Abstract
Security and privacy have been major concerns of Online Social Networks (OSN). Individual users as well as organizations utilize OSNs, such as Facebook, Twitter, and LinkedIn, to share information with other users within their networks. While sharing information, users are not always aware of the fact that an innocent action on their post by a direct friend such as a comment or a share may turn the post transparent to someone outside their network.
In previous work we have devised a comprehensive Trust-based model that combines Role based Access Control for the direct circle of friends and Flow Control for the friends’ networks. In this paper we reinforce this model by analyzing its strength in terms of OSN features. We simulate attack scenarios carried out by a community of malicious users that attempt to fake the OSN features of the model. We analyze the attack of an alleged trustworthy clique of adversaries and show the futility of such an attack, due to the strength of the model’s parameters and combination of Trust, Access Control and Flow Control. We also demonstrate the robustness of the model when facing an optimized attack, which carefully selects the best network nodes to compromise, as determined by the minimal vertex cover algorithm.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Voloch, N., Levy, P., Elmakies, M., Gudes, E.: A role and trust access control model for preserving privacy and image anonymization in social networks. In: IFIPTM 2019 - 13th IFIP WG 11.11 International Conference on Trust Management (2019)
Voloch, N., Levy, P., Elmakies, M., Gudes, E.: An access control model for data security in online social networks based on role and user credibility. In: International Symposium on Cyber Security Cryptography and Machine Learning (CSCML 2019). Springer, Cham (2019)
Gudes, E., Voloch, N.: An information-flow control model for online social networks based on user-attribute credibility and connection-strength factors. In: CSCML 2018, 2nd International Symposium on Cyber Security Cryptography and Machine Learning (2018)
Voloch, N., Gudes, E.: An MST-based information flow model for security in online social networks. In: The 11th IEEE International Conference on Ubiquitous and Future Networks (ICUFN 2019) (2019)
Heatherly, R., Kantarcioglu, M., Thuraisingham, B.: Preventing private information inference attacks on social networks. IEEE Trans. Knowl. Data Eng. 25(8), 1849–1862 (2012)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)
Lavi, T., Gudes, E.: Trust-based Dynamic RBAC. In: Proceedings of the 2nd International Conference on Information Systems Security and Privacy (ICISSP), pp. 317–324 (2016)
Li, Z., Shen, H., Sapra, K.: Leveraging social networks to combat collusion in reputation systems for peer-to-peer networks. IEEE Trans. Comput. 62(9), 1745–1759 (2012)
Sun, J., Zhu, X., Fang, Y.: A privacy-preserving scheme for online social networks with efficient revocation. In: 2010 Proceedings IEEE INFOCOM, pp. 1–9. IEEE (2010)
Viswanath, B., Bashir, M.A., Crovella, M., Guha, S., Gummadi, K.P., Krishnamurthy, B., Mislove, A.: Towards detecting anomalous user behavior in online social networks. In: 23rd {USENIX} Security Symposium ({USENIX} Security 2014), pp. 223–238 (2014)
Sirur, S., Muller, T.: The reputation lag attack. In: IFIP International Conference on Trust Management, pp. 39–56. Springer, Cham (2019)
Lee, K., Caverlee, J., Webb, S.: The social honeypot project: protecting online communities from spammers. In: Proceedings of the 19th International Conference on World Wide Web, pp. 1139–1140 (2010)
Paradise, A., Shabtai, A., Puzis, R., Elyashar, A., Elovici, Y., Roshandel, M., Peylo, C.: Creation and management of social network honeypots for detecting targeted cyber attacks. IEEE Trans. Comput. Soc. Syst. 4(3), 65–79 (2017)
Huber, M., Mulazzani, M., Weippl, E., Kitzler, G., Goluch, S.: Friend-in-the-middle attacks: exploiting social networking sites for spam. IEEE Internet Comput. 15(3), 28–34 (2011)
Shrivastava, N., Majumder, A., Rastogi, R.: Mining (social) network graphs to detect random link attacks. In: 2008 IEEE 24th International Conference on Data Engineering, pp. 486–495. IEEE (2008)
Dinur, I., Safra, S.: On the hardness of approximating minimum vertex cover. Ann. Math. 439–485 (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Voloch, N., Gudes, E., Gal-Oz, N. (2021). Analyzing the Robustness of a Comprehensive Trust-Based Model for Online Social Networks Against Privacy Attacks. In: Benito, R.M., Cherifi, C., Cherifi, H., Moro, E., Rocha, L.M., Sales-Pardo, M. (eds) Complex Networks & Their Applications IX. COMPLEX NETWORKS 2020 2020. Studies in Computational Intelligence, vol 943. Springer, Cham. https://doi.org/10.1007/978-3-030-65347-7_53
Download citation
DOI: https://doi.org/10.1007/978-3-030-65347-7_53
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-65346-0
Online ISBN: 978-3-030-65347-7
eBook Packages: EngineeringEngineering (R0)