TY - GEN
T1 - Exploiting vulnerability to secure user privacy on a social networking site
AU - Gundecha, Pritam
AU - Barbier, Geoffrey
AU - Liu, Huan
PY - 2011
Y1 - 2011
N2 - As (one's) social network expands, a user's privacy protec- tion goes beyond his privacy settings and becomes a social networking problem. In this research, we aim to address some critical issues related to privacy protection: Would the highest privacy settings guarantee a secure protection? Given the open nature of social networking sites, is it possible to manage one's privacy protection? With the diversity of one's social media friends, how can one figure out an effective approach to balance between vulnerability and privacy? We present a novel way to define a vulnerable friend from an individual user's perspective is dependent on whether or not the user's friends'privacy settings protect the friend and the individual's network of friends (which includes the user). As a single vulnerable friend in a user's social network might place all friends at risk, we resort to experiments and observe how much security an individual user can improve by unfriending a vulnerable friend. We also show how privacy weakens if newly accepted friends are unguarded or unprotected. This work provides a large-scale evaluation of new security and privacy indexes using a Facebook dataset. We present and discuss a new perspective for reasoning about social networking security. When a user accepts a new friend, the user should ensure that the new friend is not an increased security risk with the potential of negatively impacting the entire friend network. Additionally, by leveraging the indexes proposed and employing new strategies for unfriending vulnerable friends, it is possible to further improve security and privacy without changing the social networking site's existing architecture.
AB - As (one's) social network expands, a user's privacy protec- tion goes beyond his privacy settings and becomes a social networking problem. In this research, we aim to address some critical issues related to privacy protection: Would the highest privacy settings guarantee a secure protection? Given the open nature of social networking sites, is it possible to manage one's privacy protection? With the diversity of one's social media friends, how can one figure out an effective approach to balance between vulnerability and privacy? We present a novel way to define a vulnerable friend from an individual user's perspective is dependent on whether or not the user's friends'privacy settings protect the friend and the individual's network of friends (which includes the user). As a single vulnerable friend in a user's social network might place all friends at risk, we resort to experiments and observe how much security an individual user can improve by unfriending a vulnerable friend. We also show how privacy weakens if newly accepted friends are unguarded or unprotected. This work provides a large-scale evaluation of new security and privacy indexes using a Facebook dataset. We present and discuss a new perspective for reasoning about social networking security. When a user accepts a new friend, the user should ensure that the new friend is not an increased security risk with the potential of negatively impacting the entire friend network. Additionally, by leveraging the indexes proposed and employing new strategies for unfriending vulnerable friends, it is possible to further improve security and privacy without changing the social networking site's existing architecture.
KW - Experimentation
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=80052651133&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=80052651133&partnerID=8YFLogxK
U2 - 10.1145/2020408.2020489
DO - 10.1145/2020408.2020489
M3 - Conference contribution
AN - SCOPUS:80052651133
SN - 9781450308137
T3 - Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining
SP - 511
EP - 519
BT - Proceedings of the 17th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD'11
PB - Association for Computing Machinery
T2 - 17th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2011
Y2 - 21 August 2011 through 24 August 2011
ER -