Cyber Security In Social Media

Abstract

Mobile phones have turned to become the basic necessity for a living. The usage of internet had been developing simultaneously like the population of the country. Computer, smart phones and other devices play a very important role in the prediction of the economy and show the dignified status of an individual. These are done through social medias usually has evolved as a trend in recent days. They are the most common platform to communicate with each other. Approximately around 168 million people use social media like facebook, whatsapp, twitter, instagram, etc. , across the country. Because of widespread of social media there has been an increase in cyber crimes happening in Social Medias like cyber bullying, harassment or stalking. Cybercriminals exploit individual’s personal information through social medias as it is usual for users to add their personal information in them. Privacy has become an important concern in social sites.

Users are unaware of privacy risks involved when they share their personal information on social networking sites. How to secure personal information has been a major concern for every user. It is very difficult for the social networking sites to change the privacy policy regularly. The users should be aware of privacy policies and should know where they measure in privacy standards; unfortunately many users are not aware of this and become the victim of privacy and identity breach. Therefore, we conducted a survey regarding security and privacy of social networking sites among our students.

Keywords Social Medias, Social Networking Sites, Cyber Security, Privacy.

INTRODUCTION

Cyber is a common term used for the computers interconnected in a network. As the number of users in the network increases it gives rise to the concern of “CYBER SECURITY”. Security of data from cloud theft, unknown access and damage is known as cyber security. Therefore, a mystery emerges from where the maximum security breaches occur in the network. There comes a point which would end the suspicions to the social networking sites. Social Networking Sites is a online medium which allows different users from various background to create a profile and interact with other users on the same website. Social Networking Sites such as Facebook, Instagram, Whatssapp, Twitter, Snap chat, etc. , have become so popular among people that they have begun to share every single moment of their lives on these sites regardless of its consequences.

Social networking sites have become the easiest form of communicating with each other as everyone have turned dependant on them and an unavoidable for the current generation. Because of the growing popularity it also has its own negative consequences and these sites serve as a large key to cybercrimes and unauthorized access of information. Hackers (a person who uses computers to gain unauthorized access to data) can easily access and gather personal and sensitive information. Users are less aware and least concern about the security settings and they easily become the target of security breach. The lack of knowledge of cyber security is the main reason for cyber crimes in social networking sites. These cyber crimes are caused due to users uploading their personal photos and information in these sites without security policy. In this paper our main focus is to bring awareness of the issues caused due to avoidance of cyber securities in social networking sites. The objective is to identify the vulnerability with privacy and security system is to help to curb web crimes associated with the privacy breach on these sites and also it helps to improve the default security system. The aim of the research is to focus on the issues and challenges faced by the users while using social networking sites. So, the objective here is to analyze and identify vulnerability in privacy settings and privacy breach.

SOME SECURITY ISSUES IN SOCIAL NETWORK

Social media had been compromised from the security perspectives thereby posing great threat to users with respect to their personal, intellectual, career property. This section seeks to outline the security issues that are prone to social media and it users. These security threats ranges from privacy setting threats, identity related attack, social attack, anonymity attack and information leakage attack. Though some of these threats can be combed by simply enlightening the users on the potential threats Malware stems from malicious and software. They are comprises of viruses, Trojans and worms. Some common malware are Koobface and Twitter Worm. Koobface is a worm that spread across social media like Facebook.

This type of worm is spread through the messages that users send to their friends; this messages could be in the form of video. When the friend receives such message with an attached link for the video, the user after clicking that link may be required to download or update the Flash Player, on accepting to download the Flash Player the user‟s computer will be filled with worms that can damage the computer system. Twitter Worm is another attack common with users of Twitter site. One of these worms is Profile Spy worm, which allows attacker to tweet link for downloading third party application call Profile Spy, then when user want to download the app, it will prompt a form to collect user personal details, and with these details, it will keep tweeting malicious messages to the followers of the Twitter user. Another worm known with Twitter is a worm that creates a fake invitation link which directs users to a malicious attachment containing email addresses from compromised computers and spreads by coping it onto removable drives and folders Digital Dossier of Personal Information In this scenario, an attacker gathers profile information of targeted victims on storage space and thereafter uses it for injurious purposes on the victim‟s personality.

Since most of the social media sites provide search for user‟s profile, the attacker can mine out the prospective victim into his storage system and then use it to damage the image of the profile holder Spam are unwanted or unsolicited messages sent to online email or social media account holders. Most often, such messages are malicious, though some have sought to use it as advertisement strategy. The use of spam dates back to when communication networks came into use on the Internet, and they have grown with the advances in the communication networks, not to enhance it but as a circumvent the well intended communication of the legal account owners. . Really, social spam are been propel using different medium. These include text-based, image or picture based and URL based. The URL based social spam usually omits the text, leaving only the link for the user to view thereby dousing the alertness of the unsuspecting victim. Image based social spams comes as attractive images or advertisements with the potency of luring the social network users to click it. This usually leads the user to other online computers that download Trojans into the computer.

The text based social spam is sent with phishing in mind. The security measure to be imbibed in this case is to use available message filtering functionalities that are been provided by the SNS that the user have created account with. Moreover, their third party applications that detect major social network security threat like spam. SQL Injections Web application developers have had their database attacked by attackers through the use of SQL injection. SQL injection is a technical approach used by attackers to gain access to database. Mitigating this attack is mostly left to the developers of the social network so that profile information of users of such social network will be secured. Hackers are able to execute malicious SQL query against underlying databases of vulnerable social network apps.

Identity Theft in social network has become in rampant in popular social networks. The social network juggernaut, Facebook, users have continuously suffered this attack. Identity theft occurs when attackers steal other users identifying data such as profile picture, date and place of birth, and then use it to create another account. Such account is mostly used for fraudulent purposes. Phishing in a sense is a tricking of online users to give out some details such as password, to an illegitimate website. The observation was that decline in such threats does not indicate recline by the attackers but rather, a redirection of attack unto the social media. The social network address must be checked for to ensure it is not a typo squatting site which is usually used to capture users credential. Furthermore, users are to look out for the social websites‟ certificate for scrutiny to ensure logging details are not divulged into the hands of scammers. Though users are continuously been encouraged to use security software, they must as well learn to use different passwords across different online accounts without bowing to prompts requesting for password saving by the browser.

Mobile Phone Attack

By the end of 2014, the number of cellular subscribers will have almost matched the number of people on earth, corresponding to a penetrating 96%, ICT Facts and Figures. Stalking and Cooperate Espionage Information leakage cost such organizations great loss either on financial terms or reputation ground. Social networks continue to serve as platform to engage employees in unconsciously divulging sensitive company data. Some of this information are released to social network without knowing that they can be use more than they intended.

Confidential and Integrity

Confidential and Integrity of User Post A model is developed to show a security measure to ensure information confidentiality and integrity between users of a social network. The encryption algorithm employs the use of symmetric and asymmetric-like algorithms for encoding the plain text into cypher text. First, the Message Authentication Code (MAC) algorithm is used for the initial encryption of the user post. Though MAC uses same key for encrypting and decrypting of the data, however, the key sameness property was modified by proposing the use of public and private keys in place of the same key MAC uses. if user A sets a privacy setting that allows users B to be able to see certain posts on his (user A) profile, then whenever user A sends a post to user B (or those in that category), user A‟s private key would be used alongside the MAC function to encrypt the post.

The output of MAC‟s encryption becomes an input into 3DES symmetric algorithm. When user B receives the post, first, the post is sent into 3DES for the initial phase of decryption. The result of 3DES‟s function will be sent as input into MAC. Then, user B uses user A‟s public key in the MAC function to decrypts post into the actual plain post sent by user A. Confidentiality is the assurance to an entity (data or information) that no one can read or access it except by a recipient that is explicitly stated by the sender. Integrity of an entity (data or information) entails that there is assurance to such entity that no alteration has been carried out on it either intentionally or unintentionally. And lastly, authentication is an assurance to an entity (system, data or information) that another entity (which can be a user, agent or accessor) is who its claims to be. Cryptography plays a major role ensuring confidentiality and integrity of data. Hence, in this paper, leverage on it.

AWARNESS

There are general and personal security measures that a user‟s must take, though this is only dependent on the awareness a user have access to. Most social networks sites have their security settings information that prospective users are supposed to read. As a user, it is important you run through them and secure the best setting that will provide you with required privacy. Setting hard to guess password is also a good security measure on the side of the user. When browsing social network sites, what the users sees and contribute or share may be a loophole through which an attacker can gain entrance to attack. For what you view, always be wary of fancy story, images and URLs. Consider the benefit versus the danger of clicking links, images or text you do not trust.

CONCLUSION

Social networking sites are becoming very useful among people of different fields and profession. College and higher institution students have taken to popular social network sites as a means of socializing and making new friends. Businesses organizations have are also leveraging on the social network in promoting business interest and cooperate image. Hence, this paper first identified some major social network sites and their pros and cons. Major security pitfalls that are rampant in most of these social networks were discussed. Finally, two approaches in mitigating a few of the loop holes observed with social network sites were proposed. More so, it was noted that users of social network are at a more advantage position to personal curtailing some security breaches that may be lunched against them