I. INTRODUCTION:

People share multimedia data and information now days to keep in touch with friends and family or for fun in social networks on the internet. Within last 5 years numbers of social networking users have been increased tremendously. For Example according to Face book statistics the number of people currently on Face book is more than 500 million, 50 % of active users log on to their account every day, average user has 130 friends and people spend over 700 billion minutes in a month on Face book.

So the social networking is a new movement that affects social and behavior of the society, so the companies based on social networking sites are now responsible for maintaining proper security for not only customer account but their emotional and social privacy too.

Before getting more into detail here is a brief definition of social networking sites “A Social Networking Site is a website that provides a virtual community for people having common interest, or just to ‘hangout’ together (Computer Desktop Encyclopedia). According to Bob Ivins, Vice president of comscore.com,” Social networking is not a fad but rather an activity that is being woven into the very fabric of the global internet For example LinkedIn (www.linkedin.com) is a well-known online network with more than 25 million experienced professionals from around the world, representing 150 industries. The fast growth of Social Networking sites in past few years shows that they are now a day a main communication vehicle for the millions of users.

Through social networking sites people keep in touch with friends, family, especially people they have not seen in recent times. In the process people also make friends of friends and sometimes people they do not know even personally with the increase of social networking people have smart choice to find the people who share common interest with them. On the other hand the recent activities on Social networking sites have spoiled the reputation of Social networking behavior and made people think is their privacy is secured. Few examples are worldwide spam campaign in Quench up. So the Social Networking sites are common and easy target of attackers to attack them. With the advent of modern web programming languages in which most of the Social Networking Websites are designed it is easy task for normal programmers to attack and affect functionality of these sites.

So firstly, I will try to group some of the primary privacy threats these can be broadly divided into few categories

1.) Phishing 2.) Reputation risks 3.) Profiling risks (Spam, Collection of user data the example I mentioned above).

Although Social Networking sites provide security features to the users but some of the are very basic and cannot detect the possible attack.

The most important problem with privacy of users is danger of making private their personal information. The main problem behind this threat is that it does not emerge in a user mind even to look at their privacy settings. Moreover, at the time of creation of account user is never voluntarily prompted to look at his/her privacy settings.

The second issue is that tools for privacy in social Networking sites are not easily ready to change requirements to protect the user personal secrecy .By default maximum of accounts settings are for everyone for example Facebook keeps its settings everyone or friends of friends by default, so it is easy for spams to get speeded just by clicking a lucrative links. But on the other hand Face book provides detailed privacy settings of which most users are unaware.

The third problem is that if user can control access to his account but sometimes he cannot control what other users reveal about him. for example recently an underage girl posted her video on YouTube and received weird comments which she cannot control. So the issue is most of the social Networking sites does not provide control on third party comments, and also the proper age control. For example a friend can upload an embarrassing picture of his friend and can even tag him without his consent. This has an emotional affect on the victims mind.

The fourth problem is usage of data for third party advertisements and market, many upcoming Social networking sites makes user data available to advertisers and make the personal information of the user a commodity. For example emarketer.com reported that $ 900 million were spend on advertisement on social networking sites and it is expected to grow by $2.5 billion by the year 2011.

Social Media sites, 2012-2013:

% of online adults who use the following social websites, by year

Figure 1: Total number of social networks users

The basic agenda is that the capacity of social networking websites watcher and users is increasing step by step (Ref. table 2), the measure of attacks conveyed out by programmers or hackers to achieve individual data is additionally raised. Hacked can be utilized for users information for many reasons, for example, transfer unapproved messages (spam), taking cash from users accounts etc. The reason for this paper is to think about and analyze the present intimidation of social network and develop events to protect the individuality in the internet world.

Table 1. Total number of social networks users (Rapleaf’s data)

S.No.	Year	Number of users in millions
1.	2019	351.4
2.	2018	326.1
3.	2017	296.3
4.	2016	168.1
5.	2015	142.23

In the now days The Internet, sorry to say, offers too many ways to the practical criminals and gives many capability to hack accounts on social network websites and the accurate now, there are large numbers of malicious series of programs that purpose to get the data from the social sites. (Ref: Figure 2)

Figure 2 : Number of malicious programs targeting popular social networking sites

The counter intimidation techniques. In Section 6, the future patterns of social networks have been analyzed. In Section 7, we cover up the risks corrective action and threats vulnerabilities. At long last, we finished our paper with the termination at Section 8.

II. ORGANIZATION OF SOCIAL NETWORKS:

Usually, a social network is a social constitution made up of public or associations which are linked by at least one particular sorts of interdependency, for example, society, common interest, and transmit of account, associates of convictions, knowledge or good opinion. Social networks can be characterized as those sites that authorize individuals to surround online interchanges and operate an extensive range of in sequence. It consists of the following.

Initially, Social networking destinations, for example, MySpace, Face book, Mixi, Twitter, and so more and the second Social media locales, for example, Youtube, Flicker, Digg, Slashdot, and so more.

III. ATTACKS ON SOCIAL SECURITY NETWORKS:

In the year 2005 a worm attacked MySpace. “Sammy” utilized common loopholes in the MySpace and increase very fast. Although it did not steal any information but it affected the functioning of MySpace at high level. Similarly, in April 2009 “Mikeyy” attacked twitter and modified several users account. Similarly “Koobface” stole passwords of user’s. The Social Networking Sites are the easiest means now a day for the hackers to collect personal user information and use it for cracking their sensitive information on their bank accounts.

Malware is not the only one to affect. Due to complete access to millions of profile [5], attacker can gain the commercial and corporation level secretes. According to a survey 66 % companies believe that Social Networking websites prove to be dangerous security threat for companies’ plans and secretes. It also serves as the source for illegal income for attackers. For example on Facebook many users play games designed in flash application, which prompts them to buy credits using credit cards which is encoded poorly to prevent a possible attack.

IV. WHAT IS THE MOTIVE OF ATTACKERS?

Here, I have provided easy targets of attack in Social Networking Sites and analyze how such attacks are performed to steal the user data.

A. What an attacker want:

There are many reasons for an attack to happen, that means there might be different purposes for an attack. The possible targets are as follows:

1. Jokes: Some friend might want to joke on other friend in order to satisfy their own superiority to other. These kinds of attacks are not that severe but can cause a possible entry point for a more severe threat.

2. User Access Control: Some professional attackers want access to control the computes assets of other users in order to guide a potentially big and fore planned attack.

3. Get Personal Information: The important personal information is always helpful to the attacker in order to gain basic or potential personal information of the user to get more information like bank account, and social security numbers.

4. Company Information: In some Social security Networks such as LinkedIn users are possible business people. So the personal information means possible business policies and future plans associated with the companies. Once the plans are exposed to the hackers they can misuse the information and become a possible threat.

5. Money and Fame: We can easily find the attacks on Social Security Network Users in which the motive is monetary gain and sometimes easy fame as I have given the example of 1 million records of Facebook user, it gives easy fame to the person associated.

V. COUNTER MEASURES AGAINST GENERAL ATTACKS:

Security can be taken into account at two levels :-

1.) At user level

2.) At Social Networking Site level.

Social Engineering is the tool that attackers use commonly in order to spread the attack. On the other hand Social Networking sites cannot impose a restriction on user interaction and behavior, because this keeps their business running. But if the user is smart enough he can prevent majority of attacks Users must know difference and behavior of different social networking sites before they join any. Because each of them have certain level of security imposed and user is not generally aware of it [5].

Whatever any user is uploading he must have control of the user, uploaded information must be limited and should have access to certain group only.

Do not post Social Security Number, Personal telephone numbers, Full Name, Organizational contacts, Business details, Password hints etc.

User must understand that whatever he uploads on the internet is not private from then, because information in internet is like words that cannot be taken back.

User must not add any stranger, and must not click any suspicious links like “Congratulations you have won $ 10,000 $.

User must remain about new threats and keep check on browsers settings, must update antivirus very often.

VI. SOCIAL NETWORKING SITE LEVEL:

Users are generally not aware of security settings even if they are present. So it is necessary that social networking sites should also provide strict security constrains for the privacy of user.

SNS must provide various functions to different user’s. Most of the privacy settings must be implemented by default, without loss of general behavior.

Users must be notified of the possible security threats very often. User help should be very simple and detailed so that user can understand them.

Have proper account maintenance and span filters along with automatic deletion of suspicious links.

Security vendors affiliated to particular SNS must be strong enough to defend mass attacks.

Delete suspicious pages and posts to prevent users, limited control to advertisements.

Social Networking Sites must have specialized Software Engineers to make their product more secure from SQL injections and XSS or reverse engineering attacks.

Sites must be securely designed while keeping calls to different web API.

A. Privacy Framework:

A general definition of privacy frame work is, it is a common platform for the social networking sites to provide foundation for the security. According to analysis here is a common security framework that can be used:

1. USER: User activity is defines – find friends, join groups, communicate with others

2. SECURITY: Stay alert, do not click suspicious links, upload with caution, remain updated, secure patches, and look at security settings often.

VII. SOCIAL NETWORKING SITES:

A. SECURITY: Block spams, Filter links, Embed Antivirus, Security alerts.

B. SERVICES: Chat, posts, videos, music, photo sharing.

This is a arbitrary informative frame work that must be taken into consideration while using Social Networks.

VIII. SECURING ONLINE SOCIAL NETWORKING SITES

In recent times, the spread of piracy on social networking sites are significantly raised with the increasing in the number of social networking sites and user. According to Splash Data these passwords are mostly used in North America and Western Europe and after evaluating more than five million passwords leaked on the internet, the firm found that computer users continue using the same predictable and easy guessable passwords.

When studying the passwords shown in the below table, it is possible to deduce the similarity between the online social networking users in selecting passwords which lead to facilitate the task of piracy. Intruders usually use such these data with the emphasis on high success rate and penetration. Similarities of these passwords lead to the following facts:

Users choose a simple password that it easy to save and retrieve.

Users select only one password for all networking sites without re-change it and this facilitate the process of penetration.

Users frequently use the password components associated with each other so that it can be easily retrieved.

Dealing with social networking sites does not require the use of a complex password. Therefore, the users choose the simplest passwords. Furthermore, networking sites do not require continuous change of passwords. Users usually choose the password from private information that can be easily remembered. Therefore, it can be hacked by anyone familiar with the data.

Hackers download malicious programs or any other threats on social networking site, email, and others, which monitor and penetrate the users’ information. In addition, the pirates communicate with the users and they propose to provide some special services such as to login to website and asking users to enter their password. So, users must avoid entering the password when dealing with any untrusted service applications or websites.

The most important threats to penetrate social networking sites are the method of preparing and using different passwords. Thus, a number of recommendations that positively affect these risks can be mentioned and summarized as follows:

Do not use a simple password because it is easy to penetrate.

Do not repeat the use of the password for different sites because penetrate one site can cause the penetration of all sites.

Use complex passwords that are not easily to penetrate.

IX. CYBER THREATS IN SOCIAL NETWORKING WEBSITES:

Recently, social networks attract thousands of users who represent probable sufferers to attackers from the following types (Figure 3).

Figure3. Threats percentage-pose on social network

Generally, a social network is a social structure made up of public or links which are connected by at least one particular sorts of interdependency, for example, friendship, newly, social networks pull in a huge number of users who speak to probable sufferers to attackers. To start with Phishes and spammers who operate social networks for sending fake messages to sufferers "friend", Cybercriminals and fraudsters who operate the social networks for transmittable clients information at that point implementation their social-building attack and activist gatherings and sexual stalkers who make online groups for distribution their considerations, focused publicity, perspectives and important enrollment.

Cyber threats that can the clients face can be agreed into two classes.

A. Privacy Related Threats:

Privacy concerns apply for that user profiles never allocate and socialize data over the web. Collection of data on individual home pages may include really personal information, for example, birth dates, places of home, and individual cell numbers etcetera. These records can be utilized by hackers who make use of social crafty strategies to get compensation of such slight records and steal money.

B. Traditional Networks Threats:

Usually, there are two sorts of security issues: One is the protection of people. Another is the security of the personal Computers persons operate and information they store in their organization. Because social networks have huge quantities of clients and store huge determine of data, they are usual targets spammers, phishing also malicious assaults. Moreover, online social hackers slot in extensive fraud, phishing and terrible attacks and troubles to individual respect and cyber bullying. Hackers make false profiles and copy identities or marks, or to offend a known individual inside a network of companions.

VI. FUTURE TRENDS OF SOCIAL NETWORKING WEBSITES:

In spite of the development and propelled advancements in social networking sites changes, couples are recorded as below:

1. Requirement for more changes for social networks with the aim that they can allow users to transaction with their profiles and linking tools.

2. A requirement for union and addition of social networks and future effective universes.

3. Requirements for information integration from various networks, i.e. familiar proof of all matter recognized with particular topic. This needs specific strategy and advanced innovation upheld by social networks suppliers.

4. Various social networks need standard application programming interfaces, so clients can import and charge their profiling information by using standard tools. (For example, Face book and Google have connected new innovations that allow client information flexibility with social sites, representing another source of competition with social networking administration).

We conviction that faster rather than later, one can by particular sign-in usefulness use more sites, that is, the user IDs are opportune to other sites.

VII. RISKS PREVENTION AND THREATS VULNERABILITIES:

Threat is defined as a potential for destroy, leakage, or destroy users’ data or devices as a result of a danger exploiting weakness. The susceptibility is a weakness in securing user information that can be exploited by one or more threats. The information security risks, threats, and vulnerabilities. For example, in social networking system when users have a weak password or have not a secure system. In this case a user password is vulnerable by attacker or the secure system can be easily penetrated. Furthermore, the risk will be an illegal to access, modify, and damage by intruders.

VIII. CONCLUSION:

Although social networking sites offer propelled technology of interaction and communication, they similarly heave new difficulties concerning privacy and security issues.

Here it is important to notice that to protect individual privacy it is responsibility of both users and Social Networking Sites to impose security at their level. As a necessity social networks must provide user proper facilities for their support and security.

In this paper I have tried to outline the common security issues associated with Social Security Networks without delving into technical intricacies. I tried to look up the new trends in Social Networking sites. I also tried to find the common and easy way for attackers to attack Social Networking sites, and the common measures users and site administrators should take to prevent such common attacks for example :- The attacks like 1 million user data leaked though such attacks are not practically important but can affect the networks at a vast level if ignored.

We think that the development of new technology as a rule and social sites specially will bring new security risks that may show open doors for vindictive performing artists, key lumberjacks, Trojan horses, phishing, spies, In this paper I have tried to outline the common security issues associated with Social Security Networks without delving into technical intricacies .I tried to look up the new trends in Social Networking sites. I also tried to find the common and easy way for attackers to attack Social Networking sites, and the common measures users and site administrators should take to prevent such common attacks for example :- The attacks like 1 million user data leaked though such attacks are not practically important but can affect the networks at a vast level if ignored.

IX. REFERENCES:

1. Scarpino, J. J., and Alshif, A. A. (2013). The impact of social networks on Saudi residents living in the United States. Issues in Information Systems, 14(1), 72-81.

2. Lilley, S., Grodzinsky, F. S., and Gumbus, A. (2012). Revealing the commercialized and compliant Facebook user. Journal of Information, Communication and Ethics in Society.

3. Kaven William, Andrew Boyd, Scott Densten, Ron Chin, Diana Diamond, Chris Morgenthaler, " Social Networking Privacy Behaviors and Risks", Seidenberg School of CSIS, Pace University, White Plains, NY 10606, USA.

4. Anchises M. G. de Paula, “Security Aspects and Future Trends of Social Networks", IJoFCS (2010), 1, 60-79.

5. Ellison, N. B., Steinfield, C., and Lampe, C. (2011). Connection strategies: Social capital implications of Facebook-enabled communication practices. New media and society, 13(6), 873-892.

6. Gilberto Tadayoshi Hashimoto, Pedro Frosi Rosa, Edmo Lopes Filho, Jayme Ta

7. deu Machado, A Security Framework to Protect Against Social Networks Services Threats, 2010 Fifth International Conference on Systems and Networks Communications.

8. Sharma, S., and Sahu, D. (2013). Effect of social networking sites on self confidence. International Journal of Information and Computation Technology, 3(11), 1211-1216.

9. Gharibi, W., and Shaabi, M. (2012). Cyber threats in social networking websites. arXiv preprint arXiv:1202.2420.

10. Ai Ho, Abdou Magia, and Esma Aimuer, Privacy Protection Issues in Social Networking Sites,. University of Montreal Canada. IEEE 2009.

Received on 23.05.2020 Accepted on 20.06.2020

Int. J. Tech. 2020; 10(1):106-112.

DOI: 10.5958/2231-3915.2020.00021.8