Involuntary Information Leakage in Social Network Services

Authors:
Ieng-Fat Lam;Kuan-Ta Chen;Ling-Jyh Chen
Affiliations:
Institute of Information Science, Academia Sinica,;Institute of Information Science, Academia Sinica,;Institute of Information Science, Academia Sinica,
Venue:
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Year:
2008

Citing 7
Cited 6

Friendster and publicly articulated social networking

CHI '04 Extended Abstracts on Human Factors in Computing Systems
Privacy in electronic commerce and the economics of immediate gratification

EC '04 Proceedings of the 5th ACM conference on Electronic commerce
Information revelation and privacy in online social networks

Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Do security toolbars actually prevent phishing attacks?

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Structure and evolution of online social networks

Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
Analysis of topological characteristics of huge online social networking services

Proceedings of the 16th international conference on World Wide Web
Measurement and analysis of online social networks

Proceedings of the 7th ACM SIGCOMM conference on Internet measurement

Maximizing circle of trust in online social networks

Proceedings of the 23rd ACM conference on Hypertext and social media
A vulnerability evaluation framework for online social network profiles: axioms and propositions

International Journal of Internet Technology and Secured Transactions
We know where you live: privacy characterization of foursquare behavior

Proceedings of the 2012 ACM Conference on Ubiquitous Computing
The walls have ears: optimize sharing for visibility and privacy in online social networks

Proceedings of the 21st ACM international conference on Information and knowledge management
Multi agent system approach for vulnerability analysis of online social network profiles over time

International Journal of Knowledge and Web Intelligence
Syntactic analysis for monitoring personal information leakage on social network services: a case study on twitter

ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Disclosing personal information in online social network services is a double-edged sword. Information exposure is usually a plus, even a must, if people want to participate in social communities; however, leakage of personal information, especially one's identity, may invite malicious attacks from the real world and cyberspace, such as stalking, reputation slander, personalized spamming and phishing. Even if people do not reveal their personal information online, others may do so. In this paper, we consider the problem of involuntary information leakage in social network services and demonstrate its seriousness with a case study of Wretch, the biggest social network site in Taiwan. Wretch allows users to annotate their friends' profiles with a one-line description, from which a friend's private information, such as real name, age, and school attendance records , may be inferred without the information owner's knowledge. Our analysis results show that users' efforts to protect their privacy cannot prevent their personal information from being revealed online. In 592,548 effective profiles that we collected, the first name of 72% of the accounts and the full name of 30% of the accounts could be easily inferred by using a number of heuristics. The age of 15% of the account holders and at least one school attended by 42% of the holders could also be inferred. We discuss several potential means of mitigating the identified involuntary information leakage problem.