Optimal Active Social Network De-anonymization Using Information Thresholds

In this paper, de-anonymizing internet users by actively querying their group memberships in social networks is considered. In this problem, an anonymous victim visits the attacker's website, and the attacker uses the victim's browser history to query her social media activity for the purpose of de-anonymization using the minimum number of queries. A stochastic model of the problem is considered where the attacker has partial prior knowledge of the group membership graph and receives noisy responses to its real-time queries. The victim's identity is assumed to be chosen randomly based on a given distribution which models the users' risk of visiting the malicious website. A de-anonymization algorithm is proposed which operates based on information thresholds and its performance both in the finite and asymptotically large social network regimes is analyzed. Furthermore, a converse result is provided which proves the optimality of the proposed attack strategy

Context-based Pseudonym Changing Scheme for Vehicular Adhoc Networks

Vehicular adhoc networks allow vehicles to share their information for safety and traffic efficiency. However, sharing information may threaten the driver privacy because it includes spatiotemporal information and is broadcast publicly and periodically. In this paper, we propose a context-adaptive pseudonym changing scheme which lets a vehicle decide autonomously when to change its pseudonym and how long it should remain silent to ensure unlinkability. This scheme adapts dynamically based on the density of the surrounding traffic and the user privacy preferences. We employ a multi-target tracking algorithm to measure privacy in terms of traceability in realistic vehicle traces. We use Monte Carlo analysis to estimate the quality of service (QoS) of a forward collision warning application when vehicles apply this scheme. According to the experimental results, the proposed scheme provides a better compromise between traceability and QoS than a random silent period scheme.Comment: Extended version of a previous paper "K. Emara, W. Woerndl, and J. Schlichter, "Poster: Context-Adaptive User-Centric Privacy Scheme for VANET," in Proceedings of the 11th EAI International Conference on Security and Privacy in Communication Networks, SecureComm'15. Dallas, TX, USA: Springer, June 2015.

An Automated Social Graph De-anonymization Technique

We present a generic and automated approach to re-identifying nodes in anonymized social networks which enables novel anonymization techniques to be quickly evaluated. It uses machine learning (decision forests) to matching pairs of nodes in disparate anonymized sub-graphs. The technique uncovers artefacts and invariants of any black-box anonymization scheme from a small set of examples. Despite a high degree of automation, classification succeeds with significant true positive rates even when small false positive rates are sought. Our evaluation uses publicly available real world datasets to study the performance of our approach against real-world anonymization strategies, namely the schemes used to protect datasets of The Data for Development (D4D) Challenge. We show that the technique is effective even when only small numbers of samples are used for training. Further, since it detects weaknesses in the black-box anonymization scheme it can re-identify nodes in one social network when trained on another.Comment: 12 page

Privacy Preserving Data Publishing

Recent years have witnessed increasing interest among researchers in protecting individual privacy in the big data era, involving social media, genomics, and Internet of Things. Recent studies have revealed numerous privacy threats and privacy protection methodologies, that vary across a broad range of applications. To date, however, there exists no powerful methodologies in addressing challenges from: high-dimension data, high-correlation data and powerful attackers. In this dissertation, two critical problems will be investigated: the prospects and some challenges for elucidating the attack capabilities of attackers in mining individuals’ private information; and methodologies that can be used to protect against such inference attacks, while guaranteeing significant data utility. First, this dissertation has proposed a series of works regarding inference attacks laying emphasis on protecting against powerful adversaries with auxiliary information. In the context of genomic data, data dimensions and computation feasibility is highly challenging in conducting data analysis. This dissertation proved that the proposed attack can effectively infer the values of the unknown SNPs and traits in linear complexity, which dramatically improve the computation cost compared with traditional methods with exponential computation cost. Second, putting differential privacy guarantee into high-dimension and high-correlation data remains a challenging problem, due to high-sensitivity, output scalability and signal-to-noise ratio. Consider there are tens-of-millions of genomes in a human DNA, it is infeasible for traditional methods to introduce noise to sanitize genomic data. This dissertation has proposed a series of works and demonstrated that the proposed differentially private method satisfies differential privacy; moreover, data utility is improved compared with the states of the arts by largely lowering data sensitivity. Third, putting privacy guarantee into social data publishing remains a challenging problem, due to tradeoff requirements between data privacy and utility. This dissertation has proposed a series of works and demonstrated that the proposed methods can effectively realize privacy-utility tradeoff in data publishing. Finally, two future research topics are proposed. The first topic is about Privacy Preserving Data Collection and Processing for Internet of Things. The second topic is to study Privacy Preserving Big Data Aggregation. They are motivated by the newly proposed data mining, artificial intelligence and cybersecurity methods

Economic essays on privacy, big data, and climate change

This doctoral thesis aims to advance our understanding of major topics of concern in the 21st century using theoretical as well as empirical economic methodologies. All three topics do and will continue to affect people’s lives as they can substantially shape the functioning of our societies. Thematically linked, Chapter 2 and 3 both focus on privacy choices and their consequences in the context of big data algorithms that target individual consumers. In contrast, Chapter 3 and 4 are linked methodologically as both present results from economic laboratory experiments, where the former focuses on cognitive challenges of individual decision-makers and the latter on challenges to coordination and cooperation between decision-makers. Chapter 2 presents results from a theoretical model where consumers face a monopolistic seller who is not only capable of perfect price discrimination but also more strategically sophisticated than the consumers. The model shows that consumers use a costly privacy-protective sales channel even in the absence of an explicit taste for privacy if they are not too strategically sophisticated. Chapter 3 presents results from an economic laboratory experiment related to the model developed before. Finding substantial deviations from Nash equilibrium predictions. Addressing cognitive constraints often present in privacy choices, some evidence for two alternative explanations is found: level-k thinking and reinforcement learning. A policy treatment resembling privacy-by-default mechanisms leads to a strong increase in hiding behavior. Chapter 4 presents results from an economic laboratory experiment of a dynamic resource extraction game that mimics the global multi-generation planning problem for climate change and fossil fuel extraction. The findings from this experiment suggest that successful cooperation does not only need to overcome a gap between individual incentives and public interests. There is also a fundamental heterogeneity between subjects with respect to beliefs and preferences about the way in which this should be achieved