Active Re-identification Attacks on Periodically Released Dynamic Social Graphs

Active re-identification attacks pose a serious threat to privacy-preserving social graph publication. Active attackers create fake accounts to build structural patterns in social graphs which can be used to re-identify legitimate users on published anonymised graphs, even without additional background knowledge. So far, this type of attacks has only been studied in the scenario where the inherently dynamic social graph is published once. In this paper, we present the first active re-identification attack in the more realistic scenario where a dynamic social graph is periodically published. The new attack leverages tempo-structural patterns for strengthening the adversary. Through a comprehensive set of experiments on real-life and synthetic dynamic social graphs, we show that our new attack substantially outperforms the most effective static active attack in the literature by increasing the success probability of re-identification by more than two times and efficiency by almost 10 times. Moreover, unlike the static attack, our new attack is able to remain at the same level of effectiveness and efficiency as the publication process advances. We conduct a study on the factors that may thwart our new attack, which can help design graph anonymising methods with a better balance between privacy and utility

Identities Anonymization in Dynamic Social Networks

隨著社群網站的蓬勃發展，社群網路資料被廣泛的應用於各式各樣不同的需求當中，但是公開的社群網路資料往往伴隨著個人資料隱私的問題，也讓該議題成為使用者和開發人員無不關心的地方。時下關於社群網路隱私保護的研究多數著重在靜態的社群網路上，然而資訊量的增加使得連續發佈資料的必要性大增，在這種動態的社群網路中，僅僅利用先前靜態的保護措施會產生許多隱私洩漏的疑慮。在這篇論文裡，我們先指出個人的身分和社群資訊在動態社群網路中存在被識別出的風險，然後再提出避免此風險的方法。我們闡述了一個新的隱私保護模型：k^w-structural diversity anonymity，在這裡 w 表示攻擊者在動態社群網路中觀察受害者的時間。此隱私保護模型將舊有的 k-structural diversity anonymity 延伸到動態的情境之下。我們提出了一個演算法將發布的動態社群網路加密以符合這個新的隱私保護模型。利用真實社群網路資料和人工社群網路資料來評價這個演算法，結果顯示此方法能在確保隱私保護的條件之下保留很大程度的原始社群網路特徵。Privacy in publishing social network data is always an important concern. Nowadays most prior privacy protection techniques focus on static social networks. However, there are additional privacy disclosures in dynamic social networks due to the sequential publications. In this thesis, we first show that the risks of vertex or community re-identification exist in a dynamic social network, even if the network published at each time instance is protected by a static anonymity scheme. To prevent vertex and community re-identification in a dynamic social network, we develop novel dynamic k^w-structural diversity anonymity, where w is the time that an adversary can monitor a victim. This scheme extends the k-structural diversity anonymity to a dynamic scenario. We present a heuristic method to anonymize the networks to satisfy the proposed privacy scheme. The evaluations on both real and synthetic data sets show that our approach can retain much of the characteristic of the networks while confirming the privacy protection