Your love is public now: Questioning the use of personal information in authentication

Most social networking platforms protect user's private information by limiting access to it to a small group of members, typically friends of the user, while allowing (virtually) everyone's access to the user's public data. In this paper, we exploit public data available on Facebook...

Full description

Saved in:
Bibliographic Details
Main Authors: Gupta, Payas, GOTTIPATI, Swapna, JIANG, Jing, GAO, Debin
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2013
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/2298
https://ink.library.smu.edu.sg/context/sis_research/article/3298/viewcontent/asiaccs13.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-3298
record_format dspace
spelling sg-smu-ink.sis_research-32982014-09-30T07:26:13Z Your love is public now: Questioning the use of personal information in authentication Gupta, Payas GOTTIPATI, Swapna JIANG, Jing GAO, Debin Most social networking platforms protect user's private information by limiting access to it to a small group of members, typically friends of the user, while allowing (virtually) everyone's access to the user's public data. In this paper, we exploit public data available on Facebook to infer users' undisclosed interests on their profile pages. In particular, we infer their undisclosed interests from the public data fetched using Graph APIs provided by Facebook. We demonstrate that simply liking a Facebook page does not corroborate that the user is interested in the page. Instead, we perform sentiment-oriented mining on various attributes of a Facebook page to determine the user's real interests. Our experiments conducted on over 34,000 public pages collected from Facebook and data from volunteers show that our inference technique can infer interests that are often hidden by users on their personal profile with moderate accuracy. We are able to disclose 22 interests of a user and find more than 80,097 users with at least 2 interests. We also show how this inferred information can be used to break a preference based backup authentication system. 2013-05-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/2298 info:doi/10.1145/2484313.2484319 https://ink.library.smu.edu.sg/context/sis_research/article/3298/viewcontent/asiaccs13.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Computer Sciences
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Computer Sciences
spellingShingle Computer Sciences
Gupta, Payas
GOTTIPATI, Swapna
JIANG, Jing
GAO, Debin
Your love is public now: Questioning the use of personal information in authentication
description Most social networking platforms protect user's private information by limiting access to it to a small group of members, typically friends of the user, while allowing (virtually) everyone's access to the user's public data. In this paper, we exploit public data available on Facebook to infer users' undisclosed interests on their profile pages. In particular, we infer their undisclosed interests from the public data fetched using Graph APIs provided by Facebook. We demonstrate that simply liking a Facebook page does not corroborate that the user is interested in the page. Instead, we perform sentiment-oriented mining on various attributes of a Facebook page to determine the user's real interests. Our experiments conducted on over 34,000 public pages collected from Facebook and data from volunteers show that our inference technique can infer interests that are often hidden by users on their personal profile with moderate accuracy. We are able to disclose 22 interests of a user and find more than 80,097 users with at least 2 interests. We also show how this inferred information can be used to break a preference based backup authentication system.
format text
author Gupta, Payas
GOTTIPATI, Swapna
JIANG, Jing
GAO, Debin
author_facet Gupta, Payas
GOTTIPATI, Swapna
JIANG, Jing
GAO, Debin
author_sort Gupta, Payas
title Your love is public now: Questioning the use of personal information in authentication
title_short Your love is public now: Questioning the use of personal information in authentication
title_full Your love is public now: Questioning the use of personal information in authentication
title_fullStr Your love is public now: Questioning the use of personal information in authentication
title_full_unstemmed Your love is public now: Questioning the use of personal information in authentication
title_sort your love is public now: questioning the use of personal information in authentication
publisher Institutional Knowledge at Singapore Management University
publishDate 2013
url https://ink.library.smu.edu.sg/sis_research/2298
https://ink.library.smu.edu.sg/context/sis_research/article/3298/viewcontent/asiaccs13.pdf
_version_ 1770572076672876544