Social networks are very popular in today's world. Millions of people use various forms of social networks as they allow individuals to connect with friends and family, and share private information. However, issues related to maintaining the privacy and security of a user's information can occur, especially when the user's uploaded content is multimedia, such as photos, videos, and audios. Uploaded multimedia content carries information that can be transmitted virally and almost instantaneously within a social networking site and beyond. In this paper, we present a comprehensive survey of different security and privacy threats that target every user of social networking sites. In addition, we separately focus on various threats that arise due to the sharing of multimedia content within a social networking site. We also discuss current state-of- the-art defense solutions that can protect social network users from these threats. We then present future direction and discuss some easy-to-apply response techniques to achieve the goal of a trustworthy and secure social network ecosystem.
A Social Network Service (SNS) is a kind of web service for establishing a virtual connection between people with similar interests, backgrounds, and activities. A SNS allows its users to find new friends and expand their circle of friends. Data sharing is another key feature of a SNS where users are able to share their interests, videos, photos, activities, and so on. In recent years, SNS such as Twitter and Facebook have become desired media of communication for billions of online users. These services combine user-created profiles with a communication mechanism that enables users to be connected with their friends, families, and colleagues. The prominence of these services is due to the fact that users can update their personal information, interact with other users, and browse other member’s profiles. SNSs can be very beneficial for users because they shrink economic and geographical borders. In addition, they can be utilized for achieving goals related to job searching, entertainment, education. However, the popularity of SNSs creates a high risk for their users. The large amount of personal data that users share on SNSs makes them a desirable target for attackers. Attackers can obtain sensitive personal data simply by using a SNS and can carry out many kinds of attacks, such as spam, malware, socialbots, and identity theft. Moreover, attackers can find other significant data, such as bank account information, by analyzing the user’s personal data and can commit internet crimes, such as bank fraud. According to an analysis by Raggo , SNS attacks can range from account hijacking, fraud, and impersonation attacks to malware distribution. A sophisticated attack can compromise the enterprise networks. The fundamental concept of a SNS is shown in Fig. 1.
SNSs have become a desired medium of communication for billions of web users, as such services allow people to share their interests, photos, videos, and engage with friends without geographical and economic limitations. However, these services can expose users to serious cyber security risks. In this paper, we provided a state-of-the-art study on several kinds of privacy and security issues in SNSs that arise from some of their significant features, such as sharing pictures, commenting, tagging, and blogging. To understand the issues, we summarized various recent attack statistics and security reports that have been released by several security organizations and blogs. Furthermore, we addressed the security state of SNSs by describing three classes of threats: Multimedia content threats, Traditional threats, and Social threats. Subsequently, we conducted a analysis of the possible and existing schemes for protecting SNS users against these threats. We also compared various SNS security attacks based on certain parameters and discussed some open research challenges and future direction. Finally, we presented some easy-to-apply response techniques that can be easily followed by SNS users to better protect themselves against various security threats. We suggest that SNS users follow our response techniques and educate themselves and their colleagues on any recent security threats.
Based on the analysis of recent security issues and solutions in this paper, our findings suggest that SNSs provide a new research direction with many opportunity, such as investigating new types of privacy and security threats, and designing and assessing innovative SNSs security solutions. The future research direction presented in this paper can be used to improve the current state-of-the-art SNSs security solutions.