PPAD: Privacy Preserving Group-Based ADvertising in Online Social Networks

Services provided as free by Online Social Networks (OSN) come with privacy concerns. Users’ information kept by OSN providers are vulnerable to the risk of being sold to the advertising firms. To protect user privacy, existing proposals utilize data encryption, which prevents the providers from monetizing users’ information. Therefore, the providers would not be financially motivated to establish secure OSN designs based on users’ data encryption. Addressing these problems, we propose the first Privacy Preserving Group-Based Advertising (PPAD) system that gives monetizing ability for the OSN providers. PPAD performs profile and advertisement matching without requiring the users or advertisers to be online, and is shown to be secure in the presence of honest but curious servers that are allowed to create fake users or advertisers. We also present advertisement accuracy metrics under various system parameters providing a range of security-accuracy trade-offs.

[1]  Saikat Guha,et al.  Privad: Practical Privacy in Online Advertising , 2011, NSDI.

[2]  Claudio Soriente,et al.  Hummingbird: Privacy at the Time of Twitter , 2012, 2012 IEEE Symposium on Security and Privacy.

[3]  Balachander Krishnamurthy,et al.  Characterizing privacy in online social networks , 2008, WOSN '08.

[4]  Amos Beimel,et al.  Secret-Sharing Schemes: A Survey , 2011, IWCC.

[5]  Florian Kerschbaum,et al.  Adapting Privacy-Preserving Computation to the Service Provider Model , 2009, 2009 International Conference on Computational Science and Engineering.

[6]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[7]  Alec Wolman,et al.  Lockr: better privacy for social networks , 2009, CoNEXT '09.

[8]  Helen Nissenbaum,et al.  Adnostic: Privacy Preserving Targeted Advertising , 2010, NDSS.

[9]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[10]  Alptekin Küpçü,et al.  Fast Optimistically Fair Cut-and-Choose 2PC , 2015, Financial Cryptography.

[11]  Amir Herzberg,et al.  Oblivious and Fair Server-Aided Two-Party Computation , 2012, 2012 Seventh International Conference on Availability, Reliability and Security.

[12]  Ari Juels,et al.  Targeted Advertising ... And Privacy Too , 2001, CT-RSA.

[13]  Florian Kerschbaum,et al.  Outsourced private set intersection using homomorphic encryption , 2012, ASIACCS '12.

[14]  Alptekin Küpçü,et al.  Efficiently Making Secure Two-Party Computation Fair , 2016, Financial Cryptography.

[15]  Mariana Raykova,et al.  Scaling Private Set Intersection to Billion-Element Sets , 2014, Financial Cryptography.

[16]  Ariel J. Feldman,et al.  Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider , 2012, USENIX Security Symposium.

[17]  Ben Riva,et al.  Efficient Server-Aided 2PC for Mobile Phones , 2016, Proc. Priv. Enhancing Technol..

[18]  Bobby Bhattacharjee,et al.  Persona: an online social network with user-defined privacy , 2009, SIGCOMM '09.

[19]  Shouhuai Xu,et al.  Verifiable Delegated Set Intersection Operations on Outsourced Encrypted Data , 2015, 2015 IEEE International Conference on Cloud Engineering.

[20]  Aniket Kate,et al.  ObliviAd: Provably Secure and Practical Online Behavioral Advertising , 2012, 2012 IEEE Symposium on Security and Privacy.

[21]  Ben Riva,et al.  Salus: a system for server-aided secure function evaluation , 2012, CCS.

[22]  Florian Kerschbaum,et al.  Collusion-resistant outsourcing of private set intersection , 2012, SAC '12.

[23]  Patrick Traynor,et al.  Outsourcing secure two-party computation as a black box , 2015, Secur. Commun. Networks.

[24]  Ronald Cramer,et al.  A Framework for Secure Computations With Two Non-Colluding Servers and Multiple Clients, Applied to Recommendations , 2015, IEEE Transactions on Information Forensics and Security.

[25]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[26]  Marina Blanton,et al.  Efficient Server-Aided Secure Two-Party Function Evaluation with Applications to Genomic Computation , 2016, IACR Cryptol. ePrint Arch..

[27]  Alptekin Küpçü,et al.  Security and Privacy of Distributed Online Social Networks , 2015, ICDCS Workshops.

[28]  Debmalya Biswas,et al.  Privacy-Preserving Outsourced Profiling , 2010, 2010 IEEE 12th Conference on Commerce and Enterprise Computing.

[29]  Stefan Katzenbeisser,et al.  Efficiently Outsourcing Multiparty Computation Under Multiple Keys , 2013, IEEE Transactions on Information Forensics and Security.

[30]  Vitaly Shmatikov,et al.  De-anonymizing Social Networks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[31]  Mariana Raykova,et al.  Outsourcing Multi-Party Computation , 2011, IACR Cryptol. ePrint Arch..

[32]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[33]  Alessandro Barenghi,et al.  Snake: An End-to-End Encrypted Online Social Network , 2014, 2014 IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS).

[34]  Agusti Solanas,et al.  Privacy-Aware Genome Mining: Server-Assisted Protocols for Private Set Intersection and Pattern Matching , 2015, 2015 IEEE 28th International Symposium on Computer-Based Medical Systems.

[35]  Yuguang Fang,et al.  A Privacy-Preserving Scheme for Online Social Networks with Efficient Revocation , 2010, 2010 Proceedings IEEE INFOCOM.