Prediction, evolution and privacy in social and affiliation networks

In the last few years, there has been a growing interest in studying online social and affiliation networks, leading to a new category of inference problems that consider the actor characteristics and their social environments. These problems have a variety of applications, from creating more effective marketing campaigns to designing better personalized services. Predictive statistical models allow learning hidden information automatically in these networks but also bring many privacy concerns. Three of the main challenges that I address in my thesis are understanding 1) how the complex observed and unobserved relationships among actors can help in building better behavior models, and in designing more accurate predictive algorithms, 2) what are the processes that drive the network growth and link formation, and 3) what are the implications of predictive algorithms to the privacy of users who share content online. The majority of previous work in prediction, evolution and privacy in online social networks has concentrated on the single-mode networks which form around user-user links, such as friendship and email communication. However, single-mode networks often co-exist with two-mode affiliation networks in which users are linked to other entities, such as social groups, online content and events. We study the interplay between these two types of networks and show that analyzing these higher-order interactions can reveal dependencies that are difficult to extract from the pair-wise interactions alone. In particular, we present our contributions to the challenging problems of collective classification, link prediction, network evolution, anonymization and preserving privacy in social and affiliation networks. We evaluate our models on real-world data sets from well-known online social networks, such as Flickr, Facebook, Dogster and LiveJournal

I Agree to the Following Terms and Conditions, a Privacy Discussion

Privacy is one of the core values of librarianship. Along with confidentiality, it is instrumental in upholding principles of the Library Bill of Rights, particularly freedom of expression and free access to ideas. However, there are many threats to privacy, especially in the online world. Consumers are continuously generating data for companies, often with very few opportunities to opt out, and with very little understanding of how that data is collected and used. This presentation will examine privacy problems in the digital world, consider the value of privacy to both individuals and a democratic society, and serve as a forum for solutions. Librarians\u27 relationships with other departments and expertise as information professionals place us in a strong position to be leaders for our campus communities in raising awareness of privacy issues and offering practical solutions. However, it can be a challenge to find the right opportunities. Although learning to manage online privacy is an important part of information literacy, it is often left out of instruction sessions. As such, we need to find other ways to encourage students to take control of their personal privacy. In this session attendees will be encouraged to share ideas and participate in discussion. We will discuss strategies, and hear from colleagues about policies or programs they have implemented in their own institutions. The ideas we generate will be collected and made available after the presentation

Securing Heterogeneous Privacy Protection in Social Network Records based Encryption Scheme

This survey places of interest the major issues concerning privacy and security in online social networks. Firstly, we discuss investigate that aims to protect user data from the an assortment of attack vantage points together with other users, advertisers, third party request developers, and the online social arrangement provider itself. Next we cover social network supposition of user attributes, locate hubs, and link prediction. Because online social networks are so saturated with sensitive information, network inference plays a major privacy role. Social Networking sites go upwards since of all these reasons. In recent years indicates that for many people they are now the mainstream communication knowledge. Social networking sites come under few of the most frequently browsed categories websites in the world. Nevertheless Social Networking sites are also vulnerable to various problems threats and attacks such as revelation of information, identity thefts etc. Privacy practice in social networking sites often appear convoluted as in sequence sharing stands in discord with the need to reduce disclosure-related abuses. Facebook is one such most popular and widely used Social Networking sites which have its own healthy set of Privacy policy

Graph Generative Model for Benchmarking Graph Neural Networks

As the field of Graph Neural Networks (GNN) continues to grow, it experiences a corresponding increase in the need for large, real-world datasets to train and test new GNN models on challenging, realistic problems. Unfortunately, such graph datasets are often generated from online, highly privacy-restricted ecosystems, which makes research and development on these datasets hard, if not impossible. This greatly reduces the amount of benchmark graphs available to researchers, causing the field to rely only on a handful of publicly-available datasets. To address this problem, we introduce a novel graph generative model, Computation Graph Transformer (CGT) that learns and reproduces the distribution of real-world graphs in a privacy-controlled way. More specifically, CGT (1) generates effective benchmark graphs on which GNNs show similar task performance as on the source graphs, (2) scales to process large-scale graphs, (3) incorporates off-the-shelf privacy modules to guarantee end-user privacy of the generated graph. Extensive experiments across a vast body of graph generative models show that only our model can successfully generate privacy-controlled, synthetic substitutes of large-scale real-world graphs that can be effectively used to benchmark GNN models

A Network-Economic Policy Study of Identity Management Systems and Implications for Security and Privacy Policy

Solving the problems associated with identity management in the “virtual” world is proving to be one of the keys to full realization of the economic and social benefits of networked information systems. By definition, the virtual world lacks the rich combination of sensory and contextual cues that permit organizations and individual humans interacting in the physical world to reliably identify people and authorize them to engage in certain transactions or access specific resources. Being able to determine who an online user is and what they are authorized to do thus requires an identity management infrastructure. Some of the most vexing problems associated with the Internet (the deluge of spam, the need to regulate access to certain kinds of content, securing networks from intrusion and disruption, problems of inter-jurisdictional law enforcement related to online activities, impediments to the sharing of distributed computing resources) are fundamentally the problems of identity management. And yet, efforts by organizations and governments to solve those problems by producing and consuming identity systems may create serious risks to freedom and privacy. Thus the implementation and maintenance of identity management systems raises important public policy issues. The identity management systems (the IMS-s) often tend to require more information from the consumers than would otherwise be necessary for the authentication purposes. The typical choice being analyzed in IMS is the one between a completely centralized or integrated system (one ID - one password, and a single sign-on) and the one comprising a plethora of (highly) specialized IMS-s (multiple ID-s and passwords). While the centralized system is the most convenient one, it is also likely to require too much personal information about the users, which may infringe on their rights to privacy and which definitely will result in serious damage should this personal information be stolen and/or abused. When more than two IMS-s interconnect (more of a practical side with various types of commercial values), they share the private information with each other, thus increasing consumers’ exposure to possible information misuse. It is thus rather obvious that the public policy plays an important role to maintain the structure of identity management systems ensuring the existence of a sound balance between the authentication requirements and consumers’ rights to privacy. The focus of this paper is on investigating this type of tradeoff by employing a theoretical framework with agents whose utility depends on the amount of private information revealed, and on making policy recommendations related to the issue of interconnection between alternative IMS-s. Our model derives optimal process of interconnection between IMS-s in the simple case of three IMS-s, then generalizing it to the case of more than three firms. The socially optimal outcome of the interconnection process in our model implies encouraging the interconnection between smaller rather than larger IMS-s.Networks; Interconnection; Identity Management; Regulation Policy

Data-Driven and Game-Theoretic Approaches for Privacy

abstract: In the past few decades, there has been a remarkable shift in the boundary between public and private information. The application of information technology and electronic communications allow service providers (businesses) to collect a large amount of data. However, this ``data collection" process can put the privacy of users at risk and also lead to user reluctance in accepting services or sharing data. This dissertation first investigates privacy sensitive consumer-retailers/service providers interactions under different scenarios, and then focuses on a unified framework for various information-theoretic privacy and privacy mechanisms that can be learned directly from data. Existing approaches such as differential privacy or information-theoretic privacy try to quantify privacy risk but do not capture the subjective experience and heterogeneous expression of privacy-sensitivity. The first part of this dissertation introduces models to study consumer-retailer interaction problems and to better understand how retailers/service providers can balance their revenue objectives while being sensitive to user privacy concerns. This dissertation considers the following three scenarios: (i) the consumer-retailer interaction via personalized advertisements; (ii) incentive mechanisms that electrical utility providers need to offer for privacy sensitive consumers with alternative energy sources; (iii) the market viability of offering privacy guaranteed free online services. We use game-theoretic models to capture the behaviors of both consumers and retailers, and provide insights for retailers to maximize their profits when interacting with privacy sensitive consumers. Preserving the utility of published datasets while simultaneously providing provable privacy guarantees is a well-known challenge. In the second part, a novel context-aware privacy framework called generative adversarial privacy (GAP) is introduced. Inspired by recent advancements in generative adversarial networks, GAP allows the data holder to learn the privatization mechanism directly from the data. Under GAP, finding the optimal privacy mechanism is formulated as a constrained minimax game between a privatizer and an adversary. For appropriately chosen adversarial loss functions, GAP provides privacy guarantees against strong information-theoretic adversaries. Both synthetic and real-world datasets are used to show that GAP can greatly reduce the adversary's capability of inferring private information at a small cost of distorting the data.Dissertation/ThesisDoctoral Dissertation Electrical Engineering 201

B^2SFL: A Bi-level Blockchained Architecture for Secure Federated Learning-based Traffic Prediction

Federated Learning (FL) is a privacy-preserving machine learning (ML) technology that enables collaborative training and learning of a global ML model based on aggregating distributed local model updates. However, security and privacy guarantees could be compromised due to malicious participants and the centralized FL server. This article proposed a bi-level blockchained architecture for secure federated learning-based traffic prediction. The bottom and top layer blockchain store the local model and global aggregated parameters accordingly, and the distributed homomorphic-encrypted federated averaging (DHFA) scheme addresses the secure computation problems. We propose the partial private key distribution protocol and a partially homomorphic encryption/decryption scheme to achieve the distributed privacy-preserving federated averaging model. We conduct extensive experiments to measure the running time of DHFA operations, quantify the read and write performance of the blockchain network, and elucidate the impacts of varying regional group sizes and model complexities on the resulting prediction accuracy for the online traffic flow prediction task. The results indicate that the proposed system can facilitate secure and decentralized federated learning for real-world traffic prediction tasks.Comment: Paper accepted for publication in IEEE Transactions on Services Computing (TSC

Planning for the Future of Cyber Attack Attribution : Hearing Before the H. Subcomm. on Technology and Innovation of the H. Comm. on Science and Technology, 111th Cong., July 15, 2010 (Statement by Adjunct Professor Marc Rotenberg, Geo. U. L. Center)

Steve Bellovin, another security expert, noted recently that one of risks of the new White House plan for cyber security is that it places too much emphasis on attribution. As Dr. Bellovin explains: The fundamental premise of the proposed strategy is that our serious Internet security problems are due to lack of sufficient authentication. That is demonstrably false. The biggest problem was and is buggy code. All the authentication in the world won\u27t stop a bad guy who goes around the authentication system, either by finding bugs exploitable before authentication is performed, finding bugs in the authentication system itself, or by hijacking your system and abusing the authenticated connection set up by the legitimate user. While I believe the White House, the Cyber Security Advisor, and the various participants in the drafting process have made an important effort to address privacy and security interests, I share Professor Bellovin’s concern that too much emphasis has been placed on promoting identification. I also believe that online identification, promoted by government, will be used for purposes unrelated to cyber security and could ultimately chill political speech and limit the growth of the Internet. Greater public participation in the development of this policy as well as a formal rulemaking on the White House proposal could help address these concerns

Legislation for Effective Self-Regulation: A New Approach to Protecting Personal Privacy on the Internet

How can we best reap the benefits of online profiling while avoiding the privacy pitfalls plaguing the e-commerce community? Experts advocate legislation, civil litigation, or self-regulation to provide the ideal solution. Analyzing these proposals reveals a conflict between two basic principles: the need to preserve personal privacy and the desire to foster a thriving Internet-based industry. This Note argues that each approach tends to favor one principle at the expense of the other. This Note also proposes a new solution which creates incentives for effective self-regulation backed with legal enforcement. This scheme strikes an appropriate balance between privacy and e-commerce principles and brings a flexible standard to address future innovation. Tracking a user\u27s Internet activity seems intrusive because companies can exploit intimate information. For example, Sir Tim Berners-Lee, inventor of the World Wide Web, worries that searching for books on cancer could result in increased health insurance premiums because companies can track consumers\u27 online activity and then sell this information to the insurance industry. This apprehension will only increase as technology enables greater data collection and more accurate profiling. For instance, breakthroughs in deep packet inspection have opened the door to surveillance by Internet Service Providers (ISPs), which can now track everything a user does online. Advanced processing power then swiftly sorts this data into individually tailored profiles to be used or sold at the ISP\u27s will. At the same time, online profiling brings users considerable prosperity. Credit reporting is cited as one of the best benefits of information sharing, saving consumers as much as $80 billion a year on mortgage loans because of the liquidity that credit bureau information makes possible. Online profiling also creates more advertising opportunities which then fund much of the content users currently access for free. The dilemma posed by online profiling is further discussed in Part I of this Note, which concludes that the optimal solution to the profiling problem must prevent privacy harms without smothering e-commerce. Part II then evaluates solutions which create a private cause of action and determines that using civil litigation to balance these interests is less than ideal. Part I examines existing self-regulatory efforts and legislative options. While self-regulation and legislation offer important advantages, each solution, by itself, suffers from considerable defects that render a single policy tool unlikely to satisfactorily resolve the profiling dilemma. Meanwhile, a frenzy of political action over ISP surveillance suggests that privacy problems are pressing enough to create broad support for legislation. Part IV proposes a solution to the profiling problem--a modified legislative approach which incorporates aspects of self-regulation. It then argues that this solution is ideal because it capitalizes on existing political momentum to create flexible and functioning standards that will increase personal privacy and nurture e-commerce