nach oben

Knowledge and Information Systems

Erschienen in:

16.11.2016 | Regular Paper

Shall I post this now? Optimized, delay-based privacy protection in social networks

verfasst von: Javier Parra-Arnau, Félix Gómez Mármol, David Rebollo-Monedero, Jordi Forné

Erschienen in: Knowledge and Information Systems | Ausgabe 1/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Despite the several advantages commonly attributed to social networks such as easiness and immediacy to communicate with acquaintances and friends, significant privacy threats provoked by unexperienced or even irresponsible users recklessly publishing sensitive material are also noticeable. Yet, a different, but equally significant privacy risk might arise from social networks profiling the online activity of their users based on the timestamp of the interactions between the former and the latter. In order to thwart this last type of commonly neglected attacks, this paper proposes an optimized deferral mechanism for messages in online social networks. Such solution suggests intelligently delaying certain messages posted by end users in social networks in a way that the observed online activity profile generated by the attacker does not reveal any time-based sensitive information, while preserving the usability of the system. Experimental results as well as a proposed architecture implementing this approach demonstrate the suitability and feasibility of our mechanism.

Vorheriger Artikel Synchronization-based scalable subspace clustering of high-dimensional data

Nächster Artikel Identification of critical situations via Event Processing and Event Trust Analysis

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Aggregated Facebook and Twitter activity profiles are shown in [7] per country, during and before Ramadan.

SocialNumber (http://www.socialnumber.com) is an example of such networks, where users must choose a unique number as identifier.

Clearly, if the attacker was the social networking platform, any information disclosed by the user would be known to the adversary.

According to [35], the data minimization principle means that a data controller, e.g., the social networking platform, should restrict the collection of personal data to what is strictly necessary to achieve its purpose. Also, it implies that the controller should store the data only for as long as is necessary to fulfill the purpose for which the information was collected.

A tweet is a message sent using Twitter.

This is in contrast to other information systems where user data (e.g., tags, queries or ratings) are simpler to process.

Messages exchanged on Twitter are publicly visible by default.

Those time instants are, in fact, time periods of 1 h each. In particular, the time index i consists in the interval \((i-1,i]\).

This would be, in fact, transparent to the user. The software installed on the user’s machine would decide whether a message is to be delayed or not.

Here users’ profiles do not capture their interests, but their online activity.

Recall from Sect. 3.5 that Shannon’s entropy is regarded here as a measure of privacy gain, whereas the KL divergence is interpreted as a measure of privacy risk.

https://dev.twitter.com.

We omit the distribution of the critical deferral rate for the uniform strategy since, as commented in Sect. 6.2, this strategy achieves critical privacy only when \(\varphi =1\). Consequently, the PMF of the critical rate is the trivial Dirac delta function centered at 1.

Rosenblum D (2007) What anyone can know: the privacy risks of social networking sites. IEEE Secur Priv 5(3):40–49CrossRef

Heatherly R, Kantarcioglu M, Thuraisingham B (2013) Preventing private information inference attacks on social networks. IEEE Trans Knowl Data Eng 25(8):1849–1862CrossRef

Lindamood J, Heatherly R, Kantarcioglu M, Thuraisingham B (2009) Inferring private information using social network data. In: Proceedings of the 18th international conference on World wide web. ACM, pp 1145–1146

Gómez Mármol F, Gil Pérez M, Martínez Pérez G (2014) Reporting offensive content in social networks: toward a reputation-based assessment approach. IEEE Internet Comput 18(2):32–40. doi:10.1109/MIC.2013.132 CrossRef

Pina Ros S, Pina Canelles A, Gil Pérez M, Gómez Mármol F, Martínez Pérez G (2015) Chasing offensive conducts in social networks: a reputation-based practical approach for Frisber. ACM Trans Internet Technol 15(4):1–20. doi:10.1145/2797139

Younis Z, Khatib RA (2014) Trending in Ramadan—what do people tweet about during the holy month? The Online Project. Technical report [Online]. http://www.theonlineproject.me/files/reports/Trending_in_Ramadan_-_English1

Social media in ramadan—Exploring arab user habits on Facebook and Twitter. The Online Project. Technical Report 2013. [Online]. http://theonlineproject.me/files/newsletters/Social-Media-in-Ramadan-Report-English

Bilge L, Strufe T, Balzarotti D, Kirda E (2009) All your contacts belong to us: automated identity theft attacks on social networks. In: Proceedings of ACM international WWW conference, Sanibel Island, FL, pp 551–560

Douceur JR (2002) The sybil attack. In: Proceedings of international workshop peer-to-peer syst. (IPTPS). Springer, London, UK, pp 251–260

10.

Yu H, Kaminsky M, Gibbons PB, Flaxman A (2006) SybilGuard: defending against Sybil attacks via social networks. In: Proceedings of ACM conference special interest group data Communications (SIGCOMM), Pisa, Italy, pp 267–278

11.

Yu H, Gibbons PB, Kaminsky M, Xiao F (2010) Sybillimit: a near-optimal social network defense against sybil attacks. IEEE/ACM Trans Netw 18(3):885–898CrossRef

12.

Zhou B, Pei J (2008) Preserving privacy in social networks against neighborhood attacks. In: Proceedings of IEEE interantoinal conference on data engineering (ICDE), Cancún, Mexico, pp 506–515

13.

Zhou B, Pei J (2011) The \(k\)-anonymity and \(l\)-diversity approaches for privacy preservation in social networks against neighborhood attacks. Knowl Inform Syst 28(1):47–77CrossRef

14.

Shen X, Tan B, Zhai C (2007) Privacy protection in personalized search. ACM Spec. Interest Group Inform. Retrieval (SIGIR) Forum 41(1):4–17. [Online] doi:10.1145/1273221.1273222

15.

Chaum D (1981) Untraceable electronic mail, return addresses, and digital pseudonyms. Commun ACM 24(2):84–88CrossRef

16.

Cottrell L (1994) Mixmaster and remailer attacks. [Online]. http://obscura.com/~loki/remailer/remailer-essay.html

17.

Danezis G (2003) Mix-networks with restricted routes. In: Proceedings of international symposium on privacy enhancing technologies (PETS). Lecture notes computer science (LNCS), pp 1–17

18.

Kesdogan D, Egner J, Büschkes R (1998) Stop-and-go mixes: providing probabilistic anonymity in an open system. In: Proceedings of information hiding workshop (IH). Springer, pp 83–98

19.

Berthold O, Pfitzmann A, Standtke R (2000) The disadvantages of free MIX routes and how to overcome them. In: Proceedings of designing privacy enhancing technologies: workshop on design issues in anonymity and unobservability. Series Lecture notes computer science (LNCS). Springer, Berkeley, CA, pp 30–45

20.

Díaz C, Seys S, Claessens J, Preneel B (2002) Towards measuring anonymity. In: Proceedings of international symposium on privacy enhancing technologies (PETS), Series Lecture notes on computer science (LNCS), vol 2482. Springer, pp 54–68

21.

Serjantov A, Danezis G (2002) Towards an information theoretic metric for anonymity. In: Proceedings of international symposium on privacy enhancing technologies (PETS), vol 2482. Springer, pp 41–53

22.

Steinbrecher S, Kopsell S (2003) Modelling unlinkability. In: Proceedings of internaional symposium on privacy enhancing technologies (PETS). Springer, pp 32–47

23.

Díaz C (2005) Anonymity and privacy in electronic services. Ph.D. dissertation, Katholieke University, Leuven

24.

Rebollo-Monedero D, Forné J (2010) Optimal query forgery for private information retrieval. IEEE Trans Inform Theory 56(9):4631–4642MathSciNetCrossRef

25.

Howe DC, Nissenbaum H (2009) Lessons from the identity trail: privacy, anonymity and identity in a networked society. NY: Oxford Univ. Press, ch. TrackMeNot: Resisting surveillance in Web search, pp 417–436. [Online]. http://mrl.nyu.edu/~dhowe/trackmenot

26.

Parra-Arnau J, Perego A, Ferrari E, Forné J, Rebollo-Monedero D (Jan. 2014) Privacy-preserving enhanced collaborative tagging. IEEE Trans. Knowl. Data Eng., 26(1):180–193, [Online]. Available: doi:10.1109/TKDE.2012.248

27.

Parra-Arnau J, Rebollo-Monedero D, Forné J, Muñoz JL, Esparza O (2012) Optimal tag suppression for privacy protection in the semantic Web. Data Knowl Eng 81–82:46–66 [Online]. doi:10.1016/j.datak.2012.07.004

28.

Deng M (2010) Privacy preserving content protection. Ph.D. dissertation, Katholieke University, Leuven

29.

Levine BN, Reiter MK, Wang C, Wright M (2004) Timing attacks in low-latency mix systems. In: Proceedings of international financial cryptography conference. Springer, pp 251–265

30.

Bauer K, McCoy D, Grunwald D, Kohno T, Sicker D (2007) Low-resource routing attacks against anonymous systems. University of Colorado, Technical report

31.

Murdoch SJ, Danezis G (2005) Low-cost traffic analysis of tor. In: Proceedings of IEEE symposium security and privacy (SP), pp 183–195

32.

Pfitzmann B, Pfitzmann A (1990) How to break the direct RSA implementation of mixes. In: Proceedings of annual international conference on the theory and applications of cryptographic techniques (EUROCRYPT). Springer, pp 373–381

33.

Grossman WM (1996) alt.scientology.war, [Online]. www.wired.com/wired/archive/3.12/alt.scientology.war_pr.html

34.

AOL search data scandal (2006) Accessed on 15 November 2013. [Online]. http://en.wikipedia.org/wiki/AOL_search_data_scandal

35.

European data protection supervisor (2013) [Online]. http://www.edps.europa.eu

36.

Twitter charts - xefer. [Online]. http://xefer.com/twitter/

37.

Xu Y, Wang K, Zhang B, Chen Z (2007) Privacy-enhancing personalized Web search. In: Proceedings of the international WWW conference. ACM, pp 591–600

38.

Ye S, Wu F, Pandey R, Chen H (2009) Noise injection for search privacy protection. In: Proceedings of international conference on computer science engineering. IEEE Computer Society, pp 1–8

39.

Erola A, Castellà-Roca J, Viejo A, Mateo-Sanz JM (2011) Exploiting social networks to provide privacy in personalized Web search. J Syst Softw 84(10):1734–745. [Online]. http://www.sciencedirect.com/science/article/pii/S0164121211001117

40.

Parra-Arnau J, Rebollo-Monedero D, Forné J (2014) Measuring the privacy of user profiles in personalized information systems. Future Gen Comput Syst (FGCS), Special Issue Data, Knowl Eng 33:53–63 [Online]. doi:10.1016/j.future.2013.01.001

41.

Hildebrandt M, Backhouse J, Andronikou V, Benoist E, Canhoto A, Diaz C, Gasson M, Geradts Z, Meints M, Nabeth T, Bendegem JPV, der Hof SV, Vedder A, Yannopoulos A (2005) Descriptive analysis and inventory of profiling practices—deliverable 7.2. Future Identity Information Society (FIDIS), Technical report

42.

Hildebrandt M, Gutwirth S (eds) (2008) Profiling the European citizen: cross-disciplinary perspectives. Springer, Berlin

43.

Jaynes ET (1982) On the rationale of maximum-entropy methods. Proc IEEE 70(9):939–952CrossRef

44.

Cover TM, Thomas JA (2006) Elements of information theory, 2nd edn. Wiley, New YorkMATH

45.

Boyd S, Vandenberghe L (2004) Convex optimization. Cambridge University Press, CambridgeCrossRefMATH

46.

Parra-Arnau J, Rebollo-Monedero D, Forné J (2014) Optimal forgery and suppression of ratings for privacy enhancement in recommendation systems. Entropy, 16(3):1586–1631. [Online]. http://www.mdpi.com/1099-4300/16/3/1586

47.

Apostol TM (1974) Mathematical analysis. A modern approach to advanced calculus, 2nd edn. Addison Wesley, Boston

48.

Viswanath B, Mislove A, Cha M, Gummadi KP (2009) On the evolution of user interaction in facebook. In: Proceedings of the 2nd ACM SIGCOMM workshop on social networks (WOSN’09),

49.

Ferrara E, Interdonato R, Tagarelli A (2014) Online popularity and topical interests through the lens of instagram. In: Proceedings of ACM conference on hypertext and social media (HT), pp 24–34

Titel: Shall I post this now? Optimized, delay-based privacy protection in social networks
verfasst von: Javier Parra-Arnau
Félix Gómez Mármol
David Rebollo-Monedero
Jordi Forné
Publikationsdatum: 16.11.2016
Verlag: Springer London
Erschienen in: Knowledge and Information Systems / Ausgabe 1/2017
Print ISSN: 0219-1377
Elektronische ISSN: 0219-3116
DOI: https://doi.org/10.1007/s10115-016-1010-4

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 1/2017

Exploiting interactions of review text, hidden user communities and item groups, and time for collaborative filtering

A review of task scheduling based on meta-heuristics approach in cloud computing

Synchronization-based scalable subspace clustering of high-dimensional data

Identification of critical situations via Event Processing and Event Trust Analysis

Wind speed parameters sensitivity analysis based on fractals and neuro-fuzzy selection technique

A user parameter-free approach for mining robust sequential classification rules