Privacy preservation in mobile social networks

In this day and age with the prevalence of smartphones, networking has evolved in an intricate and complex way. With the help of a technology-driven society, the term "social networking" was created and came to mean using media platforms such as Myspace, Facebook, and Twitter to connect and interact with friends, family, or even complete strangers. Websites are created and put online each day, with many of them possessing hidden threats that the average person does not think about. A key feature that was created for vast amount of utility was the use of location-based services, where many websites inform their users that the website will be using the users' locations to enhance the functionality. However, still far too many websites do not inform their users that they may be tracked, or to what degree. In a similar juxtaposed scenario, the evolution of these social networks has allowed countless people to share photos with others online. While this seems harmless at face-value, there may be times in which people share photos of friends or other non-consenting individuals who do not want that picture viewable to anyone at the photo owner's control. There exists a lack of privacy controls for users to precisely de fine how they wish websites to use their location information, and for how others may share images of them online. This dissertation introduces two models that help mitigate these privacy concerns for social network users. MoveWithMe is an Android and iOS application which creates decoys that move locations along with the user in a consistent and semantically secure way. REMIND is the second model that performs rich probability calculations to determine which friends in a social network may pose a risk for privacy breaches when sharing images. Both models have undergone extensive testing to demonstrate their effectiveness and efficiency.Includes bibliographical reference

사진의 메타데이터를 이용한 프라이버시 수준 측정과 온라인 공유 행동 연구

학위논문 (석사)-- 서울대학교 대학원 사회과학대학 언론정보학과, 2017. 8. 이준환.스마트폰 보급이 확산되면서 스마트폰으로 사진을 찍는 사람이 많아졌는데, 누군가가 스마트폰에 저장되어 있는 내 사진을 우연히 보거나 스마트폰 조작 실수로 다른 사진을 온라인에 잘못 공유해 프라이버시를 침해당할 수 있다. 특히 온라인에 공유되는 사진은 누구와 함께 어디에서 무엇을 하고 있는지와 같이 많은 것을 파악할 수 있는 정보를 담고 있기 때문에 사진이 외부로 잘못 유출될 경우 프라이버시 침해는 평소보다 더욱 크게 느껴진다. 따라서 모바일 애플리케이션이 자동으로 스마트폰 갤러리에 있는 사진들의 프라이버시 수준을 측정하고, 프라이버시 수준이 높은 사진은 이용자가 온라인에 공유할 때 프라이버시 수준이 높은 사진임을 한 번 더 확인할 수 있게 해준다면, 사용자 입장에서는 훨씬 편리하고 안전하게 사진을 관리할 수 있을 것이라는 생각에서 이 연구가 시작되었다. 따라서 본 연구에서는 사진의 어떤 요인이 직접적으로 프라이버시 수준을 높게 만드는지, 그리고 온라인 공개를 하지 못하게 만드는지를 밝혔다. 또한 연구용 애플리케이션을 제작하여 실험 참여자 본인의 스마트폰에 저장되어있는 사진으로 실험을 했기 때문에 보다 정확도 높고 신뢰도 있는 연구결과를 도출하였다. 사진 속 인물의 수가 많을수록, 인물의 얼굴 크기가 클수록, 사진에 가족 얼굴, 연인 얼굴, 본인 얼굴이 있으면 프라이버시 수준이 높아지고, 사진을 찍은 시간 역시 프라이버시 수준에 영향을 미치는 것으로 나타났다. 온라인 공개 가능 여부도 프라이버시 수준과 비슷하게 사진 속 인물의 수가 많을수록, 사진 속 인물의 얼굴 크기가 클수록, 그리고 사진 속에 가족의 얼굴이 있거나, 연인의 얼굴이 있거나, 본인의 얼굴이 있으면 온라인 공개를 적게 하는 것으로 나타났다. 또한 오전 3시~9시 그리고 오전 9시~오후 3시에 찍힌 사진은 온라인 공개를 적게 하는 것으로 나타났다. 한 가지 흥미로운 점은 프라이버시 수준이 높으나 온라인 공개 가능하다고 판단한 사진이 몇 장 있었는데, 이러한 사진들은 대부분 무언가를 자랑하기 위한 목적이 많았다. 일반적으로 프라이버시 수준에 따라 온라인 공개 가능 여부가 판단되지만, 특정 몇 개의 사진의 경우 자신을 보여주기 위한 전략적 선택이 적용되어 온라인 공개 가능 여부가 판단되는 것으로 해석된다. 따라서 사진 속에 긍정적인 요인이 있는지를 보기 위해 피사체가 잘 나온 정도나 사진의 전체적인 매력도를 파악할 수 있는 머신러닝(기계학습) 기법을 동원한 추가분석의 가능성을 제시하였다. 또한 본 연구 결과를 토대로 사진의 프라이버시 수준을 판단하여 프라이버시 수준이 높은 사진은 쉽게 유출되지 않도록 보호해주는 기능을 탑재한 애플리케이션 제작이 가능할 것으로 기대된다.1. 문제 제기 1 2. 기존 연구 검토 6 2.1. 프라이버시 개념 6 2.2. 자기 노출과 프라이버시 보호의 전략적 선택 7 2.3. 프라이버시 염려와 보호 행동의 관계 10 2.4. 알고리즘을 이용한 사진 프라이버시 분석 연구 14 2.5. 메타데이터를 이용한 사진 프라이버시 수준 측정 17 2.5.1. 사진 속 인물 분석 20 2.5.2. 사진이 찍힌 장소와 시간 분석 24 2.6. 온라인 사진 공유 행동 26 3. 연구 문제 및 연구 모형 30 4. 사전조사 34 4.1. 조사대상 34 4.2. 변인의 측정 및 분석결과 36 4.3. 사전조사의 의의 및 한계 39 5. 스마트폰 앱을 이용한 실험 40 5.1. 실험 설계 40 5.2. 실험 대상 44 5.3. 주요 개념 정의 및 측정 방법 45 6. 연구 결과 47 6.1. 프라이버시 수준 측정 47 6.2. 온라인 공개 가능 여부 판단 53 6.3. 프라이버시 수준이 높지만 온라인에 공개 가능한 사진의 특징들 59 7. 논의 61 8. 결론 66 참고문헌 70 Abstract 76Maste

Privacy Intelligence: A Survey on Image Sharing on Online Social Networks

Image sharing on online social networks (OSNs) has become an indispensable part of daily social activities, but it has also led to an increased risk of privacy invasion. The recent image leaks from popular OSN services and the abuse of personal photos using advanced algorithms (e.g. DeepFake) have prompted the public to rethink individual privacy needs when sharing images on OSNs. However, OSN image sharing itself is relatively complicated, and systems currently in place to manage privacy in practice are labor-intensive yet fail to provide personalized, accurate and flexible privacy protection. As a result, an more intelligent environment for privacy-friendly OSN image sharing is in demand. To fill the gap, we contribute a systematic survey of 'privacy intelligence' solutions that target modern privacy issues related to OSN image sharing. Specifically, we present a high-level analysis framework based on the entire lifecycle of OSN image sharing to address the various privacy issues and solutions facing this interdisciplinary field. The framework is divided into three main stages: local management, online management and social experience. At each stage, we identify typical sharing-related user behaviors, the privacy issues generated by those behaviors, and review representative intelligent solutions. The resulting analysis describes an intelligent privacy-enhancing chain for closed-loop privacy management. We also discuss the challenges and future directions existing at each stage, as well as in publicly available datasets.Comment: 32 pages, 9 figures. Under revie

Understanding and controlling leakage in machine learning

Machine learning models are being increasingly adopted in a variety of real-world scenarios. However, the privacy and confidentiality implications introduced in these scenarios are not well understood. Towards better understanding such implications, we focus on scenarios involving interactions between numerous parties prior to, during, and after training relevant models. Central to these interactions is sharing information for a purpose e.g., contributing data samples towards a dataset, returning predictions via an API. This thesis takes a step toward understanding and controlling leakage of private information during such interactions. In the first part of the thesis we investigate leakage of private information in visual data and specifically, photos representative of content shared on social networks. There is a long line of work to tackle leakage of personally identifiable information in social photos, especially using face- and body-level visual cues. However, we argue this presents only a narrow perspective as images reveal a wide spectrum of multimodal private information (e.g., disabilities, name-tags). Consequently, we work towards a Visual Privacy Advisor that aims to holistically identify and mitigate private risks when sharing social photos. In the second part, we address leakage during training of ML models. We observe learning algorithms are being increasingly used to train models on rich decentralized datasets e.g., personal data on numerous mobile devices. In such cases, information in the form of high-dimensional model parameter updates are anonymously aggregated from participating individuals. However, we find that the updates encode sufficient identifiable information and allows them to be linked back to participating individuals. We additionally propose methods to mitigate this leakage while maintaining high utility of the updates. In the third part, we discuss leakage of confidential information during inference time of black-box models. In particular, we find models lend themselves to model functionality stealing attacks: an adversary can interact with the black-box model towards creating a replica `knock-off' model that exhibits similar test-set performances. As such attacks pose a severe threat to the intellectual property of the model owner, we also work towards effective defenses. Our defense strategy by introducing bounded and controlled perturbations to predictions can significantly amplify model stealing attackers' error rates. In summary, this thesis advances understanding of privacy leakage when information is shared in raw visual forms, during training of models, and at inference time when deployed as black-boxes. In each of the cases, we further propose techniques to mitigate leakage of information to enable wide-spread adoption of techniques in real-world scenarios.Modelle für maschinelles Lernen werden zunehmend in einer Vielzahl realer Szenarien eingesetzt. Die in diesen Szenarien vorgestellten Auswirkungen auf Datenschutz und Vertraulichkeit wurden jedoch nicht vollständig untersucht. Um solche Implikationen besser zu verstehen, konzentrieren wir uns auf Szenarien, die Interaktionen zwischen mehreren Parteien vor, während und nach dem Training relevanter Modelle beinhalten. Das Teilen von Informationen für einen Zweck, z. B. das Einbringen von Datenproben in einen Datensatz oder die Rückgabe von Vorhersagen über eine API, ist zentral für diese Interaktionen. Diese Arbeit verhilft zu einem besseren Verständnis und zur Kontrolle des Verlusts privater Informationen während solcher Interaktionen. Im ersten Teil dieser Arbeit untersuchen wir den Verlust privater Informationen bei visuellen Daten und insbesondere bei Fotos, die für Inhalte repräsentativ sind, die in sozialen Netzwerken geteilt werden. Es gibt eine lange Reihe von Arbeiten, die das Problem des Verlustes persönlich identifizierbarer Informationen in sozialen Fotos angehen, insbesondere mithilfe visueller Hinweise auf Gesichts- und Körperebene. Wir argumentieren jedoch, dass dies nur eine enge Perspektive darstellt, da Bilder ein breites Spektrum multimodaler privater Informationen (z. B. Behinderungen, Namensschilder) offenbaren. Aus diesem Grund arbeiten wir auf einen Visual Privacy Advisor hin, der darauf abzielt, private Risiken beim Teilen sozialer Fotos ganzheitlich zu identifizieren und zu minimieren. Im zweiten Teil befassen wir uns mit Datenverlusten während des Trainings von ML-Modellen. Wir beobachten, dass zunehmend Lernalgorithmen verwendet werden, um Modelle auf umfangreichen dezentralen Datensätzen zu trainieren, z. B. persönlichen Daten auf zahlreichen Mobilgeräten. In solchen Fällen werden Informationen von teilnehmenden Personen in Form von hochdimensionalen Modellparameteraktualisierungen anonym verbunden. Wir stellen jedoch fest, dass die Aktualisierungen ausreichend identifizierbare Informationen codieren und es ermöglichen, sie mit teilnehmenden Personen zu verknüpfen. Wir schlagen zudem Methoden vor, um diesen Datenverlust zu verringern und gleichzeitig die hohe Nützlichkeit der Aktualisierungen zu erhalten. Im dritten Teil diskutieren wir den Verlust vertraulicher Informationen während der Inferenzzeit von Black-Box-Modellen. Insbesondere finden wir, dass sich Modelle für die Entwicklung von Angriffen, die auf Funktionalitätsdiebstahl abzielen, eignen: Ein Gegner kann mit dem Black-Box-Modell interagieren, um ein Replikat-Knock-Off-Modell zu erstellen, das ähnliche Test-Set-Leistungen aufweist. Da solche Angriffe eine ernsthafte Bedrohung für das geistige Eigentum des Modellbesitzers darstellen, arbeiten wir auch an einer wirksamen Verteidigung. Unsere Verteidigungsstrategie durch die Einführung begrenzter und kontrollierter Störungen in Vorhersagen kann die Fehlerraten von Modelldiebstahlangriffen erheblich verbessern. Zusammenfassend lässt sich sagen, dass diese Arbeit das Verständnis von Datenschutzverlusten beim Informationsaustausch verbessert, sei es bei rohen visuellen Formen, während des Trainings von Modellen oder während der Inferenzzeit von Black-Box-Modellen. In jedem Fall schlagen wir ferner Techniken zur Verringerung des Informationsverlusts vor, um eine weit verbreitete Anwendung von Techniken in realen Szenarien zu ermöglichen.Max Planck Institute for Informatic

Personalized privacy-aware image classification

Conference of 6th ACM International Conference on Multimedia Retrieval, ICMR 2016 ; Conference Date: 6 June 2016 Through 9 June 2016; Conference Code:122023International audienceInformation sharing in online social networks is a daily practice for billions of users. The sharing process facilitates the maintenance of users' social ties but also entails privacy disclosure in relation to other users and third parties. Depending on the intentions of the latter, this disclosure can become a risk. It is thus important to propose tools that empower the users in their relations to social networks and third parties connected to them. As part of USEMP, a coordinated research effort aimed at user empowerment, we introduce a system that performs privacy-aware classification of images. We show that generic privacy models perform badly with real-life datasets in which images are contributed by individuals because they ignore the subjective nature of privacy. Motivated by this, we develop personalized privacy classification models that, utilizing small amounts of user feedback, provide significantly better performance than generic models. The proposed semi-personalized models lead to performance improvements for the best generic model ranging from 4%, when 5 user-specific examples are provided, to 18% with 35 examples. Furthermore, by using a semantic representation space for these models we manage to provide intuitive explanations of their decisions and to gain novel insights with respect to individuals' privacy concerns stemming from image sharing. We hope that the results reported here will motivate other researchers and practitioners to propose new methods of exploiting user feedback and of explaining privacy classifications to users