Leak sinks: The threat of targeted social eavesdropping Conference Paper uri icon

abstract

  • Online social networks are a popular and important channel for people to share, find and disseminate information on a massive scale. Some of the information exposed through these networks is meant to be private. However, sensitive organizational information can be accidentally leaked by employees and become exposed to adversaries or competitors. The threat is escalated due to socialbots used by adversaries to penetrate the informal social network of an organization's employees in order to harvest sensitive information. This study evaluates the ability of an attacker to harvest leaked information using socialbots versus the effort required to wire the profiles into the organizational network. The evaluation is performed using real information diffusion data of two social networks and extensive simulations of socialbot wiring strategies. Our results demonstrate that organizations whose social network topologies are characterized by low clustering coefficient are more vulnerable to eavesdropping. We also show that the most effective socialbot wiring strategy for harvesting information is different from the most effective strategies for infiltrating the organization.

publication date

  • January 1, 2015