Hiding information against structural re-identification

Connections between users of social networking services pose a significant privacy threat. Recently, several social network de-anonymization attacks have been proposed that can efficiently re-identify users at large scale, solely considering the graph structure. In this paper, we consider these privacy threats and analyze de-anonymization attacks at the model level against a user-controlled privacy-enhancing technique called identity separation. The latter allows creating seemingly unrelated identities in parallel, even without the consent of the service provider or other users. It has been shown that identity separation can be used efficiently against re-identification attacks if user cooperate with each other. However, while participation would be crucial, this cannot be granted in a real-life scenario. Therefore, we introduce the y-identity model, in which the user creates multiple separated identities and assigns the sensitive attribute to one of them according to a given strategy. For this, we propose a strategy to be used in real-life situations and formally prove that there is a higher bound for the expected privacy loss which is sufficiently low.

[1]  Dogan Kesdogan,et al.  Privacy enhancing identity management: protection against re-identification and profiling , 2005, DIM '05.

[2]  Philippe Golle,et al.  Revisiting the uniqueness of simple demographics in the US population , 2006, WPES '06.

[3]  Róbert Schulcz,et al.  Modeling Role-Based Privacy in Social Networking Services , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[4]  Elaine Shi,et al.  Link prediction by de-anonymization: How We Won the Kaggle Social Network Challenge , 2011, The 2011 International Joint Conference on Neural Networks.

[5]  Yan Liu,et al.  EBM: an entropy-based model to infer social strength from spatiotemporal data , 2013, SIGMOD '13.

[6]  Markulf Kohlweiss,et al.  Scramble! Your Social Network Data , 2011, PETS.

[7]  Sándor Imre,et al.  Measuring importance of seeding for structural de-anonymization attacks in social networks , 2014, 2014 IEEE International Conference on Pervasive Computing and Communication Workshops (PERCOM WORKSHOPS).

[8]  Bartunov Sergey,et al.  Joint Link-Attribute User Identity Resolution in Online Social Networks , 2012 .

[9]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[10]  Sandor Imre,et al.  Analysis of Grasshopper, a Novel Social Network De-anonymization Algorithm , 2014 .

[11]  Mauro Conti,et al.  Friend in the Middle (FiM): Tackling de-anonymization in social networks , 2013, 2013 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops).

[12]  Shouling Ji,et al.  Poster : Optimization based Data De-anonymization , 2014 .

[13]  Sándor Imre,et al.  Using Identity Separation Against De-anonymization of Social Networks , 2015, Trans. Data Priv..

[14]  Yong-Yeol Ahn,et al.  Community-Enhanced De-anonymization of Online Social Networks , 2014, CCS.

[15]  Sandor Imre,et al.  Separating Private and Business Identities , 2012 .

[16]  Sándor Imre,et al.  Hiding Information in Social Networks from De-anonymization Attacks by Using Identity Separation , 2013, Communications and Multimedia Security.

[17]  Matthias Grossglauser,et al.  A Bayesian method for matching two similar graphs without seeds , 2013, 2013 51st Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[18]  Thomas Seidl,et al.  (k, d)-core anonymity: structural anonymization of massive networks , 2014, SSDBM '14.

[19]  Matthias Grossglauser,et al.  On the performance of percolation graph matching , 2013, COSN '13.

[20]  Jie Wu,et al.  Seed and Grow: An attack against anonymized social networks , 2012, 2012 9th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks (SECON).

[21]  Sándor Imre,et al.  Measuring Local Topological Anonymity in Social Networks , 2012, 2012 IEEE 12th International Conference on Data Mining Workshops.

[22]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[23]  Charu C. Aggarwal,et al.  On k-Anonymity and the Curse of Dimensionality , 2005, VLDB.

[24]  Michael Hicks,et al.  Deanonymizing mobility traces: using social network as a side-channel , 2012, CCS.

[25]  Róbert Schulcz,et al.  Comprehensive Analysis of Web Privacy and Anonymous Web Browsers: Are Next Generation Services Based on Collaborative Filtering? , 2008 .

[26]  Refik Molva,et al.  Safebook: A privacy-preserving online social network leveraging on real-life trust , 2009, IEEE Communications Magazine.

[27]  Jia Liu,et al.  K-isomorphism: privacy preserving network publication against structural attacks , 2010, SIGMOD Conference.

[28]  Jon M. Kleinberg,et al.  Wherefore art thou R3579X? , 2011, Commun. ACM.

[29]  Ariel Rubinstein,et al.  A Course in Game Theory , 1995 .

[30]  Anupam Joshi,et al.  @i seek 'fb.me': identifying users across multiple online social networks , 2013, WWW.

[31]  Shouling Ji,et al.  Structural Data De-anonymization: Quantification, Practice, and Implications , 2014, CCS.

[32]  Prateek Mittal,et al.  SecGraph: A Uniform and Open-source Evaluation System for Graph Data Anonymization and De-anonymization , 2015, USENIX Security Symposium.

[33]  Danqi Chen,et al.  De-anonymizing social networks , 2012 .

[34]  Sree Hari Krishnan Parthasarathi,et al.  Exploiting innocuous activity for correlating users across sites , 2013, WWW.

[35]  Marco Mamei,et al.  Re-identification of anonymized CDR datasets using social network data , 2014, 2014 IEEE International Conference on Pervasive Computing and Communication Workshops (PERCOM WORKSHOPS).

[36]  Lei Zou,et al.  K-Automorphism: A General Framework For Privacy Preserving Network Publication , 2009, Proc. VLDB Endow..

[37]  Silvio Lattanzi,et al.  An efficient reconciliation algorithm for social networks , 2013, Proc. VLDB Endow..

[38]  Shouling Ji,et al.  Structure Based Data De-Anonymization of Social Networks and Mobility Traces , 2014, ISC.