Abstract
Online Social Networks (OSNs) are becoming pervasive in today’s world. Millions of people worldwide are involved in different forms of online networking. However, this ease of use of OSNs comes with a cost in terms of privacy. Users of OSNs become victims of identity theft, cyberstalking, and information leakage, which are real threats to privacy. These threats can obtain a user’s personal information and disclose it for malicious purposes. To understand how researchers are addressing this question, the state of the art of the existing privacy threats in OSNs described in the literature and the existing academic research-based solutions to address such threats were reviewed. To this end, we performed a systematic mapping study to identify, classify and analyze them. From the initial set of 1,117 papers, we selected and extracted 45 publications reporting different threats and solutions. Based on this, this is the first systematic mapping study, to provide: a) well-defined categories of specific privacy threats in the OSN domain; and b) the available academic solutions for preventing these threats. Our results serve as a guide for researchers and analysts in academia and industry to understand the most important privacy threats in OSNs and make moves towards mitigating them.
- [1] . 2018. Privacy threat analysis of mobile social network data publishing. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST 239 (2018), 60–68.
DOI: cited By 0 .Google ScholarCross Ref - [2] . 2016. Privacy preserving social network data publication. IEEE Communications Surveys and Tutorials 18, 3 (2016), 1974–1997.
DOI: cited By 37 .Google ScholarDigital Library - [3] . 2016. Privacy preserving social network data publication. IEEE Communications Surveys & Tutorials 18, 3 (2016), 1974–1997.Google ScholarDigital Library
- [4] . 2018. Online testing of user profile resilience against inference attacks in social networks. In European Conference on Advances in Databases and Information Systems. Springer, 105–117.Google ScholarCross Ref
- [5] . 2018. Online testing of user profile resilience against inference attacks in social networks. Communications in Computer and Information Science 909 (2018), 105–117.
DOI: cited By 0 .Google ScholarCross Ref - [6] . 2012. Privacy in social networks: How risky is your social graph? Proceedings - International Conference on Data Engineering (2012), 9–19.
DOI: cited By 38 .Google ScholarDigital Library - [7] . 2017. Unwinding Ariadne’s identity thread: Privacy risks with fitness trackers and online social networks. MPS 2017 - Proceedings of the 2017 Workshop on Multimedia Privacy and Security, co-located with CCS 2017 January (2017), 1–11.
DOI: cited By 6 .Google ScholarDigital Library - [8] . 2019. A conceptual framework for measuring personal privacy risks in Facebook online social network. 2019 International Conference on Computer and Information Sciences (ICCIS’19) (2019).
DOI: cited By 0 .Google ScholarCross Ref - [9] . 2019. Metrics for privacy assessment when sharing information in online social networks. IEEE Access 7 (2019), 143631–143645.
DOI: cited By 0 .Google ScholarCross Ref - [10] . 2019. Enhancing the privacy risk awareness of teenagers in online social networks through soft-paternalism mechanisms. International Journal of Human Computer Studies 129 (2019), 27–40.
DOI: cited By 0 .Google ScholarDigital Library - [11] . 2019. A framework for secure and privacy protected collaborative contents sharing using public OSN. Cluster Computing 22 (2019), 7275–7286.
DOI: cited By 0 .Google ScholarCross Ref - [12] . 2020. Modelling perceived risks to personal privacy from location disclosure on online social networks. International Journal of Geographical Information Science 34, 1 (2020), 150–176.
DOI: cited By 0 .Google ScholarCross Ref - [13] . 1975. The Environment and Social Behavior: Privacy, Personal Space, Territory, and Crowding. ERIC, (1975).Google Scholar
- [14] . 2007. Guidelines for Performing Systematic Literature Reviews in Software Engineering. Technical report, Ver. 2.3 EBSE Technical Report.Google Scholar
- [15] . 1988. The TAME project: Towards improvement-oriented software environments. IEEE Transactions on Software Engineering 14, 6 (1988), 758–773.Google ScholarDigital Library
- [16] . 2014. Probabilistic prediction of privacy risks in user search histories. PSBD 2014 - Proceedings of the 1st International Workshop on Privacy and Security of Big Data, co-located with CIKM 2014 (2014), 29–36.
DOI: cited By 5 .Google ScholarDigital Library - [17] . 2019. A social network simulation game to raise awareness of privacy among school children. IEEE Transactions on Learning Technologies 12, 4 (2019), 456–469.
DOI: cited By 1 .Google ScholarDigital Library - [18] . 2016. Calculating with different goals in mind - The moderating role of the regulatory focus in the privacy calculus. 24th European Conference on Information Systems, ECIS 2016 (2016).
cited By 1 .Google Scholar - [19] . 2015. Exploring cyber harassment among women who use social media. Universal Journal of Public Health 3, 5 (2015), 194.Google ScholarCross Ref
- [20] . 2015. Social network privacy: Issues and measurement. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 9419 (2015), 488–502.
DOI: cited By 2 .Google ScholarCross Ref - [21] . 2015. Ted Cruz using firm that harvested data on millions of unwitting Facebook users. The Guardian 11 (2015), 2015.Google Scholar
- [22] . 2018. Privacy scoring of social network user profiles through risk analysis. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 10694 LNCS (2018), 227–243.
DOI: cited By 0 .Google ScholarCross Ref - [23] . 2018. To reveal or not to reveal: Balancing user-centric social benefit and privacy in online social networks. Proceedings of the ACM Symposium on Applied Computing (2018), 1157–1164.
DOI: cited By 3 .Google ScholarDigital Library - [24] . 2015. Security and privacy issues in social networks. In Data Management in Pervasive Systems. Springer, 195–209.Google ScholarCross Ref
- [25] . 1977. Privacy and self-disclosure in social relationships. Journal of Social Issues 33, 3 (1977), 102–115.Google ScholarCross Ref
- [26] . 2016. Privacy inference analysis on event-based social networks. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 10047 LNCS (2016), 421–438.
DOI: cited By 0 .Google ScholarCross Ref - [27] . 2018. Modeling privacy leakage risks in large-scale social networks. IEEE Access 6 (2018), 17653–17665.Google ScholarCross Ref
- [28] . 2018. Modeling privacy leakage risks in large-scale social networks. IEEE Access 6 (2018), 17653–17665.
DOI: cited By 4 .Google ScholarCross Ref - [29] . 2012. Privacy threats related to user profiling in online social networks. Proceedings - 2012 ASE/IEEE International Conference on Privacy, Security, Risk and Trust and 2012 ASE/IEEE International Conference on Social Computing, SocialCom/PASSAT 2012 (2012), 838–842.
DOI: cited By 11 .Google ScholarDigital Library - [30] . 2017. Should user-generated content be a matter of privacy awareness? A position paper. IC3K 2017 - Proceedings of the 9th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management 3 (2017), 212–216.
cited By 2 .Google Scholar - [31] . 2015. Open Challenges in Relationship-Based Privacy Mechanisms for Social Network Services. International Journal of Human-Computer Interaction 31, 5 (2015), 350–370.
DOI: cited By 30 .Google ScholarCross Ref - [32] . 2010. Privacy-preserving data publishing: A survey of recent developments. ACM Computing Surveys (CSUR) 42, 4 (2010), 1–53.Google ScholarDigital Library
- [33] Mayra Zurbarán, Liliana González, Pedro Wightman Rojas, and Miguel Labrador. 2014. A survey on privacy in location-based services. Ingeniería y Desarrollo 32, 2 (2014), 314–343.Google Scholar
- [34] . 2017. Suitability of Google Scholar as a source of scientific information and as a source of data for scientific evaluation-review of the literature. Journal of Informetrics 11, 3 (2017), 823–834.Google ScholarCross Ref
- [35] . 2015. Privacy architectures in social networks’ state-of-the-art survey. International Journal of Information Privacy, Security and Integrity 2, 2 (2015), 102–137.Google ScholarCross Ref
- [36] . 2015. Multi-layered graph-based model for social engineering vulnerability assessment. In 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM). IEEE, 1480–1488.Google ScholarDigital Library
- [37] . 2015. Privacy threats from social networking service aggregators. Proceedings - 5th Cybercrime and Trustworthy Computing Conference, CTC 2014 (2015), 30–37.
DOI: cited By 2 .Google ScholarDigital Library - [38] . 2021. Online social networks security and privacy: Comprehensive review and analysis. Complex & Intelligent Systems 7, 5 (2021), 2157–2177.Google ScholarCross Ref
- [39] . 2012. Towards understanding residential privacy by analyzing users’ activities in Foursquare. Proceedings of the ACM Conference on Computer and Communications Security (2012), 25–32.
DOI: cited By 9 .Google ScholarDigital Library - [40] . 2019. On consent in online social networks: Privacy impacts and research directions (short paper). Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 11391 LNCS (2019), 128–135.
DOI: cited By 0 .Google ScholarCross Ref - [41] . 2020. Zooming into video conferencing privacy and security threats. arXiv preprint arXiv:2007.01059 (2020).Google Scholar
- [42] . 2011. Effectiveness of using integrated algorithm in preserving privacy of social network sites users. Communications in Computer and Information Science 167 CCIS, PART 2 (2011), 237–249.
DOI: cited By 0 .Google ScholarCross Ref - [43] . 2017. Privacy and security in online social networks: A survey. Online Social Networks and Media 3 (2017), 1–21.Google ScholarCross Ref
- [44] . 2009. Systematic literature reviews in software engineering–A systematic literature review. Information and Software Technology 51, 1 (2009), 7–15.Google ScholarDigital Library
- [45] . 2010. Systematic literature reviews in software engineering–A tertiary study. Information and Software Technology 52, 8 (2010), 792–805.Google ScholarDigital Library
- [46] . 2017. Risk analysis of online social networks. Proceeding - IEEE International Conference on Computing, Communication and Automation, ICCCA 2016 (2017), 846–851.
DOI: cited By 1 .Google ScholarCross Ref - [47] . 2010. A threat model approach to threats and vulnerabilities in on-line social networks. In Computational Intelligence in Security for Information Systems 2010. Springer, 135–142.Google ScholarCross Ref
- [48] . 2015. A privacy preservation model for health-related social networking sites. Journal of Medical Internet Research 17, 7 (2015).
DOI: cited By 14 .Google ScholarCross Ref - [49] . 2015. Privacy leakage analysis in online social networks. Computers and Security 49 (2015), 239–254.
DOI: cited By 33 .Google ScholarDigital Library - [50] . 2012. New privacy threats for Facebook and Twitter users. Proceedings - 2012 7th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2012 (2012), 164–169.
DOI: cited By 10 .Google ScholarDigital Library - [51] . 2011. Privacy threat analysis of social network data. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 7017 LNCS, PART 2 (2011), 165–174.
DOI: cited By 6 .Google ScholarCross Ref - [52] . 2004. Privacy as contextual integrity. Wash. L. Rev. 79 (2004), 119.Google Scholar
- [53] . 2014. L-opacity: Linkage-aware graph anonymization. Advances in Database Technology - EDBT 2014: 17th International Conference on Extending Database Technology, Proceedings (2014), 583–594.
DOI: cited By 9 .Google ScholarCross Ref - [54] . 2019. Privacy analysis on microblogging online social networks: A survey. ACM Computing Surveys (CSUR) 52, 3 (2019), 1–36.Google ScholarDigital Library
- [55] . 2014. Measuring the privacy of user profiles in personalized information systems. Future Generation Computer Systems 33 (2014), 53–63.Google ScholarDigital Library
- [56] . 2017. A privacy self-assessment framework for online social networks. Expert Systems with Applications 86 (2017), 18–31.
DOI: cited By 10 .Google ScholarCross Ref - [57] . 2017. Your privacy, my privacy? On leakage risk assessment in online social networks. In International Workshop on Personal Analytics and Privacy. Springer, 3–9.Google Scholar
- [58] . 2008. Systematic mapping studies in software engineering. In 12th International Conference on Evaluation and Assessment in Software Engineering (EASE) 12. 1–10.Google ScholarCross Ref
- [59] . 2002. Boundaries of Privacy: Dialectics of Disclosure. Suny Press.Google ScholarCross Ref
- [60] . 2017. On the anonymity risk of time-varying user profiles. Entropy 19, 5 (2017), 1–16.
DOI: cited By 0 .Google ScholarCross Ref - [61] . 2017. A trust-based collaborative access control model with policy aggregation for online social networks. Social Network Analysis and Mining 7, 1 (2017).
DOI: cited By 9 .Google ScholarCross Ref - [62] . 2017. Social network security: Issues, challenges, threats, and solutions. Information Sciences 421 (2017), 43–69.
DOI: cited By 35 .Google ScholarCross Ref - [63] . 2020. A survey on privacy issues in mobile social networks. IEEE Access 8 (2020), 130906–130921.Google ScholarCross Ref
- [64] . 2019. Fast de-anonymization of social networks with structural information. Data Science and Engineering (2019).
DOI: cited By 0 .Google ScholarCross Ref - [65] . 2012. Protecting location privacy: Optimal strategy against localization attacks. In Proceedings of the 2012 ACM Conference on Computer and Communications Security. 617–627.Google ScholarDigital Library
- [66] . 2018. Facebook says Cambridge Analytica may have gained 37m more users’ data. The Guardian 4 (2018).Google Scholar
- [67] . 2018. A personal privacy preserving framework: I let you know who can see what. 41st International ACM SIGIR Conference on Research and Development in Information Retrieval, SIGIR 2018 (2018), 295–304.
DOI: cited By 3 .Google ScholarDigital Library - [68] . 2012. Privacy scores: Assessing privacy risks beyond social networks. Infocommunications Journal 4, 4 (2012), 36–41.
cited By 1 .Google Scholar - [69] . 2015. Security and privacy of distributed online social networks. In 2015 IEEE 35th International Conference on Distributed Computing Systems Workshops. IEEE, 112–119.Google ScholarDigital Library
- [70] . 2011. Need for symmetry: Addressing privacy risks in online social networks. Proceedings - International Conference on Advanced Information Networking and Applications, AINA (2011), 534–541.
DOI: cited By 4 .Google ScholarDigital Library - [71] . 2015. Privacy Pal: Improving permission safety awareness of third party applications in online social networks. Proceedings - 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security and 2015 IEEE 12th International Conference on Embedded Software and Systems, HPCC-CSS-ICESS 2015 (2015), 1268–1273.
DOI: cited By 2 .Google ScholarDigital Library - [72] . 2019. Breach of traveller privacy in location-based social media. Current Issues in Tourism 22, 15 (2019), 1825–1840.
DOI: cited By 2 .Google ScholarCross Ref - [73] . 2015. Privacy threat modeling framework for online social networks. 2015 International Conference on Collaboration Technologies and Systems, CTS 2015 (2015), 358–363.
DOI: cited By 5 .Google ScholarCross Ref - [74] . 2018. A privacy analysis method to anonymous graph based on Bayes rule in social networks. Proceedings - 14th International Conference on Computational Intelligence and Security, CIS 2018 (2018), 469–472.
DOI: cited By 0 .Google ScholarCross Ref - [75] . 2010. Social networking applications in health care: Threats to the privacy and security of health information. In Proceedings of the 2010 ICSE Workshop on Software Engineering in Health Care. 39–49.Google ScholarDigital Library
- [76] . 2012. Experimentation in Software Engineering. Springer Science & Business Media.Google ScholarCross Ref
- [77] . 2020. PPLS: A privacy-preserving location-sharing scheme in mobile online social networks. Science China Information Sciences 63 (2020), 1–11.Google ScholarCross Ref
- [78] . 2005. Predicting the adoption of location-based services: The role of trust and perceived privacy risk. ICIS 2005 Proceedings (2005), 71.Google Scholar
- [79] . 2022. Security and privacy of cloud-based online online social media: A survey. In Sustainable Management of Manufacturing Systems in Industry 4.0. Springer, 213–236.Google ScholarCross Ref
- [80] . 2019. Survey of online social networks threats and solutions. In 2019 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology (JEEIT). IEEE, 375–380.Google ScholarCross Ref
- [81] . 2023. A privacy-dependent condition-based privacy-preserving information sharing scheme in online social networks. Computer Communications (2023).Google ScholarDigital Library
- [82] . 2014. Trust-aware privacy evaluation in online social networks. 2014 IEEE International Conference on Communications, ICC 2014 (2014), 932–938.
DOI: cited By 5 .Google ScholarCross Ref - [83] . 2015. A study of online social network privacy via the TAPE framework. IEEE Journal on Selected Topics in Signal Processing 9, 7 (2015), 1270–1284.
DOI: cited By 7 .Google ScholarCross Ref - [84] . 2014. Privacy risk in anonymized heterogeneous information networks. Advances in Database Technology - EDBT 2014: 17th International Conference on Extending Database Technology, Proceedings (2014), 595–606.
DOI: cited By 7 .Google ScholarCross Ref - [85] . 2017. Security risk estimation of social network privacy issue. ACM International Conference Proceeding Series (2017), 81–85.
DOI: cited By 2 .Google ScholarDigital Library - [86] . 2009. To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles. In Proceedings of the 18th International Conference on World Wide Web. 531–540.Google ScholarDigital Library
- [87] . 2011. Privacy in social networks: A survey. In Social Network Data Analytics. Springer, 277–306.Google ScholarCross Ref
Index Terms
- A Systematic Mapping Study on Social Network Privacy: Threats and Solutions
Recommendations
Privacy leakage analysis in online social networks
Online Social Networks (OSNs) have become one of the major platforms for social interactions, such as building up relationship, sharing personal experiences, and providing other services. The wide adoption of OSNs raises privacy concerns due to personal ...
New Privacy Threats for Facebook and Twitter Users
3PGCIC '12: Proceedings of the 2012 Seventh International Conference on P2P, Parallel, Grid, Cloud and Internet ComputingWith around 1 billion active users, Facebook and Twitter are two of the most famous social networking websites. One particular aspect of these social networks widely discussed in the news and heavily researched in academic circles is the privacy of ...
Privacy Threats Related to User Profiling in Online Social Networks
SOCIALCOM-PASSAT '12: Proceedings of the 2012 ASE/IEEE International Conference on Social Computing and 2012 ASE/IEEE International Conference on Privacy, Security, Risk and TrustThe popularity of Online Social Networks (OSNs) has increased the visibility of users profiles and interactions performed between users. In this paper we structure different privacy threats related to OSNs and describe six different types of privacy ...
Comments