Role of Social Networks in E-government: Risks and Security Threats

Social networks are becoming an important intermediary for interaction between governments, citizens, governmental agencies and business sectors. The popularization of social networks among users allows transforming public administration into open governance form and changing government-citizen relationships. There are various applications of social media to enable communication between users and share personal information. Currently, different attacks on social networks targeting the e-government system pose a great risk for users. In paper the role of social networks and security in e-government is examined. Potential threats targeting the confidentiality and security of each social network user are analyzed and classified. A multi-criteria evaluation method is proposed for analysis of social networks security threats. Potential threats are ranked according to the criteria determined by the Fuzzy TOPSIS method. In the numerical study, the social network security threats are evaluated and ranked according to selected criteria (such as interception of confidential information, reputation loss in government-citizen (G2C) relations and organization of social-political conflicts).


INTRODUCTION
Currently, social networks are very popular in the world. Millions of people use different forms of social networks that allow them to communicate with friends, relatives, and share personal information. However, popularity of social networks creates a great risk for their users (Fire, Goldschmidt, & Elovici, 2014;Kayes & Iamnitchi, 2017;Novak & Li, 2012;Rathore et al., 2017). Rapid increase in the amount of personal information shared by social network users turns them into a desirable target of the malicious users. When uploading multimedia content such as user photos, videos and others, there may be various problems with the privacy and security of user data (Dreßing, et al., 2014;Fire, Goldschmidt, & Elovici, 2014;Gao, et al., 2011;Kayes & Iamnitchi, 2017). Uploaded multimedia content can carry information transmitted through the virus that begins distributing on the social network site and beyond its boundaries almost immediately after uploading. Interception of sensitive personal information as well as spam, malware, social bots and identity theft can be carried out as a result of malicious attacks (Fire, Goldschmidt, & Elovici, 2014;Rathore, et al., 2017;Zhang & Gupta, 2016). At the same time, the personal information intercepted for malicious purposes may be subject to serious cybercrime such as bank fraud or transaction fraud using user-sensitive information (Rathore, et al., 2017;Zhang & Gupta, 2016). According to researchers, the attacks on social networks have a wide range of applications ranging from the interception of personal data to distribution of malware (Raggo, 2016;Rathore et al., 2017).
An extremely skillful attack can endanger the corporate network and is a serious threat to users. The Internet Security Threat Report (2016) shows that the increase in hackers' use of social networks cannot be denied (Symantec, 2016). According to researchers and experts and analysis of existing statistics of attacks on social networks shows that social networks for hackers are the best way to realizing cybercrime (Fire, Goldschmidt & Elovici, 2014;Kayes & Iamnitchi, 2017;Rathore et al., 2017;Zhang & Gupta, 2016).
In the research, social networks threats are analyzed and a summary of the various current threats is reviewed. The goal is to assess the potential threats in order to achieve a secure, efficient and secure social networking ecosystem. Identifying, evaluating and preventing threats to the security of social networks allow understanding the basic principles and perspectives of the social network security concept. In the research, the potential threats to social security are evaluated and the perspective research directions are identified.
level. Network societies can function simultaneously in several directions: connecting people to reach a certain goal, dissemination of information, flexible mechanisms for regulating the political course, citizen-government relations, and so on. (Karakiza, 2014;Khasawneh & Abu-Shanab, 2013). Particular attention should be paid to the application of key components of egovernment in the most dynamically developing social networks in the field of modern social communications in the context of existing research, as well as identifying potential risks and adverse trends in the content exchange process. Researches show that in the past few years, a number of topical research trends have emerged with application of Web 2.0 technologies in the e-government (Alguliyev & Yusifov, 2018;Alotaibi, Ramachandran, et al., 2016;Chun et al., 2010, Parveche & Sachs, 2010Rodruguez-Bolivar, 2017;Ubaldi, 2013). Researches on Web 2.0, social media, social networks and their use in the public sector show that issues such as the formation of social media and the role of social networks in public administration have been widely studied (Alguliyev & Yusifov, 2018;Kaur & Saini, 2016;Magro, 2012;Park et al., 2016). Key research areas include the role of social networks building a feedback between e-government and citizen, security issues establishing interactions with public authorities using social networks, transformation of social culture and management forms in the use of social media in egovernment.
Social networks have a significant impact on the performance of governments. For example, as a result of the survey, it has been shown that the impact of social media on the political activity of citizens and political participation is increasingly important (Grubmüller, Götsch, & Krieger, 2013;Kamiloglu & Erdogan, 2014;Park et al., 2016;Rainie et al., 2012). Experts note that social media will help governments to become more transparent by providing citizens with better service and access to information, by opening an active channel with them, and ultimately empowering citizens (Bertot, Jaeger & Grimes, 2010;Khasawneh & Abu-Shanab, 2013;Song & Lee, 2016). Also, if governments use such sites effectively, it will enable them to become more effective and active participants in society. In terms of e-participation, social media provides new communication tools to quickly and efficiently deliver any message or news from governments (Aladalah, Cheung, & Lee, 2015;Alguliyev & Yusifov, 2018). Citizens can participate in online discussions with their local and national governments on issues of public interest. This will create a more open, transparent and mutually acceptable relationship between citizens and governments (Alguliyev & Yusifov, 2018;Khasawneh & Abu-Shanab, 2013).
Note that public authorities using social networking analyses pay attention to people as citizens and not as customers and consumers, and expand their activities in publicpolitical areas. Therefore, social media analytics aimed at government purposes requires better judgment for the legal and ethical aspects of various reasons (Grubmüller, Götsch, & Krieger, 2013;Park et al., 2016;Rainie et al., 2012).
First of all, the concept of confidentiality in social media is almost completely changed (Rathore et al., 2017). Participants are less concerned to share personal information about themselves and their friends. It is difficult for the user to distinguish which information is for public or private use. The concept of confidentiality is becoming increasingly incomprehensible and in general, the lack of clear media confidentiality in ICT field and social media accelerates this process. While the problem of confidentiality seems to be less important for social media users, empirical evidence suggests that such concerns are rising when users communicate directly with government agencies (Facebook 1,2 , 2018; Rathore et al., 2017;Silic & Back, 2016). As a result, citizens' acceptance of the use of the social media by the governments requires legitimacy. Therefore, it is essential for governments to comply with the existing legal norms to ensure the safety and confidentiality of citizens' information (Grubmüller, Götsch, & Krieger, 2013;Park et al., 2016).
To protect confidentiality, governments should only use publicly available information. This means that with the help of appropriate analytical tools, citizens' information they share in their personal accounts should be collected, but they must limit them to public listed posts. In spite of the numerous advantages of social networks such as functional element of e-government in the Internet, they remain a real threat to public security. In recent years, social networks have become even more popular and, according to statistics, the number of users is expected to grow rapidly every year by 2020 (Rathore et al., 2017). At the same time, the growth dynamics of users has dramatically increased the number of security vulnerabilities that impact users' confidentiality.
Users share a large number of personal information on social networks, and this makes them a target for various types of Internet threats including identity theft, spamming, phishing, online predators, Internet fraud and so on. (Fire, Goldschmidt & Elovici, 2014;Kayes & Iamnitchi, 2017;Novak & Li, 2012;Raggo, 2016;Rathore et al., 2017). Social networks provide extensive opportunities for hackers to identity theft. In such types of attacks, a malicious person, without the user's consent, can intercept his or her personal information, including bank accounts, phone numbers, addresses etc., and use them to commit cybercrime. For example, many social networks, such as Facebook, offer game apps to their users. These applications require personal information such as user credit card information, phone number, email address etc. to complete the registration process. Of course, the risk of personal data theft and phishing attacks is increased when a user provides the phone number and credit card information. In some cases, applications may cause the user to resort distract the user's attention to harmful content and damage their reputation.
Another important issue is that many companies collect information from different sources, third-party resources, including social networks to create a user profile to sell products and disclosure user behavior. Social network users are unable to determine for which purpose the shared data will be used, due to the unauthorized collection of user's data and the unawareness of the users about these technologies. For example, user data can be transmitted to law enforcement for security reasons or may be used by the vendor for marketing purposes. In this regard, social networking profile, collected large volume of personal data, the user behavior data etc. can directly affect the user. (CareerBuilder; Facebook 1.2 , Dreßing et al., 2014;Khan, Swar, & Lee, 2014;Rathore et al., 2017;Silic & Back, 2016). Note that regardless of how convenient and effective the e-government system is, if it does not provide reliable protection of confidential information it will always face with the resistance of the citizens, and in this case it is very difficult to recover lost trust.

SOCIAL NETWORKS SECURITY THREATS
Social networks are currently very popular and the number of their users is growing rapidly. Social networks such as Facebook, Flickr and Twitter allow billions of users to share personal data and multimedia data with friends, relatives and other online users. User data is used illegally by malicious users and various organizations for the purpose of increasing their profits. There are many security threats in the social network that threaten users' shared data (Fire, Goldschmidt & Elovici, 2014;Kayes & Iamnitchi, 2017;Novak & Li, 2012;Rathore et al., 2017).
One of the most noticeable potentially harmless options in the social networking context can be the unauthorized use of personal information for advertisement purposes, selection of the potential the acquaintances or selection of content that may be of interest. These methods are regarded as a standard mechanism within social networks and everyone is aware that personal information is collected, analyzed and used for various purposes, including commercial use (Sandsmark, 2011). The transfer of personal data from various social networks has already been confirmed for a fact (CareerBuilder; Facebook 1,2 , Rathore et al., 2017). One of the biggest problems for users is that, as a consequence of the social network's fault, multiple user-specific data leakage may be noted within the framework of various projects. One of the causes of serious disturbance is the hacking of user accounts or account loss and the intercept of all personal information. When this situation becomes massive, more serious problems occur. There are many potential threats to users such as technical vulnerabilities, viruses, Trojan horse, phishing and other malicious software, and can be used to intercept the user's confidential information (Raggo, 2016;Silic & Back, 2016). Phishing attack is one of the most widespread attacks by cybercriminals according to experts, and the main target is Internet payments, Internet banking, online games, Internet stocks, Web 2.0 technology used sites and so on (Raggo, 2016;Rathore et al., 2017;Silic & Back, 2016).
In addition to the threat of personal data manipulation, social networks are a tool for mass protests in the context of public security threats. The destructive challenges in social networks are exposed to external interference, causing government-citizen conflicts, protests in a short period of time. For example, in research Nien (2017), the role of social media in establishing a chain of equivalence between activists participating in protest movements is explored. Note that socially trusted social networks are used quite successfully in the e-government segment for the protection of government interests, achieving transparency in government-citizen relations, enhancing effectiveness in decision-making and enhancing e-participation mechanisms.
The first category includes multimedia content threats used to user profiles disclosure. Obviously, content sharing is one of the most important functions of social networks. The most common form of this type of data is multimedia content. However, shared highquality images, videos are used in a variety of ways, increasing the probability of interception of location information, face recognition, and other data, and creates conditions for illegal use.
The second category includes traditional threats. Vulnerabilities in the social network infrastructure are used to attack users in different ways. Phishing, malicious software for intercepting personal data etc. can be shown as traditional attack methods. This information is used as a very effective tool for malicious acts. Malicious person can commit more serious cybercrimes after intercepting confidential information, bank information etc.
The third category includes social threats. These threats have more coverage and disclosure of social relationships among social network users is a potential threat to them.
Malicious persons may deliberately commit cyber-crime against a certain social group, for example a company employee, by disclosing the relationships between social network users in different ways. For example, people from different social groups can be instigated to commit cybercrime, espionage, share malicious information etc., being motivated by offered gifts, money or due to blackmail.
The fourth category includes threats targeting children and teenagers. Obviously, children and teenagers face many threats on social networks. However, there are a number of threats that specifically target young people and teenagers in the social network. These threats include children's cyber-bullying, cyber-stalking, cyber-blackmail, cyber-grooming, abuse of trust and so on. For example, in some cases cyber threats to children can have disastrous consequences, and in practice, there are facts about children committing suicides to end their lives. Social network threats can be categorized as shown in Table 1.
In literature, various categories of social networks security threats are classified (Fire, Goldschmidt & Elovici, 2014;Rathore et al., 2017). The types of threats and their impact on users are analyzed and classified by organizations and research institutions dealing with security issues (Kayes & Iamnitchi, 2017;Novak & Li, 2012).
Thus, expanding the capabilities of e-government in social networks has a significant impact on socio-communication processes and the development of e-democracy in the country. Besides, increased access to information resources and sources increases the number of threats and risks. Note that information interaction is an essential component of e-government, information security is a preventive measure aimed at struggle cyberterrorism and interception of personal information. Failure to maintain the confidentiality of personal data, regardless of whether the e-government system is effective, transparent and comfortable will result in the loss of citizens' trust in the system and the failure of the e-government project in general. In this regard, the evaluation of potential social network security threats allows the development of more effective management methods.
A model for evaluating the social networks security threats based on the fuzzy TOPSIS (Technique for Order Preferences by the Similarity to Ideal Solution) method is proposed in this paper. The TOPSIS method allows calculating an integral index for alternatives taking into account many criteria and provides ranking of alternatives for the procedure of selection the options with the decision maker. The Fuzzy TOPSIS method was used to select and rank the alternatives and make group decisions in a number of application issues (Alguliyev et al., 2016;Capaldo & Zollo, 2001;Chang, Yeh, & Chang, 2013;Dursun & Karsak, 2010;Kelemenis & Askounis, 2010;Rouyendegh & Erkan, 2013;Tuan, 2017). Note that the most commonly used AHP (Analytical Hierarchy Processes) method for multi-criteria ranking of alternatives has a number of deficiencies. This includes difficulty of calculation, contradiction of expert estimates due to large number of experts etc. (Alguliyev et al., 2016).
Let's review the evaluation of social network security threats based on fuzzy TOPSIS method.
Step 1: Construct a decision matrix for the ranking.
Step 2: Choose of linguistic variables for the alternatives with the respect to criteria.
Step 3: Calculation of aggregate fuzzy rating for alternatives.
Step 4: Normalize the aggregate fuzzy decision matrix.
Step 8: Calculation of closeness index of each alternative. The closeness index for each is calculated as following: = − − + + , = 1,2, . . . , Step 9: Ranking the alternatives. Alternatives are ranked in descending order based on value and select the alternatives with highest value.

NUMERICAL EXPERIMENT
Let's assume that malicious attacks targeting the e-government system are committed against social network users. Social network security threats are likely to be: 1 -phishing; The criteria used to evaluate the threats include: 1 -interception of confidential information; 2 -reputation loss in government-citizen (G2C) relations; 3 -organize of social-political conflicts.
The appropriate linguistic variables are represented to evaluate alternatives to each criterion. Decision makers use the TFN linguistic variables provided in Table 2 to evaluate alternatives in relation to criteria.

According to
Step 1 and Step 2, decision matrixes based on evaluation of decision makers (experts) in accordance with 5 alternatives are shown in Table 3-7.  According to step 4, the normalized aggregate fuzzy decision matrix for benefit criterion is shown in Table 8.
As described in Table 9, social networks security threats are ranked in accordance with 3 , 2 , 5 , 1 and 4 sequence. As the result shows in this case, according to the criteria selected, unauthorized access to user messages is the greatest threat to the social network security.

CONCLUSION
Nowadays, social networks are very popular among users and the number of users is growing rapidly. Such popularity of social networks allows transforming public administration into open governance form. From this point of view, social networks create a bilateral communication environment between government and citizen that promotes government transparency and the development of a democratic society. Note that transparency in the governance can be achieved through the creation of a feedback mechanism on government-citizen relations.
However, the popularity of social networks creates great risks for their users. Rapid increase in the amount of personal information shared by social network users turns them into a desirable target of the malicious people. At the moment, various attacks targeting the e-government system are carried out against social networks and these are considered a major threat to users. The paper explores the role of social networks in e-government and security issues. Potential social networks security threats are analyzed and classified. The attacks on social networks are classified into 4 categories (multimedia content threats, personal information security threats, socially directed threats, threats targeting children).
The paper recommends a multi-criteria evaluation method to analyze social security threats. Potential threats are categorized according to the criteria determined by the fuzzy TOPSIS method. The numerical experiment assumes that social network users will be exposed to a variety of malicious attacks (phishing; fake user profiles; unauthorized access to user messages; sensitive information disclosure; cyber-stalking). Based on the proposed approach, the threats are evaluated and ranked based on criteria such as interception of confidential information, reputation loss in government-citizen (G2C) relations and organization of social-political conflicts. The calculation process of the proposed method is not complicated and the results of a numerical experiment are shown. In future studies, empirical research will be preferred using hybrid methods to evaluate threats in order to form a safe and secure social network eco-environment.