PTMOL: a suitable approach for modeling privacy threats in online social networks


Online Social Networks (OSNs) have become one of the principal technological phenomena of the Web, gaining an eminent popularity among its users. With the growing worldwide expansion of OSN services, people have devoted time and effort to maintaining and manipulating their online identity on these systems. However, the processing of personal data through these networks has exposed users to various privacy threats. Consequently, new solutions need to be developed for addressing the threat scenarios to which a user is potentially exposed. In this sense, this paper proposes PTMOL (Privacy Threat MOdeling Language), an approach for modeling privacy threats in OSN domain. The proposed language aims to support the capture, organization and analysis of specific privacy threats that a user is exposed to when sharing assets in a social application, also enabling the definition of countermeasures to prevent or mitigate the effects of threat scenarios. The first language version has undergone a preliminary empirical study that identified its validity as a modeling language. The results indicate that the use of the language is potentially useful for identifying real privacy threats due to its exploratory and reflexive nature. We expect to contribute to support designers in making more preemptive decisions about user privacy risk, helping them to introduce privacy early in the development cycle of social applications.

Palavras-chave: Threat modeling, privacy threat, online social network, empirical study


Jemal H Abawajy, Mohd Izuan Hafez Ninggal, and Tutut Herawan. 2016. Privacy preserving social network data publication. IEEE communications surveys & tutorials 18, 3 (2016), 1974--1997.

Younes Abid, Abdessamad Imine, and Michael Rusinowitch. 2018. Online testing of user profile resilience against inference attacks in social networks. In European Conference on Advances in Databases and Information Systems. Springer, 105--117.

A. Aktypi, J.R.C. Nurse, and M. Goldsmith. 2017. Unwinding Ariadne's identity thread: Privacy risks with fitness trackers and Online Social Networks. MPS 2017 - Proceedings of the 2017 Workshop on Multimedia Privacy and Security, co-located with CCS 2017 2017-January (2017), 1--11. cited By 6.

H.A. Al-Asmari and M.S. Saleh. 2019. A conceptual framework for measuring personal privacy risks in facebook online social network. 2019 International Conference on Computer and Information Sciences, ICCIS 2019 (2019). cited By 0.

Shaukat Ali, Naveed Islam, Azhar Rauf, Ikram Ud Din, Mohsen Guizani, and Joel JPC Rodrigues. 2018. Privacy and security issues in online social networks. Future Internet 10, 12 (2018), 114.

Irwin Altman. 1975. The Environment and Social Behavior: Privacy, Personal Space, Territory, and Crowding. (1975).

Simone Barbosa and Bruno Silva. 2010. Interação humano-computador. Elsevier Brasil.

L. Bioglio, S. Capecchi, F. Peiretti, D. Sayed, A. Torasso, and R.G. Pensa. 2019. A Social Network Simulation Game to Raise Awareness of Privacy among School Children. IEEE Transactions on Learning Technologies 12, 4 (2019), 456--469. cited By 1.

H. Brakemeier, T. Widjaja, and P. Buxmann. 2016. Calculating with different goals in mind - The moderating role of the regulatory focus in the privacy calculus. 24th European Conference on Information Systems, ECIS 2016 (2016). cited By 1.

I. Casas, J. Hurtado, and X. Zhu. 2015. Social network privacy: Issues and measurement. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 9419 (2015), 488--502. cited By 2.

Fred D Davis. 1989. Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS quarterly (1989), 319--340.

S.J. De and A. Imine. 2018. Privacy scoring of social network user profiles through risk analysis. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 10694 LNCS (2018), 227--243. cited By 0.

S.J. De and A. Imine. 2018. To reveal or not to reveal: Balancing user-centric social benefit and privacy in online social networks. Proceedings of the ACM Symposium on Applied Computing (2018), 1157--1164. cited By 3.

Tamara Denning, Batya Friedman, and Tadayoshi Kohno. 2013. The Security Cards: A Security Threat Brainstorming Toolkit. Univ. of Washington, (2013).

Valerian J Derlega and Alan L Chaikin. 1977. Privacy and self-disclosure in social relationships. Journal of Social Issues 33, 3 (1977), 102--115.

C. Dong and B. Zhou. 2016. Privacy inference analysis on event-based social networks. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 10047 LNCS (2016), 421--438. cited By 0.

Adrian Fernandez, Silvia Abrahão, Emilio Insfran, and Maristella Matera. 2012. Further analysis on the validation of a usability inspection method for model-driven web development. In Proceedings of the ACM-IEEE international symposium on Empirical software engineering and measurement. 153--156.

R. Fogues, J.M. Such, A. Espinosa, and A. Garcia-Fornes. 2015. Open Challenges in Relationship-Based Privacy Mechanisms for Social Network Services. International Journal of Human-Computer Interaction 31, 5 (2015), 350--370. cited By 30.

Omar Jaafor and Babiga Birregah. 2015. Multi-layered graph-based model for social engineering vulnerability assessment. In 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM). IEEE, 1480--1488.

O. Jaafor, B. Birregah, C. Perez, and M. Lemercier. 2015. Privacy threats from social networking service aggregators. Proceedings - 5th Cybercrime and Trustworthy Computing Conference, CTC 2014 (2015), 30--37. cited By 2.

S. Joyee De and A. Imine. 2019. On Consent in Online Social Networks: Privacy Impacts and Research Directions (Short Paper). Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 11391 LNCS (2019), 128--135. cited By 0.

S. Kavianpour, Z. Ismail, and A. Mohtasebi. 2011. Effectiveness of using integrated algorithm in preserving privacy of social network sites users. Communications in Computer and Information Science 167 CCIS, PART 2 (2011), 237--249. cited By 0.

H. Kumar, S. Jain, and R. Srivastava. 2017. Risk analysis of online social networks. Proceeding - IEEE International Conference on Computing, Communication and Automation, ICCCA 2016 (2017), 846--851. cited By 1.

Oliver Laitenberger and Horst M Dreyer. 1998. Evaluating the usefulness and the ease of use of a web-based inspection data collection tool. In Proceedings Fifth International Software Metrics Symposium. Metrics (Cat. No. 98TB100262). IEEE, 122--132.

Carlos Laorden, Borja Sanz, Gonzalo Alvarez, and Pablo G Bringas. 2010. A threat model approach to threats and vulnerabilities in on-line social networks. In Computational Intelligence in Security for Information Systems 2010. Springer, 135--142.

S. Mahmood. 2012. New privacy threats for facebook and twitter users. Proceedings - 2012 7th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2012 (2012), 164--169. cited By 10.

Nancy R Mead, Forrest Shull, Krishnamurthy Vemuru, and Ole Villadsen. 2018. A hybrid threat modeling method. Carnegie Mellon University-Software Engineering Institute-Technical Report-CMU/SEI-2018-TN-002 (2018).

Microsoft. 2003. Threat Modeling. url

S. Nobari, P. Karras, H. Pang, and S. Bressan. 2014. L-opacity: Linkage-aware graph anonymization. Advances in Database Technology - EDBT 2014: 17th International Conference on Extending Database Technology, Proceedings (2014), 583--594. cited By 9.

Samia Oukemeni, Helena Rifà-Pous, and Joan Manuel Marquès Puig. 2019. Privacy analysis on microblogging online social networks: a survey. ACM Computing Surveys (CSUR) 52, 3 (2019), 1--36.

Sandra Petronio. 2002. Boundaries of privacy: Dialectics of disclosure. Suny Press.

Andreas Pfitzmann and Marit Hansen. 2010. A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management.

Bradley Potteiger, Goncalo Martins, and Xenofon Koutsoukos. 2016. Software and attack centric integrated threat modeling for quantitative risk assessment. In Proceedings of the Symposium and Bootcamp on the Science of Security. 99--108.

Kai Rannenberg. 2011. ISO/IEC standardization of identity management and privacy technologies. Datenschutz und Datensicherheit-DuD 35, 1 (2011), 27--29.

S. Rathore, P.K. Sharma, V. Loia, Y.-S. Jeong, and J.H. Park. 2017. Social network security: Issues, challenges, threats, and solutions. Information Sciences 421 (2017), 43--69. cited By 35.

Riccardo Scandariato, Kim Wuyts, and Wouter Joosen. 2015. A descriptive study of Microsoft's threat modeling technique. Requirements Engineering 20, 2 (2015), 163--180.

Zhenpeng Shi, Kalman Graffi, David Starobinski, and Nikolay Matyunin. 2021. Threat Modeling Tools: A Taxonomy. IEEE Security & Privacy 01 (2021), 2--13.

Reza Shokri, George Theodorakopoulos, Carmela Troncoso, Jean-Pierre Hubaux, and Jean-Yves Le Boudec. 2012. Protecting location privacy: optimal strategy against localization attacks. In Proceedings of the 2012 ACM conference on Computer and communications security. 617--627.

Adam Shostack. 2008. Experiences Threat Modeling at Microsoft. MODSEC@MoDELS 2008 (2008), 35.

Adam Shostack. 2014. Threat modeling: Designing for security. John Wiley & Sons.

Forrest Shull, Jeffrey Carver, and Guilherme H Travassos. 2001. An empirical methodology for introducing software processes. ACM SIGSOFT Software Engineering Notes 26, 5 (2001), 288--296.

Madhuri Siddula, Lijie Li, and Yingshu Li. 2018. An empirical study on the privacy preservation of online social networks. IEEE Access 6 (2018), 19912--19922.

Olivia Solon. 2018. Facebook says Cambridge Analytica may have gained 37m more users' data. The Guardian 4 (2018).

M. Sramka. 2012. Privacy scores: Assessing privacy risks beyond social networks. Infocommunications Journal 4, 4 (2012), 36--41. cited By 1.

Guilherme Horta Travassos, Dmytro Gurov, and EAGG Amaral. 2002. Introdução à engenharia de software experimental. (2002).

R. Tucker, C. Tucker, and J. Zheng. 2015. Privacy pal: Improving permission safety awareness of third party applications in online social networks. Proceedings - 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security and 2015 IEEE 12th International Conference on Embedded Software and Systems, HPCC-CSS-ICESS 2015 (2015), 1268--1273. cited By 2.

Tony UcedaVelez and Marco M Morana. 2015. Risk Centric Threat Modeling: process for attack simulation and threat analysis. John Wiley & Sons.

H.Q. Vu, R. Law, and G. Li. 2019. Breach of traveller privacy in location-based social media. Current Issues in Tourism 22, 15 (2019), 1825--1840. cited By 2.

Y. Wang and R.K. Nepali. 2015. Privacy threat modeling framework for online social networks. 2015 International Conference on Collaboration Technologies and Systems, CTS 2015 (2015), 358--363. cited By 5.

C. Watanabe, T. Amagasa, and L. Liu. 2011. PrIvacy risks and countermeasures in publishing and mining social network data. ColiaborateCom 2011 - Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (2011), 55--66. cited By 6.

G. Wen, H. Liu, J. Yan, and Z. Wu. 2018. A privacy analysis method to anonymous graph based on bayes rule in social networks. Proceedings - 14th International Conference on Computational Intelligence and Security, CIS 2018 (2018), 469--472. cited By 0.

Kim Wuyts, Dimitri Van Landuyt, Aram Hovsepyan, and Wouter Joosen. 2018. Effective and efficient privacy threat modeling through domain refinements. In Proceedings of the 33rd Annual ACM Symposium on Applied Computing. 1175--1178.

Wenjun Xiong and Robert Lagerström. 2019. Threat modeling-A systematic literature review. Computers & security 84 (2019), 53--69.

Heng Xu, Hock-Hai Teo, and Bernard Tan. 2005. Predicting the adoption of location-based services: the role of trust and perceived privacy risk. ICIS 2005 proceedings (2005), 71.

Y. Zeng, Y. Sun, L. Xing, and V. Vokkarane. 2015. A study of online social network privacy via the TAPE framework. IEEE Journal on Selected Topics in Signal Processing 9, 7 (2015), 1270--1284. cited By 7.

Elena Zheleva and Lise Getoor. 2009. To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles. In Proceedings of the 18th international conference on World wide web. 531--540.

Elena Zheleva and Lise Getoor. 2011. Privacy in social networks: A survey. In Social network data analytics. Springer, 277--306.
Como Citar

Selecione um Formato
RODRIGUES, Andrey; VILLELA, Maria Lúcia; FEITOSA, Eduardo. PTMOL: a suitable approach for modeling privacy threats in online social networks. In: SIMPÓSIO BRASILEIRO SOBRE FATORES HUMANOS EM SISTEMAS COMPUTACIONAIS (IHC), 21. , 2022, Diamantina. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2022 .