Taxonomy of Various Solutions Against OSN Attacks
In this section, we discuss an overview of different defensive solution for OSN security and safety. The details of various security solutions based on its categories depicted in Figure 2.2.
In-Built Security Solution
The OSN service providers provide the security-based solutions to its user. Some part of the security solutions is provided at the time of profile creation, and other solutions are provided directly to the users, i.e., the authoritative power of individual account holders to set their privacy settings in their profiles. The social networking operators provide security services like OTP (one-time password) and CAPTCHA (Alsaleh, Alarifi, Al-Salman, Alfayez, & Almuhaysin, 2014), photo identification and multistage authentication principle at the time of creation of profile or at the time of log-in. Every Twitter account goes through two-step authentication security for registration, i.e., in the first step, the user enters his/her user id witli password and after that a verification code can generate and redirect that code to the user’s mobile phones and registered email. Using this security, authentication can be verified by the Twitter account. Many of the social networking services provide user authentication setting for protecting their account and valuable information from online predators and attackers.
The security setting, at user level, provides the facility to protect the profile according to the user’s choice. One of the social networking sites called Facebook provides the security setting like who can visit and see your account like friends, family member, mutual friends, or all. Similarly, Google-i- provides grouping facility in a particular account, i.e., users place every account into different groups according to their choice. Some of the service providers provide certain third-party services for security setting by downloading some software. Facebook provides one security system called Facebook immune system to better protect user’s accounts from different malwares online.
Third-Party Software Solutions
To protect the OSN users from different threats, some companies offer soft- ware-based protection system to operate the profiles in better way. Different
2 • Security Challenges in Social Networking 29
FIGURE 2.2 Existing security solutions for different attacks in online social networks (OSNs).
companies provide different solutions against the cyberattacks such as Kaspersky which protects against malware, anti-theft, and botnet attacks on many social networking platforms. Semantic web-based solution, AVG, Panda, and Ariva offer different types of protection to Internet users, especially OSN users. They provide some software-based firewalls, antivirus, and other OSN-related protection to the Internet users to protect different threats like malware, phishing attack, ransomware, and other Internet fraud.
- • McAfee social security protection: It provides security solution to the Facebook users through protecting downloading users’ profile photo. If someone attempts to download the profile picture from Facebook profile, it sends a message in the form of popup to the user site who tried to download your picture.
- • Net Nanny: Parents can monitor and save their children from different threats like cyberbullying and cyber espionage by installing software called Net Nanny (Net Nanny, n.d.). It protects the users from unethical sites and the activity done by the children on many social networking sites like Facebook and Twitter. Parents can also block certain harmful sites using this software. The basic objective of this software is to keep the family member and relatives safe from different attacks when surfing Internet.
- • Vicinity attack: Information sharing and communication is the main factor for using OSNs. The information may contain some credentials like bank account number, sensitive personal information.
To protect the data, anonymisation technique is required before making the data available publicly. If attackers have certain victim information, the attackers can easily collect the information from neighbours, the victim may be re-identified from the social network if anonymisation technique is used by the victim.
- • Norton Safe Web (NSW): It is a web-based service developed by Symantec Corporation to help the users in social networking platform to identify malicious websites. Based on the automated analysis and feedback of the user, it protects the users from malicious websites. The NSW is a Facebook application with many numbers of users to safeguard the user’s privacy.
- • AVG Privacy Fix: AVG provides web-based security solution on mobile platform called AVG Privacy Fix to protect the OSN users from different attacks. The security solution is a web browser addon which allows users to manage their account by configuring their privacy setting. The add-on is incorporated into different social network platforms like Facebook, Linkedln, and Google+ to provide security to its users. It also tracks the movement of different malicious content and generates a report based on their revenue.
- • Facebookprivacy scanner: Privacy scanner called trend micro is an android-based application used on Facebook platform to protect the system from unauthorised access of data. The application scans the privacy setting of the user, and if some privacy-related concern is in the profile, it informs the user.
- • Checkpoint zone alarm privacy scanner: It is a Facebook application that monitors the performance of the system by analysing different posts. The security scanner scans the recent activity of the user and generates a report based on its activity. The checkpoint scanner checks all the recent posts or activities in the profile and identifies the posts that disclose the privacy of the users.