Professional Documents
Culture Documents
1st Purba Pal 2nd Sharmila Ghosh 3rd Dr. Nirmalya Kar
Dept. of CSE Dept. of CSE Dept. of CSE
NIT Agartala, INDIA NIT Agartala, INDIA NIT Agartala, INDIA
purnagayatri.pal@gmail.com sharmilaghosh098@gmail.com nirmalya@nita.ac.in
Abstract—Social Media, usually referred to as a social space, instance, users are prone to employing unauthorized programs,
provides the best platform for people from various physical places abusing corporate PCs, accessing unauthorized networks, and
to communicate, share images, interests and ideas or meet new publishing sensitive information on insecure networks.[3][16]
friends. And due to this, the number of users is also increasing
day by day. Social Media Networks confront a concerning rate II. S OCIAL M EDIA N ETWORKING
of rise in cyber threats due to their enormous user base and
quick rise in popularity. The producers of Social Media Networks
intend to protect their users, but hackers and invaders are able
to get beyond the security mechanisms by employing a variety
of ways to exploit users’ privacy, identity, and confidentiality.
It’s possible that the majority of users of social networking
sites are ignorant of the presence of these serious hazards. The
primary security concerns relating to online social networks are
highlighted in this paper including the existing techniques for
preventing those cyber attacks.
Index Terms—Social Media Networks, Categorisation of Social
Media Attacks, Prevention Mechanisms
I. I NTRODUCTION
In the last few decades, the enormous growth in the us-
age of information technology and the growing reliance on
Social Media has become particularly significant, increasing
productivity, finding solutions to issues, and making life easier
on all levels in both the professional and personal spheres.
In addition to information sharing, e-mail, Social Media Net-
working sites, e-learning, and many other applications and uses
Fig. 1. Different Types of Social Media Networking Platforms
in the professional and non-professional sectors, an increasing
number of human interactions rely on technology for quick
The qualities and goals of Social Media networking sites
and continuous communication. Online social networking has
vary, and they can be categorized into various types. Figure 1
become a new and exciting lifestyle for individuals because of
shows different types of Social Media platforms. From them,
the rising ubiquity of mobile devices and applications mixed
the top 10 Social Media platforms of 2022 are- Facebook,
with social networking technologies. As a result, monitoring
YouTube, WhatsApp, Instagram, TikTok, Snapchat, Pinterest,
information technology becomes more and more necessary.
Reddit, LinkedIn, and Twitter.[22] Analysis from the global
Attacks and threats have escalated, obstructing development
platform datareportal.com shows that at least 300 million
and preventing total control over data and information.[18][5]
individuals were engaged on 17 Social Media sites in October
The complexity of malicious programs is constantly growing
2022.[23]. There are 2.934 billion active Facebook users each
and spreading in a variety of ways, making it increasingly chal-
month. The potential audience for YouTube advertising is
lenging to reverse their detrimental and frequently destructive
2.515 billion. Every month, at least 2 billion individuals use
impacts[12]. Institutions and individual users are given special
WhatsApp. There are 1.386 billion potential customers for
consideration in a number of crucial areas, including data pri-
Instagram advertising.WeChat has 1.299 billion active users
vacy. When utilizing social network services, users frequently
every month. There are 700 million monthly active users of
assume a number of risks with their personal information; for
Telegram[23]. Social media networking is the use of a par-
ticular internet platform to connect with, communicate with,
and collaborate with people who have interests similar to your
TABLE I
S ECURITY A PPROACHES OF OSN
Security Description
Approaches
Watchdog A residential network can incorporate these tools. It also
and social acts as a link between the user and the OSN vendor.
enabler Additionally, it helps parents defend their children against
dangers posed by teenagers.
User-control These applications allow users to control their settings.
Users are given control over what can be shared.
Structural With this method, it is possible to monitor user behavior
anomaly while building a probabilistic model. To identify abnor-
detection mal events, they use observations.
Virtual Data storage on individual private servers is made pos-
individual sible by individual virtual servers, which limit access to
servers data by anonymous users.
Reputation The trust relationship is the true foundation of the rep-
mechanisms utation mechanism. It plays a significant role in P2P
communication.
Fig. 2. Classification of Social Media Networking Threats
Proxy-based These protect the user in real-time by blocking access to
protection harmful websites.
B. Media Sharing Networks • Avoid using simple passwords since they are easy to crack
and avoid using the same password across many websites
On media-sharing networks, there are many different types because a breach on one site can lead to a breach on all
of visual content, including infographics, pictures, both short- websites.
and long-form videos, and also texts. Some examples of this • Use a strong, complicated password that is difficult to
type of Social Media platforms are WhatsApp, Facebook, guess.
Twitter, Instagram, etc. • To store and manage passwords, make use of apps like
ZOHO, Keeper, and Dashlane[21].
C. Social Blogging Networks III. ATTACK M ETHODOLOGIES IN S OCIAL M EDIA
Nowadays many people want to share their life stories with N ETWORKING
other people and for that, they write personal blogs which are Many internet trends—commercial, professional, social, or
a type of personal journal. Blogs always focus on a particular otherwise—are largely determined by how users of social
slot or awareness. Some commonly used blogging sites are- networks engage with one another. Additionally, a lot of
Medium, WordPress.org, web.com, Tumbler, Blogger, etc. organizations, businesses, and people have learned how to
2
Authorized licensed use limited to: Universitas Indonesia. Downloaded on August 04,2023 at 06:34:42 UTC from IEEE Xplore. Restrictions apply.
TABLE II
C LASSIC T HREATS IN S OCIAL M EDIA
engage with coworkers and clients through Social Media sites the content of users and their connections[15]. Table II lists
like Facebook, Twitter, and LinkedIn[13][17]. The result is many sorts of classic attacks.
the quick rise in the popularity of social networking sites,
risks including spyware, computer viruses, and malicious B. Modern Threats
software have become more prevalent, posing a threat to data These specific threats are linked to Social Media platforms.
security and confidentiality. Internet and social networking These threats aim to access private and sensitive information
risks come in two flavors: traditional threats and contemporary belonging to users and the friends they follow and interact
threats. Because of the Social Media infrastructure, which can with. For instance, hackers target users who have particular
endanger user privacy and security, modern threats are relevant privacy settings in order to reveal and compromise their
to users of online social networks[12]. Classic risks make all personal data. Clickjacking, fake profiles, deanonymization,
users on a given network vulnerable to attacks.OSN threats face recognition, and identity clone attacks are the most recent
can be broadly classified into three categories shown in figure dangers. The tracking and gathering of user information for
2. They are classic threats, modern threats, and adolescent individuals, groups, organizations, and businesses are done
threats. through the monitoring of social networking sites, sometimes
referred to as listing and measuring. For instance, Facebook
A. Classic Threats granted Cambridge Analytica access to millions of profiles
Traditional/classic threats have existed since the invention without asking users’ permission so that company could use
of the Internet, and those threats grew as the Internet and the data for political campaigning. Millions of individuals’
social networking applications evolved[15]. The Social Media Social Media posts were allegedly examined by the corpora-
networking structure and existence make it simple for classic tion in order to construct psychological profiles of those users,
threats to circulate among users in the network and spread which were later used to target messages to influence voting
gradually. By obtaining the user’s personal information, classic patterns[4]. Table III lists various forms of modern attacks on
threats frequently harm the user’s profile and credentials. Social Media.
When a person inadvertently clicks on that malicious code or
link, it might propagate among users[11][14]. This malware C. Adolescent Threats
has obtained the user’s login information, allowing it to post An opponent may use the fear of a social threat to frighten
messages on the user’s behalf and alter personal content. The and pursue users of social networking platforms. Young users,
classic threats, which include malware, cross-site scripting primarily teens, are the primary target of this type of threat.
(XSS), spam, phishing attacks, and others, are still present These risks are substantial, thus certain countermeasures are
despite previous attempts to address them. These threats needed to deal with them. Table IV describes different types
threaten users’ Social Media accounts and data, as well as of adolescent attacks[21].
3
Authorized licensed use limited to: Universitas Indonesia. Downloaded on August 04,2023 at 06:34:42 UTC from IEEE Xplore. Restrictions apply.
TABLE III
M ODERN T HREATS IN S OCIAL M EDIA
TABLE IV
A DOLESCENT T HREATS IN S OCIAL M EDIA
The most crucial stage of any Social Media attack is used by social engineers, according to research. Therefore,
information collecting. Effective information gathered at this it is crucial to raise user knowledge in order to prevent
point will determine whether the attack is successful in every the occurrence of Social Media attacks on the human level.
way. So, when choosing sources from which to gather infor- To reduce Social Media attacks, it is necessary to conduct
mation, be careful. The majority of the time, the attacker uses ongoing staff training as Social Media networking strategies
company websites, Social Media, search engines, well-known change. Examples of human-based countermeasures include
lunch locations, and dumpster diving to gather information user awareness initiatives, auditing and monitoring, identity
and do physical research[5]. These are the several sources management and access control, and training programs to
that people consult most frequently. These sources are used to improve awareness of how to respond to threats[19]. A sender
gather data on perception, personality, preferences, and other policy framework, the use of scanning software, the adoption
personal characteristics. of content-based filtering tools, the use of biometric systems,
and the implementation of intrusion detection systems are
IV. C OUNTER M EASURES TO P REVENT S OCIAL M EDIA some of the vital technological instruments to stop threats
N ETWORKING ATTACKS related to Social Media Networks[19]. Implementing efficient
In this section, we’ll give an overview of the human-based security technologies is crucial for detecting attacks in their
and tool-based prevention measures employed by both industry early stages and preventing them. It’s important to distinguish
and academia to counteract cyber attacks. The fundamental between legitimate files and those that have malware because
security systems that must be present in a company or on attackers use a variety of advanced techniques, including
a user’s device in order to prevent manipulating attacks are smartphones, websites, email, and Social Media. And due
among the countermeasures for Social Media network attacks. to this, there is a need for a sophisticated scheme to give
The Social Media attack target both technology and human sufficient security levels as well as raise user awareness and
expertise, therefore each step of the security process needs knowledge of cybersecurity risks/threats in order to bridge the
to incorporate protection measures. Technologies need to be gap in existing protection measures. After reviewing 25 papers,
regularly updated in order to limit the accessibility of infor- we have classified several tool-based preventative measures
mation via the internet. Additionally, consistent training and and some preventive advice associated with different types of
awareness programs are required to reduce the manipulation of attacks that occur in Social Media Networks is provided in
the human component. The countermeasures must be put into Table V.
action on each level[5][6]. Attacks on Social Media frequently
succeed because of the effect of human-based variables.
Users frequently aren’t aware of the misleading strategies
4
Authorized licensed use limited to: Universitas Indonesia. Downloaded on August 04,2023 at 06:34:42 UTC from IEEE Xplore. Restrictions apply.
TABLE V
P REVENTION M EASURES OF S OCIAL M EDIA ATTACKS
5
Authorized licensed use limited to: Universitas Indonesia. Downloaded on August 04,2023 at 06:34:42 UTC from IEEE Xplore. Restrictions apply.
[9] A Praveena and S Smys. “Prevention of inference at- [23] URL : https://datareportal.com/reports/tag/Simon+Kemp.
tacks for private information in social networking sites”. (accessed: 20.12.2022).
In: 2017 International Conference on Inventive Systems [24] URL: https : / / phoenixnap . com / blog / prevent - ddos -
and Control (ICISC). IEEE. 2017, pp. 1–7. attacks. (accessed: 24.11.2022).
[10] Akansha Priya and Er Meenakshi. “Detection of phish- [25] SRIJAN SENGUPTA, MICHIN HONG, and
ing websites using C4. 5 data mining algorithm”. In: TANUSHREE MITRA. “Online Social Deception
2017 2nd IEEE International Conference on Recent and Its Countermeasures: A Survey”. In: ().
Trends in Electronics, Information & Communication
Technology (RTEICT). IEEE. 2017, pp. 1468–1472.
[11] Sanyuj Singh Gupta, Abha Thakral, and Tanupriya
Choudhury. “Social media security analysis of threats
and security measures”. In: 2018 International Confer-
ence on Advances in Computing and Communication
Engineering (ICACCE). IEEE. 2018, pp. 115–120.
[12] TR Soumya and S Revathy. “Survey on threats in online
social media”. In: 2018 International Conference on
Communication and Signal Processing (ICCSP). IEEE.
2018, pp. 0077–0081.
[13] Zhiyong Zhang and Brij B Gupta. “Social media secu-
rity and trustworthiness: overview and new direction”.
In: Future Generation Computer Systems 86 (2018),
pp. 914–925.
[14] Rasim M Alguliyev, Ramiz M Aliguliyev, and Fargana
J Abdullayeva. “Deep learning method for prediction
of DDoS attacks on social media”. In: Advances in
Data Science and Adaptive Analysis 11.01n02 (2019),
p. 1950002.
[15] Hilal Almarabeh and Amjad Sulieman. “The impact
of cyber threats on social networking sites.” In: Inter-
national Journal of Advanced Research in Computer
Science 10.2 (2019).
[16] Somya Ranjan Sahoo and Brij Bhooshan Gupta. “Clas-
sification of various attacks and their defence mecha-
nism in online social networks: a survey”. In: Enterprise
Information Systems 13.6 (2019), pp. 832–864.
[17] Fatima Salahdine and Naima Kaabouch. “Social engi-
neering attacks: A survey”. In: Future Internet 11.4
(2019), p. 89.
[18] Tariq Rahim Soomro and Mumtaz Hussain. “Social
Media-Related Cybercrimes and Techniques for Their
Prevention.” In: Appl. Comput. Syst. 24.1 (2019), pp. 9–
17.
[19] Hussain Aldawood and Geoffrey Skinner. “An advanced
taxonomy for social engineering attacks”. In: Interna-
tional Journal of Computer Applications 177.30 (2020),
pp. 1–11.
[20] Majd Latah. “Detection of malicious social bots: A
survey and a refined taxonomy”. In: Expert Systems with
Applications 151 (2020), p. 113383.
[21] Sarah Almalki et al. “Social Media Security and At-
tacks”. In: International Journal of Computer Science
& Network Security 21.1 (2021), pp. 174–183.
[22] URL: https : / / www . searchenginejournal . com / social -
media / biggest - social - media - sites / #close. (accessed:
10.12.2022).
6
Authorized licensed use limited to: Universitas Indonesia. Downloaded on August 04,2023 at 06:34:42 UTC from IEEE Xplore. Restrictions apply.