Exploring the security and privacy risks of chatbots in messaging services

Edu, Jide S.; Mulligan, Cliona; Pierazzi, Fabio; Polakis, Jason; Suárez-Tangil, Guillermo; Such, José M.

doi:10.1145/3517745.3561433

Cited by 12 publications

(10 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…From the systematic literature review, we have identified several articles related to security threats and vulnerabilities in chatbots. Specifically, five articles [6][7][8]10,16] were found to be related to security threats and vulnerabilities in chatbots. These articles discussed potential attacks that could compromise the security of chatbots, such as malicious input, user profiling, contextual attacks, and data breaches.…”

Section: Resultsmentioning

confidence: 99%

“…For example, if a healthcare chatbot is compromised, an attacker may gain access to sensitive patient data such as medical histories, prescriptions, and other personal information. Similarly, if a finance chatbot is breached [12,13], an attacker may gain access to users' financial data, such as credit card numbers, bank account details, and transaction histories.Another important aspect of information security in chatbots is the need to maintain user trust and confidence in these systems [6][7][8][9][14][15][16][17][18]. Users must feel confident that their personal information is secure and protected when using chatbots.…”

Section: Introductionmentioning

confidence: 99%

“…In terms of research challenges, one of the major challenges is the evolving nature of security threats and vulnerabilities [6][7][8][9][10]16]. As chatbots become more intelligent and capable, new types of attacks may emerge that exploit previously unknown vulnerabilities.…”

Section: Introductionmentioning

confidence: 99%

“…Additionally, the development of secure chatbots requires a multidisciplinary approach that encompasses not only technical security measures but also user trust, privacy, and ethical considerations [6][7][8][9][14][15][16][17]. Developers must consider the potential impact of chatbots on society and ensure that chatbots are designed and deployed in an ethical and responsible manner [26].…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Systematic Literature Review of Information Security in Chatbots

et al. 2023

View full text Add to dashboard Cite

Chatbots have become increasingly popular in recent years, but they also present security risks and vulnerabilities that need to be addressed. This systematic literature review examines the existing research relating to information security in chatbots, identifying the potential threats, proposed solutions, and future directions for research. The review finds that chatbots face various security threats, including malicious input, user profiling, contextual attacks, and data breaches, and that solutions such as blockchain technology, end-to-end encryption, and organizational controls can be used to mitigate these concerns. The review also highlights the importance of maintaining user trust and addressing privacy concerns for the successful adoption and continued use of chatbots. A taxonomy developed in this review provides a useful framework for categorizing the articles and their findings. The review concludes by identifying future research directions that include developing more sophisticated authentication and authorization mechanisms, exploring the use of privacy-enhancing technologies, and improving the detection and prevention of security threats, among others. This review contributes to the growing body of literature on information security in chatbots and can guide future research and practice in this field.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Systematic Literature Review of Information Security in Chatbots

et al. 2023

View full text Add to dashboard Cite

show abstract

“…This opens the door to malicious activities and gives a chance to social engineering, man-in-the-middle, and phishing attacks for compromising sensitive information like hackers use bots as tools to imitate humans to trick them into submitting their payment details [40]. The victim unknowingly trusts chatbot requests and does not know that the chatbot is controlled by a cybercriminal group, so hackers collect a large amount of personal data from users through chatbots from numerous conversations with end users every day [41].…”

Section: Ai Based Chatbots Security Threatsmentioning

confidence: 99%

Comprehensive Framework for Implementing Blockchain-enabled Federated Learning and Full Homomorphic Encryption for Chatbot security System

Jalali,

Chen

2024

Preprint

View full text Add to dashboard Cite

Chatbot is an artificial intelligence application that can provide a conversational environment between human and machine. Most organizations and industries are willing to lay out their services through chatbot because it can provide 24/7 customer support. Meanwhile it raises security and privacy challenges like access control, data leakage during transmission, SQL injection attack, language model attack which make the users concerned about their data, performance and accuracy. Therefore this research paper proposed a comprehensive framework integrated blockchain, federated learning and fully homomorphic encryption algorithm with face recognition to solve above mentioned chatbot’s challenges. The experimental result shows that distributed system improves chatbot accuracy (90%) and more transaction in less time with more clients do not affect the performance. In contrast, more iteration and clients will decrease the accuracy, performance and transactions in centralized system. In addition, fully homomorphic encryption improve and speed up data encryption process. It encrypted more data (1792 MB) in a small amount of 1240 time/sec and conversation/transactions can be transferred via a secure network to ensure the confidentiality, integrity and authenticity of users’ data. The implementation of such comprehensive framework in real-life can improve chatbot security that is actively work as a customer agent in organization.

show abstract

A literature review of user privacy concerns in conversational chatbots: A social informatics approach: An Annual Review of Information Science and Technology (ARIST) paper

Gumusel

2024

Asso for Info Science & Tech

View full text Add to dashboard Cite

Since the introduction of OpenAI's ChatGPT‐3 in late 2022, conversational chatbots have gained significant popularity. These chatbots are designed to offer a user‐friendly interface for individuals to engage with technology using natural language in their daily interactions. However, these interactions raise user privacy concerns due to the data shared and the potential for misuse in these conversational information exchanges. Furthermore, there are no overarching laws and regulations governing such conversational interfaces in the United States. Thus, there is a need to investigate the user privacy concerns. To understand these concerns in the existing literature, this paper presents a literature review and analysis of 38 papers out of 894 retrieved papers that focus on user privacy concerns arising from interactions with text‐based conversational chatbots through the lens of social informatics. The review indicates that the primary user privacy concern that has consistently been addressed is self‐disclosure. This review contributes to the broader understanding of privacy concerns regarding chatbots the need for further exploration in this domain. As these chatbots continue to evolve, this paper acts as a foundation for future research endeavors and informs potential regulatory frameworks to safeguard user privacy in an increasingly digitized world.

show abstract

Exploring the security and privacy risks of chatbots in messaging services

Cited by 12 publications

References 28 publications

A Systematic Literature Review of Information Security in Chatbots

A Systematic Literature Review of Information Security in Chatbots

Comprehensive Framework for Implementing Blockchain-enabled Federated Learning and Full Homomorphic Encryption for Chatbot security System

A literature review of user privacy concerns in conversational chatbots: A social informatics approach: An Annual Review of Information Science and Technology (ARIST) paper

Contact Info

Product

Resources

About