First, various privacy threats are explored and rife description of these threats is provided. Then, different models, related to the management and detection of privacy issues are explored and a tool for the detection of privacy violation IS also discussed. Keywords: Online Social Networking (SON), privacy, threats, Trust evaluation, Data respectability model, PROTONS, encryption, mallard 1. Introduction Online Social Networking (SON) has gained a great popularity across the globe. It allows millions of users to produce and consume the data.
Online Social Networking has extended the boundaries of communication. Millions of seers access different sites at a time and share their personal interests. In the recent years growth of online networks has offered a vast range of opportunities to communicate and share resources and which consequently has raised privacy and security issues. These issues become prominent in areas of managing personal information while communicating with desired contacts. By accessing Online Social Networks privacy of various users is threaten.
Multiple of users provide their personal information on various sites that may attract the attackers and these malicious users grasp their information which is misused by hem later. This personal information is leaked through poor privacy setting. Many on internet do not have accurate control over the privacy. Even those websites that ensure the safest privacy settings include some loopholes that result in several privacy issues. Social Networks also include involvement of API (Application Programming Interface) for third party to develop applications that may run on the specified networks.
If users access these applications then the users indirectly allow third party to access their personal data. Third party domain service is also used by several networks that may maintain a track of user’s activity and also allows the partners to access and aggregate the data of users for commercial benefits. Many users have no concern that what they are exposing on the social sites and attackers make use of these sites for attack of victim’s identity. In this survey, we focus on the privacy aspect of Online Social Network. Different privacy issues are discussed.
Model and tools are also provided to refer the privacy violation. 2. Online Social Network Online Social network define a social structure of individuals, who are related to each other on the basis of their common interest e. . Friendship, trust, etc. [11. Social networking sites are recognized as Online Social Networks (Sons) such as Backbone, Tweeter, Coward, and Namespace because they allow an individual to have his own social networks, In which he may develop a new relationship with new people or to maintain connections with their current contacts 2. . Definition Networks of Online Social A social network describes entities and link between them. The entities are often individuals and they are connected by personal relationships, interactions and information flow.  A social network is a social structure made up f a set of social actors (such as individuals or organizations) and a set of links between these actors 2. 2. Information collected from SON Two types of information can be collected about a user from an Online Social Network 2. 2. 1.
Shared by Laser Information is collected on Online Social Networks when user shares it himself. A user may share following information about him: C] Photos and other media CLC Age and gender C] Biographical information (education, employment history, hometown, etc. ) C] Status updates (also known as posts) 0 Contacts 0 Interests CLC Geographical location seer’s actions online using -”collies (short strings of text stored on one’s hard drive). 2. 3. Architecture Social application operates inside a social networking site but relies on external server for processing and execution data .
The architecture includes following interacting parties : Social Application Server C] Online Social network server (ONES Server) CLC User of Online Social Network (SON User) The scenario is that the user interacts with an online social network server through his/her profile page. Online social network server processes user request on the basis of provided information. Then the user’s request is forwarded to social application server along with the information provided by user and his/her profile data.
After that, social application server generates a reply for a user request and sends back to online social network server. At last, Online Social Network server processes the response generated by Social Application Server and send its resultant output to the user. Figure for the above phenomena is shown below and indicate that the Social Application server can directly access user’s personal information in order to operate as per required and this pose a errors privacy threat to the user because its huge personal information becomes available to the application and its unknown developers. . 2. 2. Gathered through Electronic Tracking Information may also be gathered from a 2 Figure 1. Social network architecture and application interaction 2. 4. Types of SON Following are the different types of Online Social Networks : 2. 4. 1 . Personal networks This type of SON networks allow user to create an online profile and get connected to other users. Also provide the facility to share different type of data like images, music videos etc. With the approved users. The main focus of these networks is on social relationships such as friendship 2. 4. 2.
Status update networks The basic opportunity that these types of social networks provide is to allow users to post short status updates in order to communicate with Other users quickly. 2. 4. 3. Location networks With the arrival of GAPS-enabled cellular phones, location networks are getting popular. These networks broadcast ones real-time location, either as publicly or as a restricted update only visible to authorized contacts. 2. 4. 4. Content-sharing networks The basic functionality that these types of SON networks provide is sharing content, such as audio, images and videos.
When these networks provide the user with the facility to create personal profiles, maintain contacts and interact with these contacts through comments, they become social networks as well as content hubs. 2. 45. Shared-interest networks Some social networks are created on the basis of common interest of people or to target specific group of people. These networks include features from other types of social networks but are biased toward a SUbset Of individuals, such as those with similar hobbies, educational backgrounds, political affiliations, ethnic backgrounds, religious views or other defining interests. . 5. Advantages of SON These Online Social Networks are the platforms where the individuals are allowed to share their thoughts, ideas and creativity, and also to form social communities. These online networks provide significant advantages both to the individuals and in business sectors. Some of the significant benefits of online social networks are : CLC Allow people to stay in contact with each other very conveniently and effectively, even on an international level.
The closeness and understanding developed wrought this social networking might contribute to increased self-esteem and satisfaction might life for some students. C] Allow the people with the same mentality to discover and interact with each other. C] Provide a chance for new methods of online collaboration, education, experimentation and trust-formation. In the business field, a well-established SINS can enhance the company’s collective knowledge and involve a wide range of people working in the company in the strategic planning process. . Privacy Privacy is the ability of an individual or group to keep concealed themselves or information bout themselves, and thereby express them selectively. The restrictions and content of what is considered private may vary among cultures and individuals, but share common themes. When something is private to a person, it usually means that something is inherently special or sensitive to them. The 3 domain of privacy partially overlaps security, which can include the concepts of appropriate use, as well as protection of information.
Privacy may also take the form of bodily integrity Privacy can be divided into individual privacy and common privacy. Individual privacy means information about a single person cannot be elected and spread by others without permission. Common privacy can also be called group privacy or correlation privacy. Common privacy is that the private life of the group cannot be illegally interfered by others outside the group, and the information of the group cannot be illegally collected and published by others.
The resource involving the privacy of multiple users is called common privacy resource in SON. The user who uploads the resource is called uploaded, and in addition to the uploaded the other users who have something to do with privacy in the resource are called co-workers . 4. Threats in Online Social Networks Online Social Networking (SON) is becoming very popular and the number of users is increasing rapidly. With that increase there is an increase in the privacy threats that affect the users’ privacy, identity and confidentiality .
Aristotle gives a very first definition of privacy, makes a distinction between political activity as public and family as private . It can also be defined as, -”Control over the information including the transfer and exchange of one’s personal information . Social networks are web applications that allow users to create their semi-public profile which means profile that has some information public and some is private, thus communicate with those who are in their contacts (friends) to build an online community . Figure 2.
SON levels: three architectural layers of online social networking services  Many research groups emphasized the security and privacy threats over the internet. If we know purpose of information theft and privacy issues then maybe we can give a solution to avoid these problems. Attackers and hackers might attack just for fun, and to show that they 4 can penetrate to our secure systems. However, the most common reason is the financial infinite gained by collecting users critical personal information such as bank accounts, social security numbers, and passwords.
Through this these attackers can commit identity theft crimes and generate profit. Most social network users share a huge amount of their private information in their social network profiles. This information includes demographic information, contact information, comments, photos, videos, etc. Many users give their information publicly without careful consideration. Hence, social networks are becoming a large pool of sensitive data. Moreover, social network users tend to have a gig level of trust toward other social neuron users. They are willing to accept friend requests easily, and trust items that friends send to them. . Privacy Issues SON sites are not informing users of the dangers of spreading their personal information is the top and primary privacy problem. That is why users are not aware of the amount of the risks involved. Second problem is the privacy tools in SON sites, which are not easy to use and they 5 Figure 3 Threats to online social network users [1 7] do not offer the flexibility for users to customize their privacy policies according to their needs. The third problem is the users themselves who cannot control what other users can.
We discuss 4 privacy issues here. 5. 1 Classic Threats [1 7] This type includes mallard, spam, cross-site scripting (ASS) attacks and pushing. Classic threats can take advantage of a users personal information published in a social network to attack not only the user but also their friends simply by adjusting the threat to accommodate the users personal information. For example attacker can embed a malicious code inside an attractive spam message that works to get user’s details. There are high chances that the innocent seer will open the message and get infected.
In many cases, these threats target essential and everyday user resources such as credit card numbers, account passwords, computing power, and even computer bandwidth (in order to send spam emails). Figure 4 Illustration of social pushing  5. 1. 3 Spammed Extensive use of social networking sites has stimulated the spammed to create the unwanted and enormous messages (spam) in order to produce traffic to their sites and better ranks at search engines and to overload the social networks . The different classic threats are described below. 5. 1. 1 Mallard
Mallard is malicious software developed to interrupt a computer operation in order to collect a users credentials and gain access to his or her private information. Mallard in social networks uses the SON structure to propagate itself among users and their friends in the network. Coffee was the first mallard to successfully propagate through Sons such as Backbone, Namespace, and Twitter. 5. 1. 2 Pushing Attacks In recent years, pushing attempts within Sons have increased sharply. According to the Microsoft Security Intelligence Report, 84. 5% of all pushing attacks target social network site users.