Infiltrating social network accounts: Attacks and defenses

Abstract

Social networks collect and make public an unprecedented amount of user location information. This raises significant user privacy concerns. In this chapter, we describe social networking infiltration attacks, where adversaries befriend random victims of their choice and acquire access to their private information. To address this problem, we propose verification mechanisms that use location information certified by geosocial networks to quantify the context shared by a user and an inviter. We develop novel visual notifications that leverage the outcome of the proposed verifications to inform users about the context they share with inviters. The impact of location information makes it however vulnerable to attacks: users can rely on existing tools to report fraudulent locations. We describe venue centric location verification solutions that are resilient to powerful adversaries.