Ethics

profileberli
Privacyandsecurityissuesinthefuture-AsocialmediaGroup2.pdf

Materials Today: Proceedings xxx (xxxx) xxx

Contents lists available at ScienceDirect

Materials Today: Proceedings

journal homepage: www.elsevier.com/locate/matpr

Privacy and security issues in the future: A social media

https://doi.org/10.1016/j.matpr.2020.11.105 2214-7853/� 2021 Elsevier Ltd. All rights reserved. Selection and peer-review under responsibility of the scientific committee of the Emerging Trends in Materials Science, Technology and Engineering.

E-mail address: [email protected] (C. Sushama)

Please cite this article as: C. Sushama, M. Sunil Kumar and P. Neelima, Privacy and security issues in the future: A social media, Materials Today: P ings, https://doi.org/10.1016/j.matpr.2020.11.105

C. Sushama a, M. Sunil Kumar b, P. Neelima c

a Dept. of CSSE, Sree Vidyanikethan Engineering College, Tirupati, AP,India b Dept. of CSE, Sree Vidyanikethan Engineering College, Tirupati, AP, India c Dept. of CSE, School of Engineering & Technology, SPMVV University, Tirupati, AP, India

a r t i c l e i n f o

Article history: Received 30 October 2020 Accepted 6 November 2020 Available online xxxx

Keywords: Social media Privacy & Security Networking Attacks Peer to peer

a b s t r a c t

In recent years, online social networks like Face book, MySpace and Twitter have undergone rapid growth. Such OSNs deliver enticing online social networks and communications but also raise questions about privacy and security. Here we discuss issues relating to OSN protection and privacy. We consider there are inherent contradictions of design between these and OSN’s conventional design objectives like usability and sociability. They address the particular problems of security and privacy design posed by OSN’s core functionalities, and discusses several ways to use social network theory to minimize these contradictions in design. � 2021 Elsevier Ltd. All rights reserved. Selection and peer-review under responsibility of the scientific committee of the Emerging Trends in Materials Science, Technology and Engineering.

1. Introduction

Social networking sites are described as collaborative web-based apps that provide users with the ability to connect with relatives and acquaintances, meet new people, enter communities, talk, exchange photographs, and arrange events and networking with others that are close to real life. Social network platforms are used to establish mutual links with people that share the same preferences and inter- ests. The NAS offers customer [8] network connectivity tools such as personality evaluation, social networking [1] events, fan clubs, etc. The NAS develops platforms that facilitate communication and con- sumer participation. The privacy phenomenon is a curioustrend that exists on SN websites where individuals are typically more defen- sive of their personal details when utilizing different communica- tions media (i.e. email or telephone) than they are prepared to provide such details through SN websites.

Through this global network, the Internet links the entire world, making it impossible to secure information. The usage of modern engineering approaches. Knowing the motive behind the misuse of knowledge and assaults on SN sites tends to include the right methods for securing user details. Attackers and fraudsters will just attack for fun, and

In order to show that they can penetrate protected networks, others may strike to obtain control of networks to assemble devices into a BotNet to Assaults Do. The most popular reason,

though, is the financial advantage of collecting confidential per- sonal details from consumers.

For instances, bank accounts, social security numbers and pass- words. For that, the perpetrators can perform identity stealing offenses and produce profits. Alongside the technical options, there are a range of steps that need to be addressed. Those include increasing awareness among users to help them make a distinction between confidential information and public information. Addi- tionally, SN pages should be instrumental in securing personal information. We will improve the filtering of Spam and suspicious connections, alert users when any intrusion happens, and Cus- tomizable domains carefully to defend from website assaults and other risks, including SQL injection and Cross-Site Scripting (XSS), which may be applied to the website code to gather information, compel people to download malware and hijack user accounts.

2. Privacy and security for online social network

2.1. Social network

Online [3] social networks are websites that enable users to connect and build relationships with other Internet users.

2.2. Types of social network

There are several different types of social networks. Some of them include:

roceed-

C. Sushama, M. Sunil Kumar and P. Neelima Materials Today: Proceedings xxx (xxxx) xxx

1. Personal Social Network 2. Status Update Social Network 3. Location Social Network 4. Shared Interest Social Network 5. Content Sharing Social Network 1. Personal Social Network:

Such networks enable users to build detailed online accounts and to connect with other users, with a emphasis on social connec- tions, including friendship. These networks may provide the exchange of information with other registered users, such as gen- der, age, interest, educational history and employment, as well as music, photographs, and video files and links. These networks can often exchange specified data with non-authorized links to individuals and applications.

Ex: Facebook, MySpace, Friendster

2. Status updates Social Network:

These forms of social networks are built to enable users to post short status changes such that they can communicate quickly with other users. Many networks are based on providing easy, simple upgrades to their services. These networks are built to relay details easily and freely, while privacy settings can exist to prevent expo- sure to status alerts. Ex: Twitter

3. Location Social Network:

These networks are built to communicate one’s position in real time, either as public knowledge or as a transparent notification to authorized contacts. Many of such networks are designed to con- nect with other social networks.

Ex: Brightkite, Foursquare, Latitude of Twitter, Loopt

4. Shared interest Network:

Many such networks borrow functionality from other types of social networks targeted at a group of people, such as those with shared activities, educational backgrounds, political affiliations, ethnic backgrounds, moral beliefs, sexual orientations or other dis- tinguishing preferences.

Ex: LinkedIn

5. Content sharing Network:

These networks are organized as content-sharing platforms, such as songs, pictures, and video. Through including the option to construct personal accounts, these websites develop relation- ships and engage with other users via comments.

Ex: YouTube, Flick

3. System architecture of online social network

There are two paradigms of having an OSN applied.

1. Architecture of client–server, and 2. Along with peer to peer architecture

Fig. 1. Client server architecture.

3.1. Client-server architecture

It is a computer network system where several clients (remote processors) request and accept a central server (host computer) service.

� Database machines have a graphical user interface to request system services and display the output of the application.

2

3.1.1. Operation Objects are spread over a client–server network and are han-

dled by a central storage computer. This has more stability than peer-to - peer networking, because all resources are in the same place. You will guarantee that only licensed users may access the data and equipment in the network by protecting the server by password. However, it is much more difficult to set up client–ser- ver networks than their peer-to - peer equivalent, since cloud equipment and applications cost more than normal desktop com- puters (Fig. 1)

3.2. Peer- to-peer architecture

The peer-to-peer network is a network where distributed nodes (’peers’) exchange resources among themselves without a central- ized administrative system being used.

It adopts a decentralized model that depends on collaboration between a variety of independent parties, who are also OSN users.

Peer-to - peer networks ignore a core network assets manage- ment system. Additionally, resources are shared across the differ- ent customers that make up the network in a peer-to - peer network. Peer-to - peer networks are also simple to set up, but may be less efficient than networks. client servers (Fig. 2).

3.2.1. Operation Peer-to - peer networks are designed to make it as convenient

as possible to exchange information. You may create a peer-to - peer network by merely connecting a few machines together, enabling you to move data with limited configuration time or financial expense from one system to another. Nonetheless, encryption can be challenging to manage peer-to - peer, since there is no single user authentication service available.

Peer-to - peer networks are typically in households and small offices and do not need centralized access to files or resources. A gateway, which is generally a switch or router, is required to con- nect more computers. This design is useful for file sharing, or for accessing a printer or storage system connected to a single com- puter, for example.

4. Privacy issues in social networking websites

4.1. Facebook profile hacking techniques

4.1.1. Phishing Phishing is now the most common threat technique used to

access Facebook profiles. There are a number of methods to per- form phishing attack. In a basic phishing assault a hacker creates a false log in page that looks much like the actual Facebook account and then requests the user to sign in. Once the user signs into the false database, the victims are stored in a text file with ‘‘Email Address” and ‘‘Password,” and then the intruder unlocks the text file and lets his hands on the victims’ passwords.

Fig. 2. Peer-to-Peer architecture.

Fig. 4. Using similar facebook login information.

Fig. 5. Tracking of phishing websites.

C. Sushama, M. Sunil Kumar and P. Neelima Materials Today: Proceedings xxx (xxxx) xxx

How to protect yourself from Phishing Attack on Facebook: Occasionally malicious users and websites that use the social

networking platform on Facebook to access your personal details, in a process commonly referred to as a ‘‘phishing assault.” There are several ways you can protect yourself from phishing attacks on Facebook.

Verify that the Facebook platform you’re using is legitimate The fraudulent pages, including the one below, use a close URL

to Facebook.com in an attempt to access users’ login details. The men behind such pages, identified as ‘phishers,’ also use the details to hack victims’ accounts and submit messages to their friends, fur- ther propagating the unauthorized domains (Fig. 3).

Look at the web address in your Internet browser’s address bar to decide if you are on the Facebook domain. All official Facebook web pages exist on the ‘‘Facebook.com” domain.

Using exclusive information on Facebook logins that is not used on any other website.

To protect you from phishing attacks on Facebook and other websites you always learn from your Facebook email address and password in case a phisher knows (Fig. 4).

� Access Facebook using a plugin that monitors a blacklist of phishing websites

Some internet browsers can block links to malicious websites. Examples of browsers are Firefox 3.0.10 and Internet Explorer 8, with this feature (Fig. 5).

4.1.2. Keylogging A keylogger (short for keystroke logger) is a system that moni-

tors or records the keys that have been pressed on your keyboard, normally in a silent manner, so you don’t realize that your actions are being tracked. Typically this is accomplished with a malicious purpose to collect information concerning your identity, payment card numbers, usernames, passwords, and other personal info. Keylogging is the easiest way to win a Facebook account. Keylog- ging may also be so risky that only anyone with good programming

Fig. 3. Verify the Facebook platform is legitimate.

3

skills can fall in for it. A keylogger is essentially a tiny program that tracks all types of offenders on his/her [6] machine before it is enabled on the device of the perpetrator (Fig. 6).

Tips to protect your account from Keylogger:

� Caution when opening attachments-With malicious keylog- ger apps, files obtained It can be embedded via email, P2P [2] networks, chat, social networks or even text messages (for mobile devices).

� Watch your passwords – Stop utilizing one-time codes and maintain the two-step authentication of the key domains you are signing into. You can also use a password manager such

Fig. 6. keylogging.

Fig. 8. Session hijacking.

C. Sushama, M. Sunil Kumar and P. Neelima Materials Today: Proceedings xxx (xxxx) xxx

as McAfee SafeKey, which is compatible through the McAfee LiveSafe program which can automatically recall the username Only passwords, so you should avoid keylogging if you don’t enter any details on the web and the password manager can do it for you.

� � Use a robust security solution Protect all computers PCs, Macs, iphones, and tablets with antivirus, firewall, Password, and data encryption tools from McAfee LiveSafe.

4.1.3. Stealer’s About 80 per cent of users use passwords saved in their brow-

sers to enter Twitter. It is fairly simple, but can also be incredibly dangerous. Stealer’s are specifically designed devices for the offenders to access the saved passwords installed in the Internet browser (Fig. 7).

Secure your privacy from Stealers: Change your web browser from Chrome to Mozilla Firefox to

become secure. Since Mozilla Firefox offers the best plugins for protection that shield you from hackers.

List of main protection plugins are:

1. No-script:- > This plugin lets you browse the internet. This plu- gin blocks all scripts used to sniff your passwords to steal them.

2. FB Phishing Protector:- > This plugin stops you from phishing facebook.

3. Ghostery:- > This plugin gives you information and blocks all monitoring of websites.

4. Trust web:- > This plugin shows you a website’s security ranking.

4.1.4. Session Hijacking Application Hijacking may also be very risky if you use a (non-

secure) http link to access Facebook. A intruder takes the victim window cookie in Session Hijacking Assault, which is used on a page to authenticate the user and use it to enter the victim account. Workshop hijacking, and WiFi links, are commonly used on LAN (Fig. 8).

4.1.5. DNS spoofing If both the victim and the intruder are on the same network, an

intruder might Using the DNS spoofing assault to change the initial Facebook profile to their own false page, and therefore gain access to victims’ Facebook account.

Tips for Preventing DNS Spoofing:

� Maintain an Up-to - Date DNS program.

Fig. 7. Stealers hacking.

4

� Allow alerts from trusted sources and zone transfers. � Operate a dedicated DNS server for both internal and public services.

� Using the protected key to sign notifications that other DNS ser- vers provide. It removes alerts from untrustworthy outlets (Fig. 9).

4.1.6. Man in the middle attacks During this assault, an intruder puts himself between a visitor

and a website, and impersonates them. The client believes it is talking to the server on an authenticated network for this attack, and the server believes it is talking to the victim, but both are talk- ing to the intruder in the middle-sitting role. All traffic passes through the man-in-the-middle, who can read all the information and change them.

When the user and the intruder are on the same LAN with a switch-dependent network, a hacker may either place himself between the client and the server or function as a default conduit to capture all traffic between them (Fig. 10).

Man in the middle attack prevention:

Fig. 9. DNS spoofing.

Fig. 10. Man in the middle attack.

C. Sushama, M. Sunil Kumar and P. Neelima Materials Today: Proceedings xxx (xxxx) xxx

Many efficient MITM protections can either be located on the server-side or on the router. You would have no dedicated power regarding security of your transaction. Alternatively you should use a solid encryption between the client and the server. In this sit- uation the server authenticates the client’s request by sending a digital credential, and then only correspondence may be made.

Another approach to prevent these MITM assaults is to never link directly to free WiFi routers. When you like you can use a cli- ent plug-in such as HTTPS Everywhere, or ForceTLS. Such plug-ins will help you create a safe connection if an alternative occurs.

4.1.7. Botnets Owing to the high startup costs, botnets are not commonly used

to access Facebook accounts. They are used to participating in com- plex assaults. A Botnet is simply an network of infected computers. The malware strategy is the same as key logging except a Botnet helps you to perform external attacks on the infected device. Spyeye and Zeus are the Botnets most widely used (Fig. 11).

Botnet Prevention: There are many steps users should take to avoid infection with

the botnet virus. Baselining the network: Network output and operation should

be tracked so that abnormal behavior in the network is evident. Security updates: The security fixes will keep all applications

up-to - date. Watchfulness:Users should always be educated to prevent

behavior that places them at risk for bot infections or other mal- ware. This involves opening emails or messages, posting attach- ments or following links from untrustworthy or unknown websites.

Fig. 11. Botnet a

5

Anti-Botnet tools: There are many steps users should take to avoid infection with the botnet virus.

Baselining the network: Network output and operation should be tracked so that abnormal behavior in the network is evident.

Security updates: The security fixes will keep all applications up-to - date.

4.2. Twitter

4.2.1. Twitter privacy policy The privacy policy of Twitter states that metadata is obtained

via numerous websites, apps, text messages, utilities, APIs and other third parties. When the consumer orders the Twitter service, they agree to the capturing, transfer, encoding, exploitation, distri- bution and other specifications of this content. Title, login, pass- word and e-mail address have to be provided to build a Twitter account. All extra data applied to one’s profile are purely optional. Your IP address, user type, database domain, visited pages, tele- phone operator, IDS device and client and search keywords are automatically registered by Twitter servers.

Facebook helps people to exchange details with others who par- ticipate. Any tweets not removed from the default privacy setting are public and those with a Twitter account will be viewed as such. On a shared timeline the most recent 20 tweets are listed. Notwith- standing the best attempts by Twitter to protect the privacy of its customers, personal details may still be harmful to sharing. There were cases of people thinking of going on holiday and offering the dates and locations they are going to go to, and how long they’re going to be home. It has since led to several break-ins and robberies.

Another problem on Twitter coping with leaked messages con- cerns anonymity. Leaked messages are messages sent but made public from a private account. This occurs when the message is public when someone’s buddies of a private account retweet, or copy and paste, the person’s message and so on and so forth. It would make available the private information, which may possibly be harmful.

Twitter assisted people who had been targeted by a phishing attack. Phishing is a difficult mechanism whereby an attempt is made to obtain personal information, such as usernames and pass- words on Twitter (Fig. 12).

4.2.2. Ways to avoid phishing:

� Do not allow any external third-party apps to access your Twit- ter account, regardless of whether you are using the old user- name/password form, unless you are confident they are secure.

rchitecture.

C. Sushama, M. Sunil Kumar and P. Neelima Materials Today: Proceedings xxx (xxxx) xxx

� Mount a Power Twitter plug-in and Firefox’s Bit.ly Preview plug-in. These plug-ins would allow you to display the most condensed URLs and see if they really go where they appear to be.

Privacy of Twitter: Twitter has 2 privacy settings standard, Public Tweets (the

default setting), and Private Tweets standard. Public Tweets: Open to everyone. Everybody will be able to see your profile and

tweets whether they have a Twitter account or not. Private tweets: can only be seen by your verified Twitter followers.

� Those who want to go after you must be allowed

4.3. LinkedIn

LinkedIn will be a perfect place to network with others through- out the profession as well as to connect with any of the past favor- ite colleagues. LinkedIn profile is a kind of digital portfolio where you will highlight your credentials, share details about where you’ve served, where you’ve been to college, including what you’ve been focusing on throughout your life. The concern is whether details upon this LinkedIn profile can be dangerous in the wrong hands.

4.3.1. Ways to protect your account from Hacking

� Consider restricting the contact details in your profile that you post (Fig. 13) Remove your contact details from your online profile on LinkedIn:

1. Click the ‘Change Profile’ button in the ‘Account’ tab at the top of the LinkedIn home screen.

2. Scroll down to the ‘Personal Information’ portion and click the ’Correction’ button to pick your phone number, address or other personal details you might like to erase.

Switch on Safe Browsing Mode at LinkedIn LinkedIn provides a secure HTTPS browsing alternative that is

just a must-have tool, particularly while using LinkedIn through coffee shops, airports or other public Wi-Fi hotspots to search packet sniffers for hackers.

To require safe browsing mode with LinkedIn

1. When you have signed in, press the triangle on the top right corner of the LinkedIn page next to your profile.

Fig. 13. Limiting the sharing of information in profile.

6

2. Click ‘Options’ option from the drop down column. 3. Click the ‘Wallet’ button on the bottom left corner of the page. 4. Tap ‘Manage Security Settings’ and then insert a check box that

says ‘Use Safe Key (HTTPS) to enter LinkedIn’ in the pop-up win- dow that opens as needed.

5. Click the ‘Shift Transfer’ icon.

Try Limiting Data to The Social Profile

1. When you have signed in, click on the triangle at the top right corner of the LinkedIn page next to your profile.

2. Select on ‘Options’ tab from the drop down line. 3. Choose the ‘Edit Public Profile’ button at that bottom of the

screen from the ‘Account’ tab. 4. In the ‘Customize your Online Profile’ box upon this right side of

the screen, uncheck the boxes including its pieces you wish to remove from public view.

4.4. Email

Electronic mail is a means of sending digital messages from an sender to one or more recipients, most frequently referred to as email or fax. Digital email is accessible via the Internet or other computer networks.

Working of Electronic mail: (Fig. 14)

4.4.1. Electronic privacy Email protection from unauthorized access and review is called

electronic privacy. Security issues: [4] e-mail is vulnerable to both passive and vio-

lent assaults. Passive risks involve message content disclosure and traffic monitoring, while aggressive risks involve message content manipulation, masking, replication, and denial of service assaults.

Disclosure of Information: Many emails are simply submitted (not encrypted) in the Clear form. Individuals other than autho- rized recipients can use certain available tools to read the contents of the email.

Traffic analysis: Most nations are considered to routinely track email correspondence as part of their monitoring. This is not just for counter-terrorism reasons but also to facilitate the battle against industrial theft and the execution of democratic audits. Nevertheless, it is not dedicated to the national authorities as there is a booming industry of supplying [7] knowledge inside emails to economic and criminal entities.

Modification of messages: The contents of the email can be mod- ified through delivery or storage. Throughout this case, a man-in- the-medium attack typically does not need gateway power, because An intruder who resides in the same Local Area Network (LAN) may using an Address Resolution Protocol (ARP) spoofing tool such as a ‘‘ettercap” can intercept or change any email packet who goes to or through a mail server or gateway.

Masquerade: You may submit a message in the name of another individual or organization.

Replay of previous messages: Other receivers can be resentful to previous messages. This may result in death, confusion or harm to the credibility of a individual or organization. If e-mail is used for certain reasons, such as transfer of money, registration and reser- vation, it can trigger any damages.

Spoofing: Fake messages may also be inserted into the mail net- work of another person. Using Trojan horses, which may be achieved from inside the LAN, or from beyond the network.

Denial of Service: You will unsubscribe the mail network by overloading it with mail photos. This can be done by utilizing Tro- jan horses or malware that are submitted to users within the email content. Blocking user accounts can also be accomplished by con- stantly inserting incorrect passwords in the login process.

Fig. 14. Working of Email.

C. Sushama, M. Sunil Kumar and P. Neelima Materials Today: Proceedings xxx (xxxx) xxx

4.4.2. Remedies All routers in the email network, and any connections between

them, need to be secured to maintain a safe degree of privacy. It is accomplished by code encryption, which transforms email infor- mation into nonsensical text that can only be decrypted by the receiver if correctly constructed.

There are two simple techniques to render these safe communi- cations available. Electronic envelope policy involves the auto- mated encryption of a text utilizing a secure encryption protocol such as S/MIME, OpenPGP (Public Key Infrastructure). Such secu- rity techniques are mostly the responsibility of the user, but there are OpenPGP Business implementations. OpenPGP also requires the exchange of encryption keys. However if an encrypted email is captured and translated, information without a decryption key is worthless. Examples of reliable communication solutions will now be based on symmetric encryption keys only.

Authentication essentially means that each user must show that they are utilizing either a password, a biometric (such as a finger- print) or a form of authentication. The second choice is to supply the receiver with an confidential letter which does not have to include any identifying information but which delivers a response to the recipient’s secure mail facility. The receiver then goes to the website of the safe source, where the receiver is supposed to sign in with a user name and password before receiving the post. Most approaches merge methods, allowing for offline training.

4.5. Skype security

4.5.1. Skype Skype is a Voice over Internet Protocol (VoIP) program built by

Skype Technologies S.A. It is a peer-to - peer network which dis- tributes voice communications over the Internet more than over a specific purpose network [5]. Skype users are trying to connect to other apps, letting them scan and transfer details to other Skype users.

4.5.2. Avoiding online fraud, spam and viruses

� Always check which website or retailer you trust until your credit card details are posted on pages that claim to be reselling Skype items;

� You can manage Skype Points and alerts directly from the Skype website; you can also conveniently order apps from the Skype shop.

7

� Always respond to emails that contain your credit card number, password or other information. Skype will never inquire about such information via e-mail.

4.5.3. Skype security from phishing When an email asks you to take action on your account, please

do not follow the links in the text, but enter skype.com in your browser and proceed to your account directly from the Skype website.

Once you arrive at a page, make sure that it says skype.com in the URL with a connection or any other redirect that does not have extra characters or terms in the web address. For eg, notskype.com or skype1.com web addresses are both invalid.

Ways to protect your account from other hacking techniques Technology has infiltrated lives as never imagined, and the

more you interact on the web and through mobile, the more at risk you are for some sort of data hackingintrusion. There are lots of products and services that will offer some sort of protection but it does feel like an ongoing game of whack-a-mole to keep every- thing under constant protection.

� Use multiple passwords.

Use different passwords for different websites. Use both capital letters and numbers. Do not reveal your password in public.

� Be attentive with connectivity.

There are lots of good reasons to shut off your computer and phone periodically. It’s harder to hack electronics when they are powered down. Be conscious of where you connect and sites for which you sign up. If you connect based on need rather than impulse, you will reduce your risk.

� Be more cautious in sharing.

Never store or communicate anything electronically that you wouldn’t be willing to share with everybody!” It’s truly the only way to get peace of mind since no matter how much you try to pre- vent it, you still may get hacked. Just make sure you mitigate the risk.

C. Sushama, M. Sunil Kumar and P. Neelima Materials Today: Proceedings xxx (xxxx) xxx

� Backup:

Backups make things much simpler. Many of your files can dis- appear during an attack, and they may not be recovered. Backups will prevent you from loosing important data.

� Awareness

Be mindful that risks and vulnerabilities do exist. Being aware of the possible dangers will encourage you to incorporate security measures into your daily routine.

� Updates

Regularly update your Applications. This will protect the pro- tection network from leaks.

� Emails

Using multiple email addresses. Do not connect your bank account to your Facebook, Twitter, LinkedIn. Use different emails for different purposes.

� Antivirus

This is a must-see. Antivirus will give you sufficient protection no matter how vigilant you are, and will also check your system. Mind to pick good antivirus.

� Beware

Beware of social manipulation and phishing. Do not respond to emails that seem suspicious, or mimic the website of your bank, etc. Be careful when you give your personal information on the web. Check if the source can be trusted.

5. Conclusion

Social networking sites are a big driver of apps where millions of people across the world depend on them to communicate and share information with others. This gigantic presence fuels the need to put up the best security measures to better secure users’

8

data. Many of the approaches provide a solution for a few privacy issues. Nevertheless, the program’s usability and reliability for the daily users tended to be compromised in establishing higher pro- tection controls. However, all the programs analyzed have failed to address or calculate the tradeoffs between higher protection precautions and network performance.

There are several opportunities for new frameworks or even current frameworks to analyze the above areas and strive to develop mechanisms which does not involve (or minimize) trade-offs in terms of privacy, data security, affordability, and adaptability and user performance.

CRediT authorship contribution statement

C. Sushama: Conceptualization, Methodology, Software, Data curation. M. Sunil Kumar: Visualization, Investigation, Writing - original draft. P. Neelima: Supervision, Software, Validation, Writ- ing - review & editing.

Declaration of Competing Interest

The authors declare that they have no known competing finan- cial interests or personal relationships that could have appeared to influence the work reported in this paper.

References

[1] D.T. Tsai, A.Y. Chang, S. Chung, Y.S. Li, ‘‘A Proxy based Real-time Protection Mechanism for Social Networking Sites,” in Proc. ICCST.

[2] K. Graffi, P. Mukherjee, B. Menges, D. Hartung, A. Kovacevic, R. Steinmetz, ‘‘Practical Security in P2P-based Social Networks,” in Proc. IEEE 34th Conference on Local Computer Networks Zürich, Switzerland, pp.269-272.

[3] D. Shin, R. Lopes, W. Claycomb, G. Ahn, ‘‘A Frameworkfor Enabling User- controlled Persona in Online SocialNetworks,” in 33rd Annual IEEE International Computer Software and Applications Conference, pp. 292–297.

[4] A. Ho, A. Maiga, E. Aïmeur ‘‘Privacy Protection Issues inSocial Networking Sites”. [5] D. Diaz-Sanchez, A. Marin, F. Almenarez, A. Cortés,‘‘Social Applications in the

Home Network,” in IEEE Transactions on Consumer Electronics, Vol. 56, No.1, pp.220–225.

[6] Z. Wang, Y. Parth, Extreme learning machine for multi-class sentiment classification of tweets, Proc. ELM-2015 Springer Int. Publ. 1 (2016) 1–11.

[7] Z. Wang, J.C. Tong, P. Ruan, F. Li, ‘‘Lexicon knowledge extraction with sentiment polarity computation”, IEEE Int. Conf. Data Min. Ser. (ICDM) SENTIRE Accept., 2016.

[8] S.C. Margaret, M. Atilano, C.L. Arnold, Improving customer relations with social listening: A case study of an American academic library, 2017.

  • Privacy and security issues in the future: A social media
    • 1 Introduction
    • 2 Privacy and security for online social network
      • 2.1 Social network
      • 2.2 Types of social network
    • 3 System architecture of online social network
      • 3.1 Client-server architecture
        • 3.1.1 Operation
      • 3.2 Peer- to-peer architecture
        • 3.2.1 Operation
    • 4 Privacy issues in social networking websites
      • 4.1 Facebook profile hacking techniques
        • 4.1.1 Phishing
        • 4.1.2 Keylogging
        • 4.1.3 Stealer’s
        • 4.1.4 Session Hijacking
        • 4.1.5 DNS spoofing
        • 4.1.6 Man in the middle attacks
        • 4.1.7 Botnets
      • 4.2 Twitter
        • 4.2.1 Twitter privacy policy
        • 4.2.2 Ways to avoid phishing:
      • 4.3 LinkedIn
        • 4.3.1 Ways to protect your account from Hacking
      • 4.4 Email
        • 4.4.1 Electronic privacy
        • 4.4.2 Remedies
      • 4.5 Skype security
        • 4.5.1 Skype
        • 4.5.2 Avoiding online fraud, spam and viruses
        • 4.5.3 Skype security from phishing
    • 5 Conclusion
    • CRediT authorship contribution statement
    • Declaration of Competing Interest
    • References