Online Social Network (OSN) applications and services such as picture sharing, wall posting, and the like, nowadays have a strong impact on the way users interact with each other. Catering for a broad range of users of all ages, and a vast difference in social, educational, and national background, these applications and services allow even users with limited technical skills to share a wide range of personal information with a theoretically unlimited number of partners. This advantage comes at the cost of increased security and privacy exposures for users for two main reasons: first of all, users tend to disclose private personal information with little guard, and secondly, existing OSN applications severely suffer from vulnerabilities in their privacy protection or the lack thereof. The exploitation of these vulnerabilities[1] can lead a malicious user to launch many different types of attacks such as Id theft, profile cloning or secondary data collection[2]. Furthermore, even assuming a perfect protection from such malicious users, legitimate users are still exposed to a major orthogonal privacy threat, since in all existing OSN applications, the service provider has access to all the data including some private information stored and managed by the application itself and can misuse such information easily.
Abstract. Current Online social networks (OSN) are web services run on logically centralized infrastructure. Large OSN sites use content distribution networks and thus distribute some of the load by caching for performance reasons, nevertheless there is a central repository for user and application data. This centralized nature of OSNs has several drawbacks including scalability, privacy, dependence on a provider, need for being online for every transaction, and a lack of locality. There have thus been several efforts toward decentralizing OSNs while retaining the functionalities offered by centralized OSNs. A decentralized online social network (DOSN) is a distributed system for social networking with no or limited dependency on any dedicated central infrastructure. In this chapter we explore the various motivations of a decentralized approach to online social networking, discuss several concrete proposals and types of DOSN as well as challenges and opportunities associated with decentralization.
Peer-to-Peer (P2P) protocols usage is proliferating for a variety of applications including time-and safety-critical ones. While the distributed design of P2P provides inherent fault tolerance to certain failures, the large-scale decentralized coordination exhibits various exploitable security threats. One of these key threats are Eclipse attacks, where a large fraction of malicious peers can surround, i.e., eclipse benign peers. Topology-aware localized Eclipse attacks (taLEAs) are a new class of such attacks that allows for highly efficient denial of service attacks with a small amount of malicious resources. Our contribution is twofold: First, we show the generic susceptibility of structured P2P protocols to taLEAs. Second, we propose a new lookup mechanism for the proactive and reactive detection and mitigation of such attacks. Our novel lookup mechanism complements the common deterministic lookup with randomized decisions in order to reduce the predictability of the lookup. We validate our proposed technique via extensive simulations, increasing the lookup success to 100% in many scenarios.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.