Presentation is loading. Please wait.

Presentation is loading. Please wait.

Social Networking Services and User Data Protection

Published byBlanche Stevenson Modified over 9 years ago

Similar presentations

Presentation on theme: "Social Networking Services and User Data Protection"— Presentation transcript:

1 Social Networking Services and User Data Protection
Big Data and Privacy Social Networking Services and User Data Protection Shuangbao (Paul) Wang Progessor Program Director for Cybersecurity University of Maryland, University College Center For security studies

2 Question: How many Fortune 500 Companies had data breaches last year?
Answer: 500

3

4 Solutions to Privacy? Industry -- Yes Academia -- May be not
Government – Yes, but putting backdoors Trying to find solutions. Why? – Defend? -- Prevent?

5 Social Services Big Data
Twitter Company Statistics Data (7/11/14) Total number of active registered Twitter users 645,750,000 Number of new Twitter users signing up everyday 135,000 Number of unique Twitter site visitors every month 190 million Average number of tweets per day 58 million Number of Twitter search engine queries every day 2.1 billion 40 TB/year == 8500 DVD

6 Individual Account Public Account
weChat has more users than Twitter. Why? Public Account

7 Developers Company Team Individual 88.9% 10% 1.1%
Education is among the 1.1%

8 Industries .net companies software developers .net services others 23.64% 43.31% 31.79% 1.46% They are all working on getting data from it. IRB privacy: no or minimum consent. People are not informed how the data are being used.

9 Education English learning, music, children, math, etc. All free.
Comparing with twitter, Wechat has no limitation for # of chars. Making it better for learning.

10 Data Breaches Card System 2005 $40M TJX 2007 $90M Heartland 2009 $130M Sony 2011 $100M Target 2013 $70M Home Depot 2014 $56M Unlike others, I’m not only list of the numbers. I’m working on finding solutions.

11 How much time is need to steal 300k data record?
It took ten years to reduce the time to identify a data breach from a week to days. GMU 1 Jan. 2005 32,000 A week to identify GMU 2 July 16, 2014 4,400 faculty College Park 1 Tue. Jan. 18, 2014 309,079 Hackers made a copy of DB data College Park 2 One month later 36 hours identify It is a very hard problem. How much time is need to steal 300k data record? < 1ms

12 Solutions? Algorithms - Traditional Algorithms – future Cisco
Google map Dijkstra, core: 10 lines? 10k lines? 10 million? Algorithms – future N Dimensions/Domains

13 HSPM Algorithm – Threat Analysis
INPUT: Some 200 parameters, DB scheme, encryption Vulnerability Assessment Report Hardware configurations Policies in place and Implementation Each assign a weight OUTPUT Threat factor – tf:[0 – 1.00] Recommendations and Guide Security = Hardware + Software + Policy + Management - Wang, 2006

14 HSPM - Experiments Traveler Enterprise 20 million business 1st round
Before: tf = 0.71, blue hat: steal all data After: tf = 0.38, blue hat: steal no data 2nd round tf reduces to 0.18 Merged by a big company

15

16 Free vs. not Free Question:
Suppose you have a full-time job. If there is an service charging $40 a year but does not collect your data. Question: Are you willing to switch to this service or would you rather stay in the current free services by scarifying your privacy? 91% -- Yes After HSPM & training 79% -- Yes

17 Log in with strong password over SSL
Two-factor authentication: login + SMS Is it secure? -- Yes: 98%

18 Protect Privacy? Our Privacy is on the hands of others
What we can do to defend our privacy ourselves? Policies Technologies How to “hide” yourself in this cyber insecurity world?

Download ppt "Social Networking Services and User Data Protection"

Similar presentations

SO YOU WANT TO BE A HACKER? Maybe not yet, but you will at the end of the hour!

SO YOU WANT TO BE A HACKER? Maybe not yet, but you will at the end of the hour!
So much alike! What is Personal Branding? 1. Make a clear, specific, and consistent image of yourself on the internet that reflects who YOU are. 2. Make.

So much alike! What is Personal Branding? 1. Make a clear, specific, and consistent image of yourself on the internet that reflects who YOU are. 2. Make.
11 Section D: SQL  SQL Basics  Adding Records  Searching for Information  Updating Fields  Joining Tables Chapter 11: Databases1.

11 Section D: SQL  SQL Basics  Adding Records  Searching for Information  Updating Fields  Joining Tables Chapter 11: Databases1.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
A Cyber Security Company June 16, 2009 Cyber Security: Current Events and White House Cyberspace Policy Review.

A Cyber Security Company June 16, 2009 Cyber Security: Current Events and White House Cyberspace Policy Review.
Marketing Communications Services www.writeforyoumarketing.com Hayward, WI.

Marketing Communications Services Hayward, WI.
Security Controls – What Works

Security Controls – What Works
Instructions for Weds. Jan. 10 1.Get your Century 21 Jr. textbook 2.Log in to the computers 3.On page 80, read the Objectives listed under “Lesson 13:

Instructions for Weds. Jan Get your Century 21 Jr. textbook 2.Log in to the computers 3.On page 80, read the Objectives listed under “Lesson 13:
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Technical Support Presentation Using the Cisco Technical Support.

1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Technical Support Presentation Using the Cisco Technical Support.
Introduction to the Secure SMTP Server service. Secure SMTP server is a secure, reliable SMTP mail relay server for your outgoing mail. Secure SMTP service.

Introduction to the Secure SMTP Server service. Secure SMTP server is a secure, reliable SMTP mail relay server for your outgoing mail. Secure SMTP service.
GETTING BUTTS INTO THE SEATS. SOCIAL MEDIA FACTS As of tomorrow Facebook will be 10 years old and has an estimated 1.3 BILLION users Facebook StatisticsData.

GETTING BUTTS INTO THE SEATS. SOCIAL MEDIA FACTS As of tomorrow Facebook will be 10 years old and has an estimated 1.3 BILLION users Facebook StatisticsData.
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.

1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.

Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.

1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.
PCI requirements in business language What can happen with the cardholder data?

PCI requirements in business language What can happen with the cardholder data?
-Target -Home Depot -Jimmy John’s “No one wants their personal information or sensitive data in the wrong hands”

-Target -Home Depot -Jimmy John’s “No one wants their personal information or sensitive data in the wrong hands”

Similar presentations

Ads by Google