Social network attack simulation with honeytokens

Abstract

In the social media era, the ever-increasing utility of Online Social Networks (OSN) services provide a variety of benefits to users, organizations, and service providers. However, OSN services also introduce new threats and privacy issues regarding the data they are dealing with. For instance, in a reliable OSN service, a user should be able to set up his desired level of information sharing and securely manage sensitive data. Currently, few approaches exist that can model OSNs for the purpose, let alone a model the effects that attackers can have on these networks. In this work a novel OSN modeling approach is presented to fill the gap. This model is based on an innovative game-theoretic approach and it is analyzed both from a theoretical and simulation-oriented view. The game-theoretic model is implemented to analyze several attack scenarios. Honeytokens, which are an information security tool based upon deception, are defined and identified as a security tool that could help in OSN security. As the results show, there are several scenarios where OSN services are very vulnerable and hence more protection mechanisms should be provided to secure the data contained across these networks, including the use of honeytokens. In this work we introduce a novel OSN modeling approach for optimal data sharing based on innovative game theories, considering the states/optimal policies of data sharing on OSNs and possible confrontations between the attacker and the user. After we develop the theoretical framework, we conduct experiments, integrating our ideas with honeytokens in several attack scenarios. Finally, we analyze our experimental results and discuss recommendations based on the results.