Social Network Security Is Seriously Threatened - Dissertation Example

? WOULD SOCIAL NETWORK INTERCONNECTION THREATEN USER’S PRIVACY? Social media has taken the driving seat in the world of virtual connectivity. It has massive implications for the businesses as well as individuals. Along with the benefits it has offered to the world of technology, the issues pertaining to its misuse have arisen to a similar extent. Most importantly, the defining feature of interconnectivity of social media is being used for the privacy breach with mall intentions (Sophos, 2010; Gallagher, 2009). This has also formed the ground for this dissertation. The dissertation with primary (questionnaire based) and secondary research has developed the review pertaining to the understanding of security and safety of the content by the Social Networking Sites (SNS). The paper has gone to an inch to determine the level of importance is given to the privacy setting and its resultant security and safety. The results revealed that users of SNS, though considers that matter significantly important; however, have limited information about the dimensions from where these privacy fences are broken. The paper also concludes that despite understanding of a considerable level about the lacking strength of privacy setting of the SNS, the users still post information as established by Lee, Park, and Kim (2013).Furthermore, users of SNS have dominant view to stop limit the usage of SNS for sharing private information once the understanding of the malware is developed. TABLE OF CONTENTS WOULD SOCIAL NETWORK INTERCONNECTION THREATEN USER’S PRIVACY? 1 ABSTRACT 2 TABLE OF CONTENTS 3 1. INTRODUCTION 5 2. LITERATURE REVIEW 8 2.5. CHALLENGE 14 3. METHODOLOGY 16 4. DATA ANALYSIS 19 6. LIST OF REFERENCES 32 7. APPENDIX 37 1. INTRODUCTION 1.1. Background Social media has taken the driven seat in the current era of technology. The effect is far reaching from the initial objective of the social connectivity for entertainment to the wide array of objectives from of professional and customer needs. Hence, social media embraces the universe of the virtually connected sites with promise of expansion and connection to the unlimited levels (Merrill et al., 2011). In addition to the achieving the connectivity, social media has transformed the conversations where users are more deeply connected than ever before without any limitations, in most cases, as depicted below: (Merrill et al., 2011) In addition to the array of benefits that social media offers to range of users including individual, public figures as well as businesses, social media is also complimented with the risks and issues. Kirkpatrick (2011) in the book, The facebook Effect, has noted that social media has changed the entire phenomenon of interaction. The impact of social media has gone to an extent that it is driving the character of political figure as well as the democratic process. For instance, the presidential campaign of Obama employed data mining, analytics and reporting program under the leadership of Rayid Ghani, a Pakistani former employee of Chicago’s Accenture Technology Labs which in turn resulted in Obama wining an election with head to head margin (Imam, 2013). The analytical and data mining tools employed in the campaign for Obama and other individual and businesses at one end benefits the user but at the same time it also threatens risk to the privacy of the account holders of social networking sites (SNS). Lee, Park, and Kim (2013) claim that SNS users have awareness of the security, privacy and other types of risks associated with SNS but sharing of contextual information on SNS is more induced by the perceived benefits from these sites. 1.2. Aims and Objectives Having mentioned the risks that are associated with the SNS sites, the paper herein aims to develop the review of the awareness level about the intensity of the risks from SNS interconnection. Therefore, the research has set forth the following objectives for the study: Exploring the types of the risks that are associated with the interconnection of the Social Networking Sites. Identifying the reaction of SNS users on the awareness about the leakages in the privacy setting. Future of privacy related issues and matters of SNS. 1.3. Research Statement With mentioned aims and put forward research objectives, the research question for this dissertation is “Would Social Network Interconnection Threaten User’s Privacy? 1.4. Methodology In order to conduct the comprehensive research that determines the significant theoretical information as well as the realities from ground, the research has employed the methodology with a combination. The comprehensive review relevant to the topic is developed from the qualitative secondary research. Furthermore, in order to develop the empirical review on ground, the quantitative research tool of questionnaires was presented to the diverse group of participants. Finally the research findings and conclusions provide the review of factors on ground with respect to the already developed literature in domain. 2. LITERATURE REVIEW 2.1. Evolution and Growth Social Network Interconnection The meaning of connectivity has undergone significant transformation since the emergence of social networking sites (SNS). Technically, there are many definitions defined for the social networking sites a formal definition of the SNS is one that encompasses the purpose and role played by SNS. Therefore, SNS is a service based on the web that facilitates following three services; first, a bounded system enabling entity being individual or business to prepare public profile, second, allows determining the shared connections with other individuals and businesses and third is pertaining to the sharing and passing to and from the posts and other content within the defined system (Boyd and Ellison, 2007). There are large numbers of SNS sites presents with few dominant include Facebook, Twitter, LinkedIn, Instagram and so on. Each of them has large number of users such as observable from the given comparison of statistics: (Go-Gulf, 2012) Further dig down of the statistics of these sites reveal that Facebook is also the most visited site by active users (Larson, 2012; Desilver, 2013). Along with the wealth of the benefits these site have been offering to the individuals and businesses, data miners with the malicious intentions (Al-Saggaf & Islam, 2013). Hence, due to these factors at affect, the SNS website have been consistently involved in developing system that ensure the security to the privacy of the account holder. 2.2. Concept of User Privacy in Social Network As the threat to the privacy security increases, the first solution that comes to mind is to avoid the activity that poses risk. With this solution at work, all the SNS would come to halt and hence insists the need of privacy measures that facilitates the use of SNS with ensured safety and security. The privacy theory entails that privacy is the ability to restrict unrelated connection to the gain access to or imply on the personal information for the purpose of transfer or exchange of any kind (Tavani, 2010). Lee, Park, and Kim (2013) has assessed the based of different theories of self-disclosure which in turn results in sharing of the contextual information while being fully aware of the risk of misuse being associated with it. In the context, Lee, Park, and Kim (2013) concludes that sharing of contextual information on the SNS is more induced by expected benefits than by expected risk. The users of SNS are inclined to different privacy settings for safeguarding their respective data (Lee, Park, and Kim, 2013). De Wolf, Heyman, & Pierson (2013) have also asserted the role of the necessary inbuilt privacy setting with respect to the seven principles of Kim Cameron for mitigating the responsibility on SNS user. Therefore, it important for the privacy measure to control the spread of information than requiring one to stop taking advantage from SNS. 2.3. Social Networks and Infection Model As a matter of fact that all the SNS offer security checks, Bedi, Gove, & Wadhai (2012) claim that despite these controls privacy of the account holder is subject to different privacy breaches. These breaches arise both the side of the user as well as service provider. Tavani (1999) states that users of such sites are not provided with any sort of security and information with respect about the usage of their information by the others. On the other hand, Sar & Al-Saggaf (2013) state that information about the user of the site are also mined by various third party users such as advertising agencies etc. For example, Facebook in the year 2007 initiated a program with the name of Beacon where the users feed were provided to the outsiders about the feed of the individuals as well as shared connections (Spinello, 2011). Initially facebook users were not aware of this feature and were later allowed to opt for it but the program was discontinued due to the massive criticism from Electronic Privacy Information Center (EPIC) (Spinello, 2011). Bedi, Gove, & Wadhai (2012) further states that privacy of accounts also prone to the threat if not properly protected with security measures. The model proposed by Bedi, Gove, & Wadhai (2012) requires that sophisticated model shall be employed for data analysis that must analyze the enquiry critically before giving the data. There are different sources of the disruptions that result in threat to the privacy of the account holders, both individuals and corporate. Almost all sources, the core lies in spreading the disruption on web as infection that spreads with the interconnectivity. The model is depicted as follows: (Sood & Enbody, 2011a) The model above depicts the chain of infection that spreads in the social network. The rise of the infection threat gets steep due to the interrelationship as the infection from one node spreads to another and so on. Due to this interrelationship factor, the social networking sites play the role of magnet for these worms (Gallagher, 2009; Sood & Enbody, 2011a). For instance, Koobface and the Twitter worm have recently spread the devastating impact due to the interrelationships offered by these social networking sites (Sood & Enbody, 2011a). Hence, when Cross Site Scripting is exploited the chain impact is produced that allows the malware to spread to and from the third party domain (Sood & Enbody, 2011a). Other forms of spread include fake profiling (Sood & Enbody, 2011a), social network API (Sood & Enbody, 2011a), Drive By Download Attack (Sood & Enbody, 2011b; Constantin, 2011), Shortened and hidden links (Symantec, 2013), cross site attacks (Faghani & Saidi, 2009) and Clickjacking etc. 2.4. Different Techniques of Infection That Threaten Privacy The infection in the social media affects the business in different formats. Some of the basic categories are as follows: 2.4.1. User's Anonymity and User's Profile and Personal Information: Most of the user’s accounts are developed in the name of the users. This the first and the most promising support in exploring the detailed information as enables the hackers in tracing the person (Wondracek et al., 2010). Zhou & Pei (2008) identified the system with which the attacker can trace the person with the relationships or interconnections as depicted in the image below: (Gunatilaka, 2011) Therefore, knowledge of any of the nodes can result in attacking interconnected person in the neighborhood. Gunatilaka (2011) and Krishnamurthy & Wills (2008) have reported different sources where information is leaked either due to the poor privacy settings or due to the sale of information to the third party for the commercial purpose etc. 2.4.2. Identity Theft Issues: System of social media sites that facilitate the certain public information open to the public creates various issues pertaining to the identity. Bilge et al (2009) has reported that profile can be cloned either by copying existing profile or by cross-site profile where identity and detail of one are being used by attacker to create any account on other sites. In the similar context, the attackers often end up cloning the website also. Huber et al (2011) has identified phenomenon entitled social phishing even with the name of the account holders’ friend and grabs the information from the account user. 2.4.3. Span Issues: Information from the social site interconnections are also used by attackers for the sending span on social site (Net Security, 2010), and email based (Balduzzi et al., 2010). Also Huber et al (2011) has identified span where session between victim and the social site is hijacked which is then used for retrieving the information of the user and interconnected accounts. The graphical representation of the hijacked session is as follows: (Gunatilaka, 2011) 2.5. CHALLENGE The safeguarding the threat of privacy breach and measure to control it is also affected by wide number of challenges. All these challenges arises different dimension on the basis of their purpose. However, the most important challenge to the measures of privacy and threat from interconnectivity arises from both sides of an equation. At one end, the privacy measures require safeguarding the user of SNS from the fraudulent, theft and uninformed use of the personal information. On the other hand, the privacy enforcing agencies are also required employee all measures and tools that enable the investigation of mischievous activities and identifying users who are using SNS for exploiting the personal resource of other (Gunatilaka, 2011). For instance, the proposed web regulation often threatens the freedom of web and internet usage (Black, 2012). Hence, the challenge lies in balancing the both sides of the information, privacy and communication (Spinello, 2011). 3. METHODOLOGY The methodology refers to the scientifically defined systematic plan for the completion of activities required for the objective of the research. It is one of the most important components of the research as the roadmap determined in accordance to the methodology literature contributes to the strength of the study (Saunders, Thornhill, & Lewis, 2009). The philosophical stance of the underlying research is based on the positivism as it can be defined into the formally defined structure. Furthermore, the study is based on the deductive strategy as it leverages concept from the already developed literature. The research employees the qualitative as well as quantitative research methods where former is based on the literature review while the latter will be based on the questionnaire responses. Hence, the source of data will be primary and secondary. 3.1. Primary Data The primary data is the type of data that is collected for the first time in order to develop information with respect to the research objectives. The most important characteristic of primary data lie in the fact that data can be collected in a ways that suits to the assessment need of the research objectives (Patton, 2002). The questionnaire will be designed for the collective of collection of the qualitative data for this research. 3.2. Secondary Data The secondary data is the type of data that has been collected and processed for some other purpose and provide relevant information pertaining to the research under development (Maylor & Blackman, 2005). The secondary data will facilitate the literature review for the research. Also on the basis of the secondary data, the results of the underlying study will be assessed. The data will be collected from reputed research journals, news articles and other authentic sources. 3.3. Sampling As a matter of fact all the individuals as well as businesses with the connectivity with social networking sites are important for their view pertaining to the research objective of this study. However, due to the limitation of the cost, time, accessibility and others the research will draw a representative sample of 100 representatives equally from the business and individuals. Sample is the sub set of the entire concerned population and represent the characteristics of the whole population based with a margin of error. The purposeful sampling method will be done as the objective of the research is to fulfill the stated purpose of the study. 3.4. Data Analysis The data analysis of the questionnaire will be done by the descriptive analysis as along with the graphical representations. Furthermore, the analysis will also develop the discussion pertaining to the alignment of the research results with the already developed literature. 3.5. Limitations Questionnaires are often faced with limitation of incomplete submission. To deal with this, questionnaires are structured with simple and easy language in order to make it understandable by the participants. The paper has also addressed the ethical consideration by providing the written information about the objective of the study to the participants. With all these measures of the methodology research intends to contribute sound addition to the relevant literature. 4. DATA ANALYSIS The analysis of the responses of the completed questionnaire is presented in this section. The question-wise analysis was conducted in order to present the collected information in a comprehensive form: The questionnaire initiated by giving the respondents an option to state the purpose for which they use social media websites. The open ended questionnaire received varied responses with majority stating the connectivity for the information, entertainment and business. Among different responses, some of even mentioned viewing and exploring the profiles of others even unknown as one of the objective of the using social networking sites. This is in line the fact established by the (Sar & Al-Saggaf, 2013). Therefore, the accessibility to the basic information or information not strictly restricted by the user also makes its available to general masses. This is the first step towards the insecurity and privacy lapse about the SNS. Question 1 Following responses were received about the level of important SNS sites are given by the participants of the study: Wide mass of nearly 93% percent reported that social networking sites are important for them with around 75% of the people considering the important at a higher level. This fact is also well reported from the statistics presented about different social sites. Therefore, the presence of this vast majority at the social sites makes it a heaven for those with mal-intention to capture the easy victims. Question 2: Presented below statistics were developed on the basis of responses pertaining to the disliked aspects of social media: The importance of the privacy matters come to surface as it is considered as the most highlighted issues by the respondents. Aligned with the privacy theory this explains that users of SNS consider disruptive interruption from any sides without permission as the most disliked feature about the SNS (Tavani, 2011). It is important to notice that disruption from any side is considered unlikely by the users. This is a serious threat to the social networking sites as it is selling this information and making its available to different other businesses for commercial use. Hence, there may raise a serious collision of interest of such sites with respect to account holders as well as other stream of revenue from businesses and third party. Question 3: Respondents were enquired of the opinion they hold with respect to the level of safety of information at social sites. The responses collected developed following statistics: The responses to these questions add to the concern of privacy from the users of SNS as less than quarter of the percentage of the users are convinced of the security provided by such sites. It is important to notice that nearly 50 percent people opted for not so sure. One potential reason to this fact is the rising discussion of about the usage of data mining and other analytical tools on important events and for business purposes. For instance, the example quoted about the presidential campaign for Obama that won with an inch role played by social media techniques. Question 4: The question aimed to further dig down the level of awareness, in addition to the general thinking, level about the safety and security of the personal information on social media websites. Given below results were developed: The statistics from this question asserts the findings of the Lee, Park, and Kim (2013) which states the sharing of contextual information behavior is more induced by the perceived benefits associated with the social media. Further, the vast majority of participants were less showed less awareness towards this non-safety of the personal information. This lack of awareness can be attributed to the confidence that account holders have on the privacy settings provided by different sites. Question 5: Readiness to restrict the personal information on the social websites on developing awareness about the lack of safety and security on social sites: The responses to this question carry some critical information for businesses as well as sites. There can be serious threat to the potential usage of these sites if the users develop the wide awareness about the lack of security to content fed on these sites despite the privacy setting claims. A sample evidence to potential behavior has been noted by Kirkpatrick (2011) in the book, The facebook Effect, where author claims that social media has forced its impact on the political activists and entire democratic process. Question 6: This question enquired the respondents view about the impact on socials sites when the lacking with respect to the safety of the information is revealed to the users. The respondents considered the significant hurting impact on the respective sites. The total responses pattern has been as follows: This is another addition to the seriousness of threat to the social sites. It is a matter of fact that SNS have contributed in driving even business to and from the customers to a certain direction. Therefore, significantly limitless and expanded reach of social media can also affects its own existence once the campaign against appears in vogue. Question 7: In addition to the level of awareness about the privacy issues, the underlying question was aimed to develop the statistics about the percentage of respondents who have been victims of these worms: The statistics from this question unveils certain important information. Around 45% of the 100 participants were sure about their status of being victim of such worms and infections while 55% of the respondents were even sure about their status. An interpretation of these statistics can be fact that respondents’ have not faced any serious trouble such as misconduct from the account after being hacked etc. It is important to mention that the spam emails are often not considered as the breach of privacy. Question 8: This questionnaire was formed to collect further deep down information about the respondents’ awareness of the type of leakages their personal information can be subject to. For three categories, given below level of awareness was explored: As the previous question presented the statistics that users are not aware of themselves being hit by the breach of privacy or not; therefore, this question aimed to identify the awareness of account holders about different forms of privacy breaches. The information from the respondents reveals that participants are only aware of the type of privacy issues that originate from the common forms of spam. This question allowed respondents to select more than one options, still the awareness pertaining to the copying of information and identity theft was selected by only 30 respondents. Therefore, the intensity of the infection affect still does not have required level of awareness (Sood and Enbody, 2011a). Question 9: This question was aimed to explore the critical information pertaining to the readiness of the respondents to share the information for broader level of regulatory and security concerns. The respondents showed mixed level of readiness: Privacy breach is reported to be one of the most important features identified as one disliked by the users, it is also an important challenger to the SNS. The dominantly mixed opinion of the account holders with respect to the readiness of sharing information requires SNS to spent resources to explore the factors that contribute to the readiness and prohibition stance of the account holders. Question 10: The last question enquired the respondents view about the challenges faced by the social networking sites. The respondents showed significant inclination towards the understanding that privacy is the most critical challenges posed to the social sites. The other options’ related responses were as follows: Will all the aspect identified, the biggest challenges for SNS in the view of the social media users is to ensure the security and safety of the data. It is important to notice that through out the participants have shown kind of rigidness towards privacy setting facilitation by the service provider. Therefore, it will continue to remain a challenge for the SNS as referred already referred in the literature review section (Spinello, 2011). 5. CONCLUSION/RECOMMENDATIONS Social media has taken driving seat in the virtual connectivity of the business. Along with the wide range of benefits that have been exploited by the users of the SNS, the privacy issues continue to pose a significant challenge. The research with the secondary literature has identified various systems that shall be employed for striking the right balance in using the information of account holders. The balance is to be struck on using the information for necessary growth of SNS and facilities development while on the other hand to ensure the privacy of the account user has not been violated. The paper, with the primary study has identified that users of SNS are significantly rigid towards the privacy settings and presume that it will affect the service provider in case of any breach; however, in most instances the participants of the SNS account holders appeared to be less aware of the forms of privacy violation. The results from the study are mixed i.e. certain level of alignment as well as contradiction to the study of Lee, Park, and Kim (2013). Users of the SNS insist on the security setting and its importance. The users of SNS are also not dominantly sure about the breach of the privacy settings of their account. Due to this mixed status, the apparent benefit of connectivity induces the positive impact of these sites and users in line with the Lee, Park, and Kim (2013) share their personal content. From revealed information, it can also be conclude that users of SNS are significantly less aware of the infection affect that spreads from one user to another as results of interconnectivity. Participants of the study concluded to be have limited information about the types of worms and privacy breaches that result from the interconnection, as reported by Gunatilaka (2011) and Krishnamurthy & Wills (2008), Net Security (2010) and Balduzzi et al (2010). The study results also concludes that striking the right balance in using the information necessary for the development and growth of SNS while meeting the privacy standards as required by the users will continue to be challenge for the SNS providers (Spinello, 2011). With these conclusions at effect, following recommendations are presented for the SNS as well as users: The users shall be cautious in posting feeds to the sites as well as sharing personal information to unknown emails. Even also sharing information to such requests shall be done after collecting full information about the authenticity of such requesting emails etc. The SNS, on other side, shall constantly develop the update and notification about the privacy to the account users. This will serve as a reminder to the users for keeping constant check on their privacy settings. Hence, it is important for SNS to consistently review the privacy settings that have been leaped over by the attackers and updating the fences towards the account users. 6. LIST OF REFERENCES Al-Saggaf, Y., & Islam, M. Z. (2013). A Malicious Use of a Clustering Algorithm to Threaten the Privacy of a Social Networking Site User. World, 1(2), 29-34. Balduzzi, M., Platzer, C., Holz, T., Kirda, E., Balzarotti, D., & Kruegel, C. (2010). Abusing social networks for automated user profiling. In Recent Advances in Intrusion Detection (pp. 422-441). Springer Berlin Heidelberg. Bedi, R., Gove, N. R., & Wadhai, V. M. (2012). Application of Hippocratic principles for privacy preservation in social network. In Information and Communication Technologies (WICT), 2012 World Congress on (pp. 95-101). IEEE Bilge, L., Strufe, T., Balzarotti, D., & Kirda, E. (2009). All your contacts are belong to us: automated identity theft attacks on social networks. In Proceedings of the 18th international conference on World wide web (pp. 551-560). ACM. Black, E. (2012). Proposed web regulations threaten free internet. Available from http://www.forbes.com/sites/edblack/2012/10/04/proposed-web-regulations-threaten-free-internet/ [Accessed 13 December 2013] Boyd, D., and Ellison, N. B. (2007). Social network sites: Definition, history, and scholarship. Journal of Computer?Mediated Communication, 13(1), 210-230. Cluley, G. (2011). What is FouTube? Viral facebook clickjacking video scams explored. Available from http://nakedsecurity.sophos.com/2011/03/12/what-is-foutube-viral-facebook-clickjacking-video-scams-explored/ [Accessed 13 December 2013] Constantin, L. (2011). Drive-by download attack on Facebook used malicious ads. Available from http://www.pcworld.com/article/241164/driveby_download_attack_on_facebook_used_malicious_ads.html [Accessed 13 December 2013] De Wolf, R., Heyman, R., & Pierson, J. (2013). Privacy by Design Through a Social Requirements Analysis of Social Network Sites form a User Perspective. In European Data Protection: Coming of Age (pp. 241-265). Springer Netherlands. Desilver, D. (2013). Chart of the week: the world’s most popular websites. Available from http://www.pewresearch.org/fact-tank/2013/10/04/chart-of-the-week-the-worlds-most-popular-web-sites/ [Accessed 13 December 2013] Faghani, M. R., & Saidi, H. (2009). Social networks' XSS worms. InComputational Science and Engineering, 2009. CSE'09. International Conference on (Vol. 4, pp. 1137-1141). IEEE. Gallagher, S. (2009). Social networks a magnet for malware. Available from http://www.internetnews.com/bus-news/article.php/3803051/Social-Networks-a-Magnet-for-Malware.htm [Accessed 13 December 2013] Go-Gulf. (2012). Comparative data for LinkedIn, twitter, Facebook, Google+ and Pinterest. Available from http://60secondmarketer.com/blog/2012/10/05/social-media-usage-statistics-infographic/ [Accessed 13 December 2013] Gunatilaka, D. (2011). A survey of privacy and security issues in social networks. Available from http://www.cs.wustl.edu/~jain/cse571-11/ftp/social.pdf [Accessed 13 December 2013] Huber, M., Mulazzani, M., Weippl, E., Kitzler, G., & Goluch, S. (2011). Friend-in-the-middle attacks: Exploiting social networking sites for spam. Internet Computing, IEEE, 15(3), 28-34. Imam, Z. (2013). Obama’s Pakistani connection. Available from http://tribune.com.pk/story/494832/obamas-pakistani-connection/ [Accessed 13 December 2013] Kirkpatrick, D. (2011). The Facebook Effect: The Inside Story of the Company That Is Connecting the World. NY: Simon & Schuster Krishnamurthy, B., & Wills, C. E. (2008). Characterizing privacy in online social networks. In Proceedings of the first workshop on Online social networks (pp. 37-42). ACM. Larson, D. (2012). Infographic: spring 2012 social media user statistics. Available from http://blog.tweetsmarter.com/social-media/spring-2012-social-media-user-statistics/ Lee, H., Park, H., & Kim, J. (2013). Why do people share their context information on Social Network Services?: A qualitative study and an experimental study on users' behavior of balancing perceived benefit and risk. International Journal of Human-Computer Studies, vol. 71, no. 9, pp. 862-877 Maylor, H, & Blackman, K. (2005), Research Business & Management, Basingstoke, Uk: Palgrave Macmillan. Merrill, T., Latham, K., Santalesa, R., and Navetta, D. (2011). Social media: the business benefits may be enormous, but can the risks – reputational, legal, operational – be mitigated? Available from http://www.acegroup.com/us-en/assets/ace-progress-report-social-media.pdf [Accessed 13 December 2013] Net Security. (2010). Facebook users think social networking spam is a problem. Available from http://www.net-security.org/secworld.php?id=10208 [Accessed 13 December 2013] Patton, M. (2002), Qualitative research and evaluation methods. Thousand Oaks CA: Sage Publications Inc. Sar, R. K., & Al-Saggaf, Y. (2013). Social networking sites' tracking of unintentionally shared information. First Monday, 18(6). Saunders, M, Thornhill, A, & Lewis, P. (2009),  Research Method for Business Students,  London: Financial Times Prentice Hall. Sood, A. K., & Enbody, R. (2011a). Chain Exploitation—Social Networks Malware. ISACA Journal, 1, 31. Sood, A., and Enbody, R. (2011b). Online social networks: Malware launch pads. Available from http://www.net-security.org/malware_news.php?id=1895 [Accessed 13 December 2013] Sophos. (2010). Malware and spam rise 70% on social networks, security report reveals. Available from http://www.sophos.com/en-us/press-office/press-releases/2010/02/security-report-2010.aspx [Accessed 13 December 2013] Spinello, R. A. (2011). Privacy and Social Networking Technology. International Review of Information Ethics, 16, 12. Symantec. (2013). Malicious shortened URLs on social networking sites. Available from http://www.symantec.com/threatreport/topic.jsp?id=threat_activity_trends&aid=malicious_shortened_urls [Accessed 13 December 2013] Tavani, H. T. (1999). Informational privacy, data mining, and the internet. Ethics and Information Technology, 1(2), 137-145. Tavani, H. T. (2010). Ethics and technology: Controversies, questions, and strategies for ethical computing. Hoboken, NJ: John Wiley Wondracek, G., Holz, T., Kirda, E., & Kruegel, C. (2010). A practical attack to de-anonymize social network users. In Security and Privacy (SP), 2010 IEEE Symposium on (pp. 223-238). IEEE. Zhou, B., & Pei, J. (2008). Preserving privacy in social networks against neighborhood attacks. In Data Engineering, 2008. ICDE 2008. IEEE 24th International Conference on (pp. 506-515). IEEE. 7. APPENDIX QUESTIONNAIRE What is your main purpose of using social media? (Open ended ques) 1.- How important you think social media has become in our life? Very important Important Somewhat important not so much important least important 2.- What is the thing that you do not like on social media? Disclosure of information Security issues It consumes a lot of your time Too much advertisement Others are aware of what you are doing others 3.- Do you think your information is safe and secure on these social media websites? Yes No Not sure 4.- Are you aware that your information, images, and videos that you share may not be safe and confidential? Yes No I don’t care about such issues 5.-Will you restrict sharing of information on social media websites if you are sure it is not safe and confidential? Yes No Not sure 6.-If it is found that the images you upload on social medias are not safe and private, then will it hurt these social media websites? Yes it will No It will only make a little difference 7.-Have you ever been the victim of the social media worms and privacy leakages? Yes No Not sure 8.-Which of the following privacy leakages forms are your aware of? User's Anonymity and User's Profile and Personal Information Identity theft (copying existing profile or by cross-site profile) Span Issues (email, social sites, session hijacked issues) 9- For the broader security and regulatory reasons, it is important for the agencies and regulatory authorities to check the profile and other information of account holders. With these reasons, are you convinced that the authorities should be allowed to reach your private information from social networking sites: Yes No Yes, with permission only 10.- In your opinion, what is the most important challenge being faced by social media websites? Dealing with security issues Dealing with issues of privacy Making sure that people continue to use these websites Do not advertise too much Continuous improvement Managing competition in the social media industry Read More