on providing instantaneous, short updates. These networks are designed to broadcast information quickly and publicly, though there may be privacy settings to restrict access to status updates.
- Location networks. With the advent of GPS-enabled cellular phones, location networks are growing in popularity. These networks are designed to broadcast one’s real-time location, either as public information or as an update viewable to authorized contacts. Many of these networks are built to interact with other social networks, so that an update made to a location network could (with proper authorization) post to one’s other social networks. Some examples of location networks include Brightkite, Foursquare, Loopt and Google Latitude.
- Content-sharing networks. These networks are designed as platforms for sharing content, such as music, photographs and videos. When these websites introduce the ability to create personal profiles, establish contacts and interact with other users through comments, they become social networks as well as content hubs. Some popular content sharing networks include thesixtyone, YouTube and Flickr.
- Shared-interest networks. Some social networks are built around a common interest or geared to a specific group of people. These networks incorporate features from other types of social networks but are slanted toward a subset of individuals, such as those with similar hobbies, educational backgrounds, political affiliations, ethnic backgrounds, religious views, sexual orientations or other defining interests. Examples of such networks include deviantART, LinkedIn, Black Planet, and Goodreads.