Outsourcing privacy-preserving social networks to a cloud

2009

The proliferation of social networks, where individuals share private information, has caused, in the last few years, a growth in the volume of sensitive data being stored in these networks. As users subscribe to more services and connect more with their friends, families, and colleagues, the desire to both protect the privacy of the network users and the temptation to extract, analyze, and use this information from the networks have increased. Previous research has looked at anonymizing social network graphs to ensure their k-anonymity in order to protect their nodes against identity disclosure. In this paper we introduce an extension to this kanonymity model that adds the ability to protect against attribute disclosure. This new model has similar privacy features with the existing p-sensitive k-anonymity model for microdata. We also present a new algorithm for enforcing psensitive k-anonymity on social network data based on a greedy clustering approach. To our knowledge, no previous research has been done to deal with preventing against disclosing attribute information that is associated to social networks nodes.

IAEME PUBLICATION, 2013

Developing privacy preserving mechanisms for data sharing across network for research purposes and business decisions has become one of the issues of the days research interest. L.Sweeney et.al., (2002) [26] developed the concept of k-anonymity, a model for protecting privacy which poses the condition that a database to be k-anonymous, then each record is indistinguishable from at least k-1 other records with respect to their quasi-identifiers. Despite the k-anonymity model, an intruder may gain access the sensitive information if a set of nodes share similar attributes. In this paper we systematically analyze the pure structure anonymization mechanisms and models proposed in the literature. Also we make a detailed study on k-degree-l-diversity anonymity model, which takes into consideration the structural information and sensitive labels of individuals as well. Also the study the algorithmic impact of adding noise nodes to original graph and the rigorous analyses on the theoretical limitations of the appended noise nodes and its impact.

Lecture Notes in Computer Science, 2019

When releasing graph data (e.g., social network) to public or third parties, data privacy becomes a major concern. It has been shown that state-of-the-art graph anonymization techniques suffer from a lack of strong defense against De-Anonymization (DA) attacks mostly because of the bias towards utility preservation. In this paper, we propose GAGA, an Efficient Genetic Algorithm for Graph Anonymization, that simultaneously delivers high anonymization and utility preservation. To address the vulnerability against DA attacks especially when the adversary can re-identify the victim not only based on some information about the neighbors of a victim but also some knowledge on the structure of the neighbors of the victim's neighbors, GAGA puts the concept of k(d)-neighborhood-anonymity into action by developing the first general algorithm for any d distance neighborhood. GAGA also addresses the challenge of applying minimum number of changes to the original graph to preserve data utilities via an effective and efficient genetic algorithm. Results of our evaluation show that GAGA anonymizes the graphs in a way that it is more resistant to modern DA attacks than existing techniques-GAGA (with d=3) improves the defense against DA techniques by reducing the DA rate by at least a factor of 2.7× in comparison to the baseline. At the same time it preserves the data utilities to a very high degree-it is the best technique for preserving 11 out of 16 utilities. Finally, GAGA provides application-oriented level of control to users via different tunable parameters.

Lecture Notes in Computer Science, 2009

The advent of social network sites in the last years seems to be a trend that will likely continue. What naive technology users may not realize is that the information they provide online is stored and may be used for various purposes. Researchers have pointed out for some time the privacy implications of massive data gathering, and effort has been made to protect the data from unauthorized disclosure. However, the data privacy research has mostly targeted traditional data models such as microdata. Recently, social network data has begun to be analyzed from a specific privacy perspective, one that considers, besides the attribute values that characterize the individual entities in the networks, their relationships with other entities. Our main contributions in this paper are a greedy algorithm for anonymizing a social network and a measure that quantifies the information loss in the anonymization process due to edge generalization.

2013

The social network data is much more complicated than relational data, privacy preserving in social networks is more challenging and needs many serious efforts in the future. Mainly, modeling adversarial attacks and developing privacy preservation strategies are critical. For proposed work, we believe that the following two types of attacks should be addressed systematically. We only handle 1-neighborhoods in this paper. And another one is k-anonymity. By using sub graphs we can identify the anonymity nodes and for that we are applying anonymity techniques. So we can provide the secure privacy in social network. Finally, privacy research directions on social network sites, privacy-preserving collaborative social network and business model of privacy protection, which Need further research, were presented and discussed. I.

2015

Massive graphs have become pervasive in a wide variety of data domains. However, they are generally more difficult to anonymize because the structural information buried in graph can be leveraged by an attacker to breach sensitive attributes. Furthermore, the increasing sizes of graph data sets present a major challenge to anonynization algorithms. In this paper, we will address the problem of privacy-preserving data mining of massive graph-data sets. We design a MapReduce framework to address the problem of attribute disclosure in massive graphs. We leverage the MapReduce framework to create a scalable algorithm that can be used for very large graphs. Unlike existing literature in graph privacy, our proposed algorithm focuses on the sensitive content at the nodes rather than on the structure. This is because content-centric perturbation at the nodes is a more effective way to prevent attribute disclosure rather than structural reorganization. One advantage of the approach is that s...

Proceedings of The Vldb Endowment, 2008

We identify privacy risks associated with releasing network data sets and provide an algorithm that mitigates those risks. A network consists of entities connected by links representing relations such as friendship, communication, or shared activity. Maintaining privacy when publishing networked data is uniquely challenging because an individual's network context can be used to identify them even if other identifying information is removed. In this paper, we quantify the privacy risks associated with three classes of attacks on the privacy of individuals in networks, based on the knowledge used by the adversary. We show that the risks of these attacks vary greatly based on network structure and size. We propose a novel approach to anonymizing network data that models aggregate network structure and then allows samples to be drawn from that model. The approach guarantees anonymity for network entities while preserving the ability to estimate a wide variety of network measures with relatively little bias. Figure 1: A social network (G), the naive anonymization (Ga), and the anonymization mapping (f ).

With an abundance of social network data being released, the need to protect sensitive information within these networks has become an important concern of data publishers. In this paper we focus on the popular notion of k-anonymization as applied to node degrees in a social network. Given such a network N , the problem we study is to transform N to N ′ , such that the degree of each node in N ′ is attained by at least k − 1 other nodes in N ′ . Apart from previous work, we permit modifications to the node set, rather than the edge set, and this offers unique advantages with respect to the utility of the released anonymized network. We study both vertex-labeled and unlabeled graphs, since instances of each occur in real-world social networks. Under the constraint of minimum node additions, we show that on vertex-labeled graphs, the problem is NP-complete. For unlabeled graphs, we give an efficient (near-linear) algorithm and show that it gives solutions that are optimal modulo k, a guarantee that is novel in the literature. Additionally, we demonstrate empirically that commonly-studied structural properties of the network, such as clustering coefficient, are quite minorly distorted by the anonymization procedure.

2012

Social network data analysis raises concerns about the privacy of related entities or individuals. To address this issue, organizations can publish data after simply replacing the identities of individuals with pseudonyms, leaving the overall structure of the social net-work unchanged. However, it has been shown that attacks based on structural identification (e.g., a walk-based attack) enable an adversary to re-identify selected individuals in an anonymized network. In this paper we explore the capacity of techniques based on random edge perturbation to thwart such attacks. We theoretically establish that any kind of structural identification attack can effectively be prevented using random edge perturbation and show that, surprisingly, important properties of the whole network, as well as of subgraphs thereof, can be accurately calculated and hence data analysis tasks performed on the perturbed data, given that the legitimate data recipient knows the perturbation probability as we...

2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), 2010

Traditional approaches to K-anonymity provide privacy guarantees over publicly released data sets with specified quasi-identifiers. However, the most common public releases of personal data are now done through social networks and their APIs, which do not fit the previous research-centric data set release model, nor do they allow for clear assumptions about quasi-identifiers. This paper proposes a new definition of K-anonymity that suggests a practical way in which social networks could provide privacy guarantees to users of their API. To support as wide a range of applications as possible, the proposed privacy guarantee assumes all social-networking data may be a quasi-identifier and does not assume that data may be generalized and still be useful. Using the Facebook social networking API, we implement an application to demonstrate that providing such guarantees in real-time is feasible for real social networking data.