A Survey and a Case-Study Regarding Social Media Security and Privacy on Greek Future IT Professionals

A Survey and a Case-Study Regarding Social Media Security and Privacy on Greek Future IT Professionals

Venetis Kanakaris (Department of Electrical Engineering, Eastern Macedonia and Thrace Institute of Technology, Kavala, Greece), Georgios Lampropoulos (Alexander Technological Educational Institute of Thessaloniki, Department of Informatics, Thessaloniki, Greece) and Kerstin Siakas (Alexander Technological Educational Institute of Thessaloniki, Department of Informatics, Thessaloniki, Greece)
DOI: 10.4018/IJHCITP.2019010102

Abstract

Nowadays, social media and social networks are increasingly used in business as they have drastically changed the way the community works, communicates, collaborates, socialises, creates content and shares knowledge and ideas. However, in particular, IT professionals and practitioners need to be aware of online security and privacy issues and the potential negative impact that they may cause on different aspects of business, such as online breaches or information theft. The use of social media inevitably leads to disclosure of personal information, with the use of open-source intelligence (OSINT) and other similar techniques. Hence, the aim of this article is twofold, namely first to show results of a survey towards future Greek IT practitioners regarding awareness and viewpoints of social media users concerning security and privacy on social media. More specifically the study was based on responses and viewpoints of 178 Greek electrical engineering and IT students to an online questionnaire. Secondly, the aim is also to show how easily a potential malicious user can anonymously track and retrieve sensitive personal information in an automated and undetectable way from popular social media platforms by using publicly available information, resources, and tools. The results of the survey show that most of the respondents are aware of the privacy settings of the social media platforms they use. However, they consider that they should be more careful concerning personal data and whom they add as friends or followers and they do not feel comfortable with the fact that a stranger might be able to access their personal information through their publications on social media platforms.The case study indicates that it is possible for malicious users to acquire sensitive personal data (e.g. user's location via tweets and instas from smartphones). In addition, the ability to map activity could allow malicious users to track the activities of unsuspected users and predict their future locations.
Article Preview
Top

Introduction

Social Media trigger users to share information rapidly within widely dispersed networks. Users are able to post content in a variety of formats, which can be instantly made available to the entire social network of the user. Therefore, social networks have become an important platform for information dissemination, web content discovery, opinion and knowledge sharing, discussion and debate (Giordano et al., 2015; Cho and Choi, 2014; Hermann et al., 2014; Colomo-Palacios et al., 2008). The large volume of public data that flows through a social network has the potential to deliver invaluable new insight to the academic community, marketing agencies, stances interested in understanding online behaviour and monitoring social trends (Puzis et al., 2009; Giordano et al., 2015).

Over the years, intelligence has been widely recognised because it has always played an important role in military and business wars. Regarding military purposes, intelligence focuses on the prediction of the enemy actions or the evaluation of a certain situation. Hence, intelligence should concentrate on analysis techniques for credible and valid outcomes. Thus, a constant accumulation of reliable data combined with precise analysis results in compilation, categorisation and further classification of intelligence. Experienced professionals usually gather needed data and undertake analysis for intelligent interpretations (Koops et al., 2013; Kanakaris et al., 2018).

This paper, based on an extended literature review regarding automatic retrieval of information from social media, demonstrates a case study, conducted from July to November 2015, which retrieved information in an automated way from two popular social networks, namely Twitter and Instagram, without the knowledge and consent of the target object. The case study describes the architecture and implementation of a software system that collects data anonymously from Twitter and Instagram using Twitter REST API and “geoJSON” along with “Instagram Real-Time API” and “Genymotion”. After the collection and the processing of the data, the output was demonstrated in an easily accessible graphical map. In terms of testing the anonymity, we followed various procedures that a malicious user is likely to undertake in order to hide tracks of the anonymously performed monitoring.

The survey consisted of an online questionnaire aiming to map Greek social media users’ awareness of security and privacy issues. The questionnaire included a small video aiming to raise the respondents’ attention to certain security and privacy issues in social media. The results showed that most of the people that use social networking platforms on a regular basis are aware of the privacy settings of the social media platforms that they use. They do not feel comfortable with the fact that a stranger may be able to access their personal information through their publications on social networking platforms and consider that they should be more careful concerning personal data and whom they add as friends or followers.

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 11: 4 Issues (2020): 1 Released, 3 Forthcoming
Volume 10: 4 Issues (2019)
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing