Security and privacy in social networks

This special issue collates a selection of representative research articles that were primarily presented at the 9th International Conference on Network and System Security. This annual conference brings together researchers and practitioners from both academia and industry who are working on security and privacy in computer systems and social networks, in order to promote an exchange of ideas, discuss future collaborations, and develop new research directions. Online social networks have pervaded all aspects of our daily lives. With their unparalleled popularity, online social networks have evolved from platforms for social communication and news dissemination, to indispensable tools for professional networking, social recommendations, marketing, and online content distribution. Because of their scale, complexity, and heterogeneity, many technical and social challenges in online social networks must be addressed. It has been widely recognized that security and privacy are the critical issues in online social networks. This special issue presents many examples of how researchers, scholars, vendors, and practitioners are collaborating to address security and privacy research challenges. The scope of this special issue is broad and is representative of the multi-disciplinary nature of privacy and security. In addition to submissions that deal with malicious attacks, information control and detection, privacy protection, network data analytics for security and privacy, trust and reputation in social networks, this issue also includes articles that address practical challenges with privacy-preserving data publishing and efficient data encryption schemes. Protecting the security and privacy of user data in the context of social networks is a central topic of this issue. Xiaofen Wang et al. [3] propose a new privacy-preserving data search and sharing protocol for social networks. The protocol leverages an ID-based multi-user searchable encryption scheme to achieve data search pattern privacy-preserving, anonymity, and request unlinkability. Majed Alrubian et al. [4] describe a novel approach for finding credible sources among Twitter social network users to detect and prevent various malicious activities. They combine analysis of the user’s reputation on a given topic, as well as a measure of the user’s sentiment to identify topically relevant and credible sources of information. Shuhong Chen et al. [9] propose a new multi-dimensional fuzzy trust evaluation method for mobile social networks. They construct implicit social behavioral graphs based on dynamic complex community structures to infer trust relations between users. Zechao Liu et al. [6] propose a new offline and online attribute-based encryption scheme with verifiable outsourced decryption. Using the proposed scheme, the majority of the computational workload in decryption can be outsourced to third parties. Chunyong Yin et al. [8] propose an improved anonymity model for big data security based on clustering algorithm. The model integrates K-anonymity with L-diversity and addresses the problem of imbalanced sensitive attribute distribution. The security and privacy issues under emerging scenarios, such as mobile and cloud computing, Internet of Things, etc., are interesting topics of this issue. Shasi Pokharel et al. [1] describe a new attacking method for codec identification and decoding of captured communications from 15 popular Android VoIP apps. Using this method, the authors can recover the original voice conversations from intercepted calls. Bowei Yang et al. [2] propose a Quality of Service-aware indiscriminate volume storage cloud scheme over dynamic networks. The scheme employs a data redundancy policy based on indiscriminate recovery volumes and Quality of Service-aware data replacement strategy. Keke Gai et al. [7] present a secure cyber incident analytics framework using Monte Carlo Simulations for financial cyber-security insurance in cloud computing. Jiageng Chen et al. [5] propose a novel variable message encryption scheme for constrained devices in Internet of Things. The authors present two different block cipher compression functions to satisfy efficiency and upper security bound, respectively.