Exploration and Prevention of Privacy Leaks via Public Information in Social Networks
- Title
- Exploration and Prevention of Privacy Leaks via Public Information in Social Networks
- Authors
- 송종혁
- Date Issued
- 2015
- Publisher
- 포항공과대학교
- Abstract
- Nowadays online social network (OSN) is a large part of many people’s
lives. To provide more convenience and usefulness to users, OSNs
have started to interact with other services. However, the combinations
of public information of each service can cause serious privacy
leaks, even though each service provides robust privacy controls. These
privacy leaks are more dangerous because attackers need only public
information that can be accessed by anyone and can damage to multiple
services at the same time. In this dissertation, we propose novel
privacy leak attacks targeted at OSN users using the combinations of
public information, and suggest countermeasures of them.
First, we propose practical attack techniques inferring who clicks
which shortened URLs on Twitter using the combination of public
information: Twitter metadata and public click analytics. We extract
individual visitors from the click analytics by continual observations
and infer browsing history of a target Twitter user. Unlike the conventional
browser history stealing attacks that rely on complicated techniques
and the private information, our attacks only demand publicly
available information provided by Twitter and URL shortening services.
Evaluation results show that our attack can compromise Twitter
users’ privacy with high accuracy.
Second, we depict how one, possibly attackers, can identify accounts
that belong to the same user across multiple OSNs by correlating account
reactions to cross-site posts and by checking the name similarity
of reacting accounts. As many users simultaneously use various online
social networks (OSNs), uploading the same or similar posts to multiple
OSNs, cross-site posts, has become common. However, cross-site
posts not only reveal posting user’s accounts in different OSNs, but
also reveal reacting users’ accounts in different OSNs, who respond to
the posts with various methods: comment, retweet, favorite, and like.
In many OSNs every reaction to public posts is also public, so our
method can identify users who hide most attributes of their accounts.
We evaluate our method with five popular OSNs: Facebook, Twitter,
Flickr, Instagram, and YouTube/Google+. Evaluation results show
that our method has high precision and recall with low false positive
rates.
- URI
- http://postech.dcollection.net/jsp/common/DcLoOrgPer.jsp?sItemId=000002064288
https://oasis.postech.ac.kr/handle/2014.oak/93496
- Article Type
- Thesis
- Files in This Item:
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.