A Review of Security Vulnerabilities and Defense Frameworks in Mobile Social Networks

Abstract

The convergence of powerful mobile computing and online social networking has given rise to Mobile Social Networks (MSNs), which offer unprecedented utility by leveraging context-aware data. However, this fusion also creates a complex security landscape, aggregating vast amounts of sensitive personal data thus, making MSNs a prime target for adversaries. This paper presents a systematic literature review (SLR) synthesising current knowledge on MSN security threats and defense mechanisms. Guided by four research questions, the review methodology involved a rigorous, PRISMA-guided search of major academic databases from 2014 to 2024, resulting in the analysis of 87 high-quality studies. The findings categorise a diverse threat taxonomy, identifying prevalent client-side vulnerabilities (52% of studies), such as privacy leakage and malware, alongside network-based attacks like eavesdropping and server-side API exploits. Specific attack vectors include location spoofing, identity deception, and social engineering. The analysis classifies defense paradigms into three categories: cryptographic frameworks (45% of studies) offering strong confidentiality but with high overhead, machine learning-based solutions (35%) for adaptive threat detection, and hybrid models (20%) balancing security and performance. A critical evaluation reveals that most defenses are evaluated in simulation, with a common limitation being the significant trade-off between security strength and resource consumption on mobile devices. The review concludes that while robust theoretical and cryptographic solutions exist, their practical adoption is hindered by performance costs, evaluation challenges, and evolving threats like AI-generated attacks. Key research gaps include a lack of standardisation, inadequate location verification, and the need to address the human factor through user education. Future work must prioritise the development of standardised, lightweight, and usable security modules that integrate efficient cryptography and can defend against the next generation of MSN threats without compromising the mobile user experience.