Intelligent Machines

Mining Social Networks for Clues

A researcher shows how programming tools can be used to track users’ real-life movements and behavior.

The dangers of posting sensitive personal information on social-networking sites are well known, but a researcher has now revealed how data mining these sites can dig up undisclosed personal information.

On Wednesday, in a presentation at the Black Hat computer-security conference in Las Vegas, Nitesh Dhanjani detailed how the information posted on social websites like Facebook and Twitter can be mined to find out a person’s whereabouts and activities.

Dhanjani showed data-collection programs that can be created using the programming tools released by such sites. For instance, he showed how to track the movements of politicians and celebrities using Twitter, by mining the service for relevant geographical information. Earlier this year, Republican congressman Pete Hoekstra was criticized for posting information on Twitter that revealed his location while traveling in Iraq.

Dhanjani also showed how to work out what software a person uses to post to Twitter; this information could help an attacker hack into that person’s account, he said.

Sensitive business information can also be revealed by mining social-network connections, Dhanjani said. For example, if there’s a rumor that two companies are in talks for a merger, an interested party could watch the business-networking site LinkedIn for connections between company employees. If a higher-than-average number of connections start forming, this might help to confirm the rumors.

With some social sites, a snooper needs to befriend someone in order to view her personal connections. But last year, two computer-security consultants–Nathan Hamiel of Hexagon Security Group and Shawn Moyer of Agura Digital Security–showed how this can be done by finding a friend of the target who doesn’t yet have a profile and creating a fake one. At that point, the target’s friends will often initiate a social connection themselves.

“The more powerful you are, the more the secrecy of your address book is important,” Dhanjani said, since an attacker can build up significant information about a target just by gaining access to the network.

However, Dhanjani also demonstrated more positive uses of social-network mining. He demonstrated a tool that can filter posts on Twitter by geographic area and search for particular keywords, such as posts mentioning “fire” or “smoke” to provide an earlier warning for emergency responders.

Dhanjani suggested that social networks could also assist with criminal investigations. Today, investigators talk with friends and associates of known criminals to identify accomplices. The connections on social sites could help reveal which people are closest to a target, he said.

Previously, Dhanjani identified a likely credit-card criminal by watching his behavior across a number of social-networking sites. Dhanjani was able to connect the criminal’s profile to a suspected true identity, partly through an analysis of his postings.

Other researchers agree that social-networking sites reveal far more than users often intend. “Legitimate software now does everything malware used to do that we freaked out about,” says Hamiel of Hexagon Security.

Dhanjani noted that social networks have both positive and negative qualities. “I think social media is beautiful, and I use it, too,” he said. As a security researcher, he tries to be careful about what he reveals when he uses Twitter, but he’s discovered that it isn’t possible to fully protect his privacy. “Social media is like a cocktail party,” he said. “In order to get something out of it, you have to give something up.”

Tech Obsessive?
Become an Insider to get the story behind the story — and before anyone else.

Subscribe today

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Premium {! insider.prices.premium !}*

    {! insider.display.menuOptionsLabel !}

    Our award winning magazine, unlimited access to our story archive, special discounts to MIT Technology Review Events, and exclusive content.

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

    Access to the Magazine archive. Over 24,000 articles going back to 1899 at your fingertips.

    Special Discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

    First Look. Exclusive early access to stories.

    Insider Conversations. Listen in as our editors talk to innovators from around the world.

  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus ad-free web experience, select discounts to partner offerings and MIT Technology Review events

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

    Access to the Magazine archive. Over 24,000 articles going back to 1899 at your fingertips.

    Special Discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning magazine and daily delivery of The Download, our newsletter of what’s important in technology and innovation.

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.