ShutterRoller: Preserving Social Network Privacy towards High-Speed Domain Gateway

Online Social Network (OSN) has become an important platform where people share their life and opinions nowadays, which is followed by security problems especially privacy leakage. Contents generated by OSN users can be browsed and shared by friends or even strangers, which may contain their privacy information and leads to a high risk of privacy leakage. However, traditional DPI mechanism, such as NIDS and NIPS, can hardly adapt to privacy detection and preservation in OSN because of their granularity limitation or poor performance. Privacy settings of OSN sites are seldom changed by users. In this paper, we proposed a social network privacy preserving system, ShutterRoller, based on domain gateway. By detecting the OSN traffic through gateway, ShutterRoller examines the existing of social features that may lead to privacy leakage, such as user behaviors and user generated contents. The work of ShutterRoller is accomplished with the following contributions: (1) a general network underlying framework for application layer data restoration with high throughput and low latency towards the high-speed network environment of gateway. (2) a customized OSN application layer inspection scheme to achieve fine-grained privacy leakage detection with a high accuracy. Experiments have been done by real network traffic, and indicate the high accuracy in fine-grained privacy leakage detection and high throughput as well as low latency in high-speed network.

[1]  Jianxin Li,et al.  Shutter: Preventing Information Leakage Based on Domain Gateway for Social Networks , 2014, 2014 IEEE 11th Intl Conf on Ubiquitous Intelligence and Computing and 2014 IEEE 11th Intl Conf on Autonomic and Trusted Computing and 2014 IEEE 14th Intl Conf on Scalable Computing and Communications and Its Associated Workshops.

[2]  Bin Liu,et al.  NetShield: massive semantics-based vulnerability signature matching for high-speed networks , 2010, SIGCOMM '10.

[3]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[4]  Daniel Raumer,et al.  Comparison of frameworks for high-performance packet IO , 2015, 2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[5]  Steven M. Bellovin,et al.  The Failure of Online Social Network Privacy Settings , 2011 .

[6]  Luigi Rizzo,et al.  netmap: A Novel Framework for Fast Packet I/O , 2012, USENIX ATC.

[7]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[8]  Aleksandar Kuzmanovic,et al.  Mosaic: quantifying privacy leakage in mobile networks , 2013, SIGCOMM.

[9]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[10]  Heather Richter Lipford,et al.  Understanding Privacy Settings in Facebook with an Audience View , 2008, UPSEC.

[11]  Nikita Borisov,et al.  Cachet: a decentralized architecture for privacy preserving social networking with caching , 2012, CoNEXT '12.

[12]  Laurent Mathy,et al.  Fast userspace packet processing , 2015, 2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).