Technical University of Denmark
Online Social Networks (OSNs), such as Facebook, provide users with tools to share information along with a set of privacy controls preferences to regulate the spread of information. Current privacy controls are efficient to protect content data. However, the complexity of tuning them undermine their efficiency when shielding contextual information (such as the social network structure) that many users believe being kept private.
In this paper, we demonstrate the extent of the problem of information leakage in Facebook. In particular, we show the possibility of inferring, from the network “surrounding” a victim user, some information that the victim set as hidden. We developed a system, named OSSINT (Open Source Social Network INTelligence), on top of our previous tool SocialSpy, that can infer hidden information of a victim profile and retrieve private information from public one. OSSINT retrieves the friendship network of a victim and shows how it is possible to infer additional private information (e.g., personal user preferences and hobbies). Our proposed system OSSINT goes extra mile about the network topology information, i.e., predicting new friendships using the victim’s friends of friends network (2-hop of distance from the victim profile), and hence possibly deduce private information of the full Facebook network. OSSINT correctly improved the previous results of SocialSpy predicting an average of 11 new friendships with peaks of 20 new friends. Moreover, OSSINT, for the considered victim profiles demonstrated how it is possible to infer real-life information such as current city, hometown, university, supposed being private.
In Online Social Networks and Media, vol. 6 (2018), pp. 58-68.
Copyright and moral rights for the publications made accessible in the public website are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights.
If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim.