1 / 18

De- anonymizing Social Networks

De- anonymizing Social Networks. Arvind Narayanan and Vitaly Shmatikov The University of Texas at Austin - by Nafia Malik. Motivation. OSN are sharing sensitive information User willingness to share information and disclosure to unintended parties are not connected.

chinara
Télécharger la présentation

De- anonymizing Social Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. De-anonymizing Social Networks Arvind Narayanan and VitalyShmatikov The University of Texas at Austin -by NafiaMalik

  2. Motivation • OSN are sharing sensitive information • User willingness to share information and disclosure to unintended parties are not connected. • Anonymity can hide personal identification information, but the person can still be identified. Hence Anonymity!= privacy.

  3. Topics covered • Contributions • How data is released? • Related works and a sybil attack for de-anonymization. • Models and definitions. • The De-anonymization algorithm • Experimental Results. • Conclusion.

  4. Contributions • ‘Feasibility of large-scale, passive de-anonymization of real world social network’ • Survey the current state of data sharing. • Formal definition of privacy in social network. • Develop generic re-identification algorithm for anonymized social network. • Demonstration of algorithm on real world social networks.

  5. How data is released? • Academic and government data mining • Sometimes anonymized. • Advertising • rely on anonymity to breach privacy. • Third party applications. • not anonymized. • Aggregation • Multiple OSN. • Other data-release scenarios. • P2P file share on OSN • Large scale facial recognition on photoes.

  6. Related works • Privacy properties • Presence of an edge • Significance of an edge attribute • Attributes attached to nodes. • Mare de-anonymization reveals user observability to network. • De-anonymization attacks • Passive attacks • Coalition/ pack or users compromise their OSN friend.(small scale) • Defenses • Restrictive adversary and small scale network • Scrambling/unscrambling user provided data. • Anonymity as a tool for privacy.(Problem with k-anonymity)

  7. A Sybil attack for de-anonymization. • Active attacks • difficult in large scale • Staging is expensive and impossible • No control over incoming links. • Identifying is easy • Difficult to create dummy nodes(e.g. Facebook checks for uniqueness of email IDs ) • Legitimate users do not linking back to sybil nodes. • Sub graph with one directional nodes are easy to mark out. • Methods for spammer detection by OSN allows unidirectional edges. • Sybil nodes does not help in attack.

  8. Models and definitions. • Social network • A directed graph • Attributes for each node • Attributes for each edge

  9. Models and definitions. • Data Release (in bulk / by network crawling) • Advertisers • Application developers • Researchers.

  10. Models and definitions. • Threat model • Attack scenario • Modeling of the attacker • Auxiliary information • Breaching privacy • How good is the attack?

  11. The De-anonymization algorithm • Seed identification • Inputs: • target graph • k seeds node in auxiliary graph • k node degree value • KC2 pair of common neighbor counts • Outputs: seed mapping of nodes to clique/failure • Propagation • Inputs: • Graph G1= (V1,E1) • Graph G2= (V2,E2) • Partial seed mapping between two graphs • Outputs: mapping μ: V1→V2

  12. De-anonymization: Propagation

  13. Experiment • Twitter crawled in 2007 • Flicker crawled in late 2007/early 2008 • Live Journal from Mislove, Gummadi, Druschel and Bhattacharjee from ‘Measurment and analysis of online social networks’

  14. Seed Identification

  15. Propagation

  16. Propagation

  17. Propagation

  18. Conclusion • A third of their users name was reveled. • Only with 12% errors.

More Related