Shall I post this now? Optimized, delay-based privacy protection in social networks

Despite the several advantages commonly attributed to social networks such as easiness and immediacy to communicate with acquaintances and friends, significant privacy threats provoked by unexperienced or even irresponsible users recklessly publishing sensitive material are also noticeable. Yet, a different, but equally significant privacy risk might arise from social networks profiling the online activity of their users based on the timestamp of the interactions between the former and the latter. In order to thwart this last type of commonly neglected attacks, this paper proposes an optimized deferral mechanism for messages in online social networks. Such solution suggests intelligently delaying certain messages posted by end users in social networks in a way that the observed online activity profile generated by the attacker does not reveal any time-based sensitive information, while preserving the usability of the system. Experimental results as well as a proposed architecture implementing this approach demonstrate the suitability and feasibility of our mechanism.

[1]  Dogan Kesdogan,et al.  Stop-and-Go-MIXes Providing Probabilistic Anonymity in an Open System , 1998, Information Hiding.

[2]  Dirk Grunwald,et al.  Low-resource routing attacks against tor , 2007, WPES '07.

[3]  George Danezis,et al.  Low-cost traffic analysis of Tor , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[4]  Bart Preneel,et al.  Towards Measuring Anonymity , 2002, Privacy Enhancing Technologies.

[5]  Michael Kaminsky,et al.  SybilGuard: defending against sybil attacks via social networks , 2006, SIGCOMM.

[6]  Félix Gómez Mármol,et al.  Reporting Offensive Content in Social Networks: Toward a Reputation-Based Assessment Approach , 2014, IEEE Internet Computing.

[7]  Hao Chen,et al.  Noise Injection for Search Privacy Protection , 2009, 2009 International Conference on Computational Science and Engineering.

[8]  David S. Rosenblum,et al.  What Anyone Can Know: The Privacy Risks of Social Networking Sites , 2007, IEEE Security & Privacy.

[9]  Feng Xiao,et al.  SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks , 2010, IEEE/ACM Trans. Netw..

[10]  Bhavani M. Thuraisingham,et al.  Inferring private information using social network data , 2009, WWW '09.

[11]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[12]  Kevin S. Bauer,et al.  Low-Resource Routing Attacks Against Anonymous Systems , 2007 .

[13]  Birgit Pfitzmann,et al.  How to Break the Direct RSA-Implementation of Mixes , 1990, EUROCRYPT.

[14]  Serge Gutwirth,et al.  Profiling the European Citizen, Cross-Disciplinary Perspectives , 2008 .

[15]  Stefan Köpsell,et al.  Modelling Unlinkability , 2003, Privacy Enhancing Technologies.

[16]  E. Jaynes On the rationale of maximum-entropy methods , 1982, Proceedings of the IEEE.

[17]  Helen Nissenbaum,et al.  Trackmenot: Resisting Surveillance in Web Search , 2015 .

[18]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[19]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[20]  Félix Gómez Mármol,et al.  Chasing Offensive Conduct in Social Networks , 2015, ACM Trans. Internet Techn..

[21]  Krishna P. Gummadi,et al.  On the evolution of user interaction in Facebook , 2009, WOSN '09.

[22]  Jian Pei,et al.  Preserving Privacy in Social Networks Against Neighborhood Attacks , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[23]  ChengXiang Zhai,et al.  Privacy protection in personalized search , 2007, SIGF.

[24]  Mina Deng,et al.  Privacy Preserving Content Protection (Privacy behoud content protection) , 2010 .

[25]  Jose L. Muñoz,et al.  Optimal tag suppression for privacy protection in the semantic Web , 2012, Data Knowl. Eng..

[26]  Josep Maria Mateo-Sanz,et al.  Exploiting social networks to provide privacy in personalized web search , 2011, J. Syst. Softw..

[27]  Ke Wang,et al.  Privacy-enhancing personalized web search , 2007, WWW '07.

[28]  Stephen P. Boyd,et al.  Convex Optimization , 2004, Algorithms and Theory of Computation Handbook.

[29]  Bart Preneel,et al.  APES - Anonymity and Privacy in Electronic Services , 2003, Datenschutz und Datensicherheit.

[30]  Michael Kaminsky,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2008, IEEE/ACM Transactions on Networking.

[31]  Shriram K. Vasudevan,et al.  Sybil Guard: Defending Against Sybil Attacks via Social Networks , 2010 .

[32]  Jordi Forné,et al.  Optimized Query Forgery for Private Information Retrieval , 2010, IEEE Transactions on Information Theory.

[33]  George Danezis,et al.  Towards an Information Theoretic Metric for Anonymity , 2002, Privacy Enhancing Technologies.

[34]  Jordi Forné,et al.  Optimal Forgery and Suppression of Ratings for Privacy Enhancement in Recommendation Systems , 2013, Entropy.

[35]  Matthew K. Wright,et al.  Timing Attacks in Low-Latency Mix Systems (Extended Abstract) , 2004, Financial Cryptography.

[36]  Bhavani M. Thuraisingham,et al.  Preventing Private Information Inference Attacks on Social Networks , 2013, IEEE Transactions on Knowledge and Data Engineering.

[37]  Jordi Forné,et al.  Measuring the privacy of user profiles in personalized information systems , 2014, Future Gener. Comput. Syst..

[38]  Tom M. Apostol,et al.  Mathematical analysis : a modern approach to advanced calculus / Tom M. Apostol , 1957 .

[39]  Joanna Abadie,et al.  European Data Protection Supervisor , 2016 .

[40]  Jordi Forné,et al.  Privacy-Preserving Enhanced Collaborative Tagging , 2014, IEEE Transactions on Knowledge and Data Engineering.

[41]  Thomas M. Cover,et al.  Elements of information theory (2. ed.) , 2006 .

[42]  Andreas Pfitzmann,et al.  The Disadvantages of Free MIX Routes and how to Overcome Them , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[43]  Leyla Bilge,et al.  All your contacts are belong to us: automated identity theft attacks on social networks , 2009, WWW '09.

[44]  Andrea Tagarelli,et al.  Online popularity and topical interests through the lens of instagram , 2014, HT.

[45]  George Danezis Mix-Networks with Restricted Routes , 2003, Privacy Enhancing Technologies.

[46]  Jian Pei,et al.  The k-anonymity and l-diversity approaches for privacy preservation in social networks against neighborhood attacks , 2011, Knowledge and Information Systems.