Aïmeur Esma, Díaz Ferreyra Nicolás, Hage Hicham
Department of Computer Science and Operations Research (DIRO), University of Montreal, Montreal, QC, Canada.
Research Training Group "User-Centred Social Media" University of Duisburg-Essen, Duisburg, Germany.
Front Artif Intell. 2019 Nov 29;2:26. doi: 10.3389/frai.2019.00026. eCollection 2019.
In the real world, the disclosure of private information to others often occurs after a trustworthy relationship has been established. Conversely, users of Social Network Sites (SNSs) like Facebook or Instagram often disclose large amounts of personal information prematurely to individuals which are not necessarily trustworthy. Such a low privacy-preserving behavior is often exploited by deceptive attackers with harmful intentions. Basically, deceivers approach their victims in online communities using incentives that motivate them to share their private information, and ultimately, their credentials. Since motivations, such as financial or social gain vary from individual to individual, deceivers must wisely choose their incentive strategy to mislead the users. Consequently, attacks are crafted to each victim based on their particular information-sharing motivations. This work analyses, through an online survey, those motivations and cognitive biases which are frequently exploited by deceptive attackers in SNSs. We propose thereafter some countermeasures for each of these biases to provide personalized privacy protection against deceivers.
在现实世界中,向他人披露私人信息通常是在建立了可信赖的关系之后才会发生。相反,像脸书或照片墙这样的社交网站用户常常过早地向不一定值得信赖的个人披露大量个人信息。这种低隐私保护行为常常被怀有恶意的欺骗性攻击者利用。基本上,欺骗者在在线社区中接近他们的受害者时会利用一些激励手段,促使受害者分享他们的私人信息,最终分享他们的凭证。由于诸如经济利益或社会收益等动机因人而异,欺骗者必须明智地选择他们的激励策略来误导用户。因此,针对每个受害者,攻击都是根据他们特定的信息共享动机精心策划的。这项工作通过在线调查分析了社交网站中欺骗性攻击者经常利用的那些动机和认知偏差。此后,我们针对这些偏差中的每一种提出了一些对策,以提供针对欺骗者的个性化隐私保护。
