Communications of the ACM
NOYB: privacy in online social networks
Proceedings of the first workshop on Online social networks
FlyByNight: mitigating the privacy risks of social networking
Proceedings of the 7th ACM workshop on Privacy in the electronic society
Social networks and context-aware spam
Proceedings of the 2008 ACM conference on Computer supported cooperative work
Social applications: exploring a more secure framework
Proceedings of the 5th Symposium on Usable Privacy and Security
On the leakage of personally identifiable information via online social networks
Proceedings of the 2nd ACM workshop on Online social networks
FaceCloak: An Architecture for User Privacy on Social Networking Sites
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Social-Networks Connect Services
Computer
xBook: redesigning privacy control in social networking platforms
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Private information disclosure from web searches
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Friend-in-the-Middle Attacks: Exploiting Social Networking Sites for Spam
IEEE Internet Computing
Scramble! your social network data
PETS'11 Proceedings of the 11th international conference on Privacy enhancing technologies
AmazonIA: when elasticity snaps back
Proceedings of the 18th ACM conference on Computer and communications security
Proceedings of the 18th ACM conference on Computer and communications security
Contextual gaps: privacy issues on Facebook
Ethics and Information Technology
Third-party apps on Facebook: privacy and the illusion of control
CHIMIT '11 Proceedings of the 5th ACM Symposium on Computer Human Interaction for Management of Information Technology
Social snapshots: digital forensics for online social networks
Proceedings of the 27th Annual Computer Security Applications Conference
Privacy: is there an app for that?
Proceedings of the Seventh Symposium on Usable Privacy and Security
Is this app safe?: a large scale study on application permissions and risk signals
Proceedings of the 21st international conference on World Wide Web
A security analysis of amazon's elastic compute cloud service
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Third-Party Web Tracking: Policy and Technology
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
PoX: Protecting users from malicious Facebook applications
Computer Communications
Mining Permission Request Patterns from Android and Facebook Applications
ICDM '12 Proceedings of the 2012 IEEE 12th International Conference on Data Mining
Privacy and online social networks: can colorless green ideas sleep furiously?
IEEE Security and Privacy
| Hi-index | 0.00 |
Third-party apps for social networking sites have emerged as a popular feature for online social networks, and are used by millions of users every day. In exchange for additional features, users grant third parties access to their personal data. However, these third parties do not necessarily protect the data to the same extent as social network providers. To automatically analyze the unique privacy and security issues of social networking applications on a large scale, we propose a novel framework, called AppInspect. Our framework enumerates available social networking apps and collects metrics such as the personal information transferred to third party developers. AppInspect furthermore identifies web trackers, as well as information leaks, and provides insights into the hosting infrastructures of apps. We implemented a prototype of our novel framework to evaluate Facebook's application ecosystem. Our evaluation shows that AppInspect is able to detect malpractices of social networking apps in an automated fashion. During our study we collaborated with Facebook to mitigate shortcomings of popular apps that affected the security and privacy of millions of social networking users.