Privacy in Social Networks Introduction 1 Model Social

  • Slides: 67
Download presentation
Privacy in Social Networks: Introduction 1

Privacy in Social Networks: Introduction 1

Model: Social Graph From SIGMOD 11 -tutorial 2

Model: Social Graph From SIGMOD 11 -tutorial 2

Model: Social Graph From SIGMOD 11 -tutorial 3

Model: Social Graph From SIGMOD 11 -tutorial 3

Model: Social Graph From SIGMOD 11 -tutorial 4

Model: Social Graph From SIGMOD 11 -tutorial 4

Model: Social Graph Facebook graph from: http: //www. flickr. com/photos/greenem/11696663/ 5

Model: Social Graph Facebook graph from: http: //www. flickr. com/photos/greenem/11696663/ 5

Model: Social Graph Twitter graph from: http: //www. connectedaction. net/ 2009/03/30/social-networks-in-the -news/ 6

Model: Social Graph Twitter graph from: http: //www. connectedaction. net/ 2009/03/30/social-networks-in-the -news/ 6

Model: Social Graph Social networks model social relationships by graph structures using vertices and

Model: Social Graph Social networks model social relationships by graph structures using vertices and edges. Vertices model individual social actors in a network, while edges model relationships between social actors. Labels (type of edges, vertices) Directed/undirected G = (V, E, L, LV, LE) V: set of vertices (nodes), E V x V, set of edges, L set of labels, LV: V L, LE: E L Bipartite graphs Tag – Document - Users 7

8

8

Privacy Preserving Publishing Digital traces in a wide variety of on-line settings => rich

Privacy Preserving Publishing Digital traces in a wide variety of on-line settings => rich sources of data for large-scale studies of social networks Some made based on publicly crawlable blocking and social networking sites => users have explicitly "chosen" to publish their links to others 9

Privacy Preserving Publishing User Attacker Background Knowledge participation in many networks or Specific Attack

Privacy Preserving Publishing User Attacker Background Knowledge participation in many networks or Specific Attack Quasi Identifiers Analysts Types of Attacks structural active vs passive Utility Graph properties • number of nodes/edges • average path length, network diameter • clustering coefficient • average degree, degree distribution 10

Mappings that preserve the graph structure A graph homomorphism f from a graph G

Mappings that preserve the graph structure A graph homomorphism f from a graph G = (V, E) to a graph G' = (V', E'), is a mapping f: G G’, from the vertex set of G to the vertex set of G’ such that (u, u’) G (f(u), f(u’)) G’ If the homomorphism is a bijection whose inverse function is also a graph homomorphism, then f is a graph isomorphism [(u, u’) G (f(u), f(u’)) G’] 11

12

12

The general graph isomorphic problem which determines whether two graphs are isomorphic is NP-hard

The general graph isomorphic problem which determines whether two graphs are isomorphic is NP-hard 13

Privacy Preserving Publishing 14

Privacy Preserving Publishing 14

Mappings that preserve the graph structure A graph automorphism is a graph isomorphism with

Mappings that preserve the graph structure A graph automorphism is a graph isomorphism with itself, i. e, a mapping from the vertices of the given graph G back to vertices of G such that the resulting graph is isomorphic with G. An automorphism f is non-trivial if it is not identity function. A bijection, or a bijective function, is a function f from a set X to a set Y with the property that, for every y in Y, there is exactly one x in X such that f(x) = y. Alternatively, f is bijective if it is a one-to-one correspondence between those sets; i. e. , both oneto-one (injective) and onto (surjective)). 15

Privacy Models Relational data: Identify (sensitive attribute of an individual) Background knowledge and attack

Privacy Models Relational data: Identify (sensitive attribute of an individual) Background knowledge and attack model: know the values of quasi identifiers and attacks come from identifying individuals from quasi identifiers Social networks: Privacy classified into 1. vertex existence 2. Identity disclosure 3. Link or edge disclosure 4. vertex (or link attribute) disclosure (sensitive or non-sensitive attributes) 5. content disclosure: the sensitive data associated with each vertex is compromised, for example, the email message sent and/or received by the individuals in an email communication network. 6. property disclosure 16

Anonymization Methods § Clustering-based or Generalization-based approaches: cluster vertices and edges into groups and

Anonymization Methods § Clustering-based or Generalization-based approaches: cluster vertices and edges into groups and replace a subgraph with a super-vertex § Graph Modification approaches: modifies (inserts or deletes) edges and vertices in the graph (Perturbations) 17

Some Graph-Related Definitions § A subgraph H of a graph G is said to

Some Graph-Related Definitions § A subgraph H of a graph G is said to be induced if, for any pair of vertices x and y of H, (x, y) is an edge of H if and only if (x, y) is an edge of G. In other words, H is an induced subgraph of G if it has exactly the edges that appear in G over the same vertex set. § If the vertex set of H is the subset S of V(G), then H can be written as G[S] and is said to be induced by S. § Neighborhood 18

1. Publishing 2. Accessing the Risk (privacy score, analysis) 3. Access Control (tools, etc)

1. Publishing 2. Accessing the Risk (privacy score, analysis) 3. Access Control (tools, etc) Next 1. Active Attack 2. Example of publishing 19

Type of Attacks 20

Type of Attacks 20

Active and Passive Attacks Lars Backstrom, Cynthia Dwork and Jon Kleinberg, Wherefore art thou

Active and Passive Attacks Lars Backstrom, Cynthia Dwork and Jon Kleinberg, Wherefore art thou r 3579 x? : anonymized social networks, hidden patterns, and structural steganography Proceedings of the 16 th international conference on World Wide Web, 2007 (WWW 07) 21

Model Purest form of social network: Nodes corresponding to individuals Edges indicating social interactions

Model Purest form of social network: Nodes corresponding to individuals Edges indicating social interactions (no labels, no directions, no annotations) Simple Anonymization Can this work? 22

Walk-based Active Attack 3 Requirement for the construction of H 23

Walk-based Active Attack 3 Requirement for the construction of H 23

Experiments • Data: Network of friends on Live. Journal – 4. 4∙ 106 nodes,

Experiments • Data: Network of friends on Live. Journal – 4. 4∙ 106 nodes, 77∙ 106 edges • Uniqueness: With 7 nodes, an average of 70 nodes can be de-anonymized – Although log(4. 4∙ 106) ≈ 15 • Efficiency: |T| is typically ~9∙ 104 • Detectability: – Only 7 nodes – Many subgraphs of 7 nodes in G are dense and well-connected 24

Probability that H is Unique 25

Probability that H is Unique 25

Efficient recovery Detectability Only 7 nodes Internal structure 26

Efficient recovery Detectability Only 7 nodes Internal structure 26

Passive Attack • H is a coalition, recovered by same search algorithm • Nothing

Passive Attack • H is a coalition, recovered by same search algorithm • Nothing guaranteed, but works in practice 27

Passive Attack 28

Passive Attack 28

Passive Attacks An adversary tries to learn the identities of the nodes only after

Passive Attacks An adversary tries to learn the identities of the nodes only after the anonymized network has been released Simply try to find themselves in the released network and from this to discover the existence of edges among users to whom they are linked a user can collude with a coalition of k-1 friends after the release Active Attacks An adversary tries to compromise privacy by strategically creating new user accounts and links before the anonymized network is released § Active work in with high probability in any network – passive rely on the chance that a use can uniquely find themselves after the network is released § Passive attacks can only compromise the privacy of users linked to the attacker § Passive attacks, no observable wrong-doing 29

30

30

Privacy threat: De-anonymize 2 nodes and learn if connected Focus of the paper: Identify

Privacy threat: De-anonymize 2 nodes and learn if connected Focus of the paper: Identify type of attacks that even from a single anonymized copy of a social network, it is possible for an adversary to learn whether edges exist or not between specific targeted pair of nodes Note that the adversary may be a user of the system being anomymized 32

33

33

34

34

Active Attacks - Challenges Let G be the network, H the subgraph With high

Active Attacks - Challenges Let G be the network, H the subgraph With high probability, H must be: • Uniquely identifiable in G – For any G • Efficiently locatable – Tractable instance of subgraph isomorphism • But undetectable – From the point of view of the data curator 35

Active Attacks - Approaches • Basic idea: H is randomly generated – Start with

Active Attacks - Approaches • Basic idea: H is randomly generated – Start with k nodes, add edges independently at random The “Walk-based” attack • Two variants: – better in practice – k = Θ(logn) de-anonymizes Θ(log 2 n) users – k = Θ(√logn) de-anonymizes Θ(√ logn) users • • H needs to be “more unique” Achieved by “thin” attachment of H to G The “Cut-based” attack – matches theoretical bound 36

Outline • Attacks on anonymized networks – high level description • The Walk-Based active

Outline • Attacks on anonymized networks – high level description • The Walk-Based active attack – Description – Analysis – Experiments • Passive attack 37

The Walk-Based Attack – Simplified Version • Construction: – Pick target users W =

The Walk-Based Attack – Simplified Version • Construction: – Pick target users W = {w 1, …, wk} – Create new users X = {x 1, …, xk} and random subgraph G[X] = H W 1 W 2 – Add edges (xi, wi) X 2 • Recovery X 1 – Find H in G ↔ No subgraph of G isomorphic to H – Label H as x 1, …, xk ↔ No automorphisms – Find w 1, …, wk 38

The Walk-Based Attack – Full Version • Construction: – Pick target users W =

The Walk-Based Attack – Full Version • Construction: – Pick target users W = {w 1, …, wb} – Create new users X = {x 1, …, xk} and H – Connect wi to a unique subset Ni of X – Between H and G – H • Add Δi edges from xi where d 0 ≤ Δi ≤ d 1=O(logn) To help find H – Inside H, add edges (xi, xi+1) 39 X 1 X 2 X 3

Construction of H G N 1 x 1 w 2 x 2 w 1

Construction of H G N 1 x 1 w 2 x 2 w 1 x 3 (2+δ)logn Δ 3 • Total degree of xi is Δ'i w 3 w 4 O(log 2 n) 40

41

41

42

42

Recovering H • Search G based on: – Degrees Δ'i – Internal structure of

Recovering H • Search G based on: – Degrees Δ'i – Internal structure of H root α 1 v f (αl) αl β Search tree T f (α 1) G 43

44

44

Analysis • Theorem 1 [Correctness]: With high probability, H is unique in G. Formally:

Analysis • Theorem 1 [Correctness]: With high probability, H is unique in G. Formally: – H is a random subgraph – G is arbitrary – Edges between H and G – H are arbitrary – There are edges (xi, xi+1) Ø Then WHP no subgraph of G is isomorphic to H. • Theorem 2 [Efficiency]: Search tree T does not grow too large. Formally: – For every ε, WHP the size of T is O(n 1+ε) 45

Theorem 1 [Correctness] • H is unique in G. Two cases: – For no

Theorem 1 [Correctness] • H is unique in G. Two cases: – For no disjoint subset S, G[S] isomorphic to H – For no overlapping S, G[S] isomorphic to H • Case 1: – S = <s 1, …, sk> nodes in G – H – εS – the event that si ↔ xi is an isomorphism – – By Union Bound, 46

Theorem 1 continued • Case 2: S and X overlap. Observation – H does

Theorem 1 continued • Case 2: S and X overlap. Observation – H does no have much internal symmetry • Claim (a): WHP, there are no disjoint isomorphic subgraphs of size c 1 logk in H. Assume this from now on. • Claim (b): Most of A goes to B, most of Y is fixed under f (except c 1 logk nodes) B A Y (except c 2 logk nodes) B A Y Y f X G 47

Theorem 1 - Proof • What is the probability of an overlapping second copy

Theorem 1 - Proof • What is the probability of an overlapping second copy of H in G? • f. ABCD : AUY → BUY = X B C • Let j = |A| = |B| = |C| D A • εABCD – the event that f. ABCD is Y' an isomorphism • #random edges inside C ≥ j(j-1)/2 – (j-1) X • #random edges between C and Y' ≥ (|Y'|)j – 2 j • Probability that the random edges match those of A Pr[εABCD] ≤ 2#random edges A D B, C 48

Theorem 2 [Efficiency] • Claim: Size of search tree T is near-linear. • Proof

Theorem 2 [Efficiency] • Claim: Size of search tree T is near-linear. • Proof uses similar methods: – Define random variables: • #nodes in T = Γ • Γ = Γ' + Γ'' = #paths in G – H + #paths passing in H – This time we bound E(Γ') [and similarly E(Γ'')] – Number of paths of length j with max degree d 1 is bounded – Probability of such a path to have correct internal structure is bounded Ø E(Γ') ≤ (#paths * Pr[correct internal struct]) 49

50

50

51

51

52

52

53

53

54

54

55

55

56

56

57

57

58

58

59

59

Outline • Attacks on anonymized networks – high level description • The Walk-Based active

Outline • Attacks on anonymized networks – high level description • The Walk-Based active attack – Description – Analysis – Experiments • Passive attack 60

61

61

62

62

Passive Attack - Results 63

Passive Attack - Results 63

Passive Attack • H is a coalition, recovered by same search algorithm • Nothing

Passive Attack • H is a coalition, recovered by same search algorithm • Nothing guaranteed, but works in practice 64

65

65

Potential Solutions 66

Potential Solutions 66

67

67