Valencia, Spain, March 5th, 2013
Jon Núñez, Pablo Garaizar, Deusto Institute of Technology, University of Deusto
Ulf-Dietrich Reips, University of Deusto, Ikerbasque, Basque Foundation for Science
ONLINE WORKSHOP ON
A SOCIAL ENGINEERING
Social networking is the new
(see Meeker, Devitt, & Wu, 2010)
...but plenty of unforeseen problems.
Learning about privacy is hard.
(see Fischer-Hübner & Lindskog, 2001; Cranor, Hong, & Reiter, 2007; Ovaska & Räihä, 2009; Edbrooke & Ambrose, 2012)
It's not easy to balance the trade-off
between security and usability
© FOX Broadcasting Company
Social Lab tackles some of these problems
providing a social engineering wargame
The art of manipulating people into performing actions or divulging confidential information.
© Universal Studios
Purpose of the game
Learn some of the techniques
used by social hackers
Prevent these kind of attacks
in real social networks
© Columbia Pictures
How to play Social Lab
All the challenges are automated profiles with fake
(disclaimer: no privacy was harmed in the making of this site)
… but real interactions between players are also
(and can affect the results of the game)
Hosted at Udemy
(Buchanan, Paine, Joinson, & Reips, 2006)
Currently we offer:
Info about the project:
English version: http://en.sociallab.es
Spanish version: http://es.sociallab.es
German version: http://de.sociallab.es
Basque version: http://eu.sociallab.es
Social Lab's code:
A free online workshop on
privacy using Social Lab:
●Leiner, B.M.; Cerf, V.G.; Clark, D.D.; Kahn, R.E.; Kleinrock, L.; Lynch, D.C.; Postel, J; Roberts, L.G.;
Wolff, S.S. (1997). The past and future history of the Internet. Communications of the ACM. Volume 40
Issue 2, pp. 102-108.
●Gross, R.; Acquisti, A.. (2005). Information Revelation and Privacy in Online Social Networks. School of
Computer Science & School of Public Policy and Management, Carnegie Mellon University.
●Dhamija, R.; Tygar, J.D.; Hearst, M. (2006). Why Phishing Works. Harvard University – UC Berkeley, pp.
●Festl, R.; Quandt, T. (2012). Social Relations and Cyberbullying: The Influence of Individual and Structural
Attributes on Victimization and Perpetration via the Internet. (Human Communication Research) University
Hohenheim – University of Münster.
●Donegan, R. (2012). Bullying and Cyberbullying: History, Statistics, Law, Prevention and Analysis. Elon
University, pp. 36-39.
●Gottschalk, P. (2011). A Dark Side of Computing and Information Sciences: Characteristics of Online
Groomers. BI Norwegian Business School. Journal of Emerging Trends in Computing and Information
Sciences, pp. 447-451.
●Nooriafshar, M. The Evolution of Learning Methods and Facilities with a view to Internationalising
Education. Faculty of Business, University of Southern Queensland, pp. 4-5.
●Plautus (195 BC). Asinaria.
●Mackness, J., M.; Williams, R. (2010). The ideals and reality of participating in a MOOC. Proceedings of
the 7th International Conference on Networked Learning, University of Lancaster, Lancaster, pp.
●Buchanan, T., Paine, C., Joinson, A. N., & Reips, U. D. (2006). Development of measures of online privacy
concern and protection for use on the Internet. Journal of the American Society for Information Science
and Technology, 58(2), 157-165.
●Meeker, M., Devitt, S. & Wu, L. (2010, June 7), Internet Trends, Morgan Stanley Research. Retrieved from:
●Johnson, M. (2011). Winning the Cyber Security Game. MediaSmarts, Media Awareness Network.
Retrieved from: http://cira.ca/assets/Documents/Publications/WinningCyberSecurityGameLesson.pdf
●Johnson, M. (2011). Privacy Pirates: An Interactive Unit on Online Privacy. MediaSmarts, Media Awareness
Network. Retrieved from: http://mediasmarts.ca/blog/privacy-pirates-interactive-unit-online-privacy
●Johnson, M. (2011). From Passport to MyWorld: Media Awareness Network extends digital literacy skills
to secondary students. MediaSmarts, Media Awareness Network. Retrieved from:
Data from the first 100 users
181 friendship requests
(26 accepted, 7 rejected, 148 pending)
101 status updates
(13 public, 616 private)
Distribution of achieved challenges:
All rights of images are reserved by the
original owners*, the rest of the
content is licensed under a Creative
Commons by-sa 3.0 license
* see references in each slide