Privacy-preserving collaboration in an integrated social environment

Privacy and security of data have been a critical concern at the state, organization and individual levels since times immemorial. New and innovative methods for data storage, retrieval and analysis have given rise to greater challenges on these fronts. Online social networks (OSNs) are at the forefront of individual privacy concerns due to their ubiquity, popularity and possession of a large collection of users' personal data. These OSNs use recommender systems along with their integration partners (IPs) for offering an enriching user experience and growth. However, the recommender systems provided by these OSNs inadvertently leak private user information. In this work, we develop solutions targeted at addressing existing, real-world privacy issues for recommender systems that are deployed across multiple OSNs. Specifically, we identify the various ways through which privacy leaks can occur in a friend recommendation system (FRS), and propose a comprehensive solution that integrates both Differential Privacy and Secure Multi-Party Computation (MPC) to provide a holistic privacy guarantee. We model a privacy-preserving similarity computation framework and library named Lucene-P2. It includes the efficient privacy-preserving Latent Semantic Indexing (LSI) extension. OSNs can use the Lucene-P2 framework to evaluate similarity scores for their private inputs without sharing them. Security proofs are provided under semi-honest and malicious adversary models. We analyze the computation and communication complexities of the protocols proposed and empirically test them on real-world datasets. These solutions provide functional efficiency and data utility for practical applications to an extent.Includes bibliographical references

Privacy preserving recommender systems

The recommender systems help users find suitable and interesting products and contents from the huge amount of information that are available in the internet. There are various types of recommender systems available which have been providing recommendation services to users. For example Collaborative Filtering (CF) based recommendations, Content based (CB) recommendations, context aware recommendations and so on. Despite the fact that these recommender systems are very useful to solve the information overload problem by filtering interesting information, they suffer from huge privacy issues. In order to generate user personalized recommendations, the recommendation service providers need to acquire the information related to attributes, preferences, experiences as well as demands, which are related to users' confidential information. Usually the more information available to the service providers, the more accurate recommendations can be generated. However, the service providers are not always trustworthy to share personal information for recommendation purposes since they may cause serious privacy threats to users' privacy by leaking them to other parties or providing false recommendations. Therefore the user information must be protected prior to share them to any third party service provider to ensure the privacy of users. To overcome the privacy issues of recommender systems several techniques have been proposed which can be categorized into decentralization, randomization and secure computations based approaches. In decentralization based approach, the central service providers are removed and the main controls of recommendation services are given to participant users. The main issue with this kind of approach is that to generate recommendations, the users need to be dependant to other users' availability in online services. If any user becomes offline, her information can not be used in the system. The randomization based techniques add noises to users data to obfuscate them from learning the true information. However the main issue is that adding noise affects recommendation accuracy. On the contrary, the secure computations preserve user information while providing accurate recommendations. In this thesis we preserve user privacy by means of encrypting user information, specifically their ratings and other related information using homomorphic encryption based techniques to provide recommendations based on the encrypted data. The main advantage of homomorphic encryption based technique is that it is semantically secure and computationally it is hard to distinguish the true information from the given ciphertext. Using the homomorphic based encryption tools and techniques we build different privacy preserving protocols for different types of recommendation approaches by analyzing their privacy requirements and challenges. More specifically, we focus on different key recommendation techniques and differentiate them into centralized and partitioned dataset based recommendation techniques. From available recommendation techniques, we found that some of the existing and popular recommendation techniques like user based recommendation, item based recommendation and context aware recommendation can be grouped into centralized recommendation approach. In partitioned dataset based recommendation, the user information can be partitioned into different organizations and these organizations can collaborate with each other by gathering sufficient information in order to provide accurate recommendations without revealing their own confidential information. After categorizing the recommendation techniques we analyze the problems and requirements in terms of privacy preservation. Then for each type of recommendation approach, we develop the privacy preserving protocols to generate recommendations taking their specific privacy requirements and challenges into consideration. We also investigate the problems and limitations of existing privacy preserving recommendations and found that the current solutions suffer from huge computation and communication overhead as well as privacy of users. In the thesis we identify the related problems and solve the issues using our proposed privacy preserving protocols. As an overall idea, our proposed recommendation protocols work as follows. The users encrypt their ratings using homomorphic encryption and send them to service providers. We assume the service providers are semi honest but curious, they follow the protocol but at the same time try to find new information from the available data. The service provider has the ability to perform homomorphic operations and it performs certain computations over encrypted data without learning any true information and returns the results to the query users who ask for recommendations. The system models of our privacy preserving protocols for different recommendation techniques differ from each other because of their different privacy requirements. The proposed privacy preserving protocols are tested on various real world datasets. Based on the application areas of different recommendation approaches our gathered datasets are also different such as movie rating, social network, checkin information for different locations and quality of service of web services. For each proposed privacy preserving protocols we also present the privacy analysis and describe how the system can perform the computations without leaking the private information of users. The experimental and privacy analysis of our proposed privacy preserving protocols for different types of recommendation techniques show that they are private as well as practical

PERSONALIZED POINT OF INTEREST RECOMMENDATIONS WITH PRIVACY-PRESERVING TECHNIQUES

Location-based services (LBS) have become increasingly popular, with millions of people using mobile devices to access information about nearby points of interest (POIs). Personalized POI recommender systems have been developed to assist users in discovering and navigating these POIs. However, these systems typically require large amounts of user data, including location history and preferences, to provide personalized recommendations. The collection and use of such data can pose significant privacy concerns. This dissertation proposes a privacy-preserving approach to POI recommendations that address these privacy concerns. The proposed approach uses clustering, tabular generative adversarial networks, and differential privacy to generate synthetic user data, allowing for personalized recommendations without revealing individual user data. Specifically, the approach clusters users based on their fuzzy locations, generates synthetic user data using a tabular generative adversarial network and perturbs user data with differential privacy before it is used for recommendation. The proposed approaches achieve well-balanced trade-offs between accuracy and privacy preservation and can be applied to different recommender systems. The approach is evaluated through extensive experiments on real-world POI datasets, demonstrating that it is effective in providing personalized recommendations while preserving user privacy. The results show that the proposed approach achieves comparable accuracy to traditional POI recommender systems that do not consider privacy while providing significant privacy guarantees for users. The research\u27s contribution is twofold: it compares different methods for synthesizing user data specifically for POI recommender systems and offers a general privacy-preserving framework for different recommender systems. The proposed approach provides a novel solution to the privacy concerns of POI recommender systems, contributes to the development of more trustworthy and user-friendly LBS applications, and can enhance the trust of users in these systems

Privacy-Preserving Crowdsourcing-Based Recommender Systems for E-Commerce & Health Services

En l’actualitat, els sistemes de recomanació han esdevingut un mecanisme fonamental per proporcionar als usuaris informació útil i filtrada, amb l’objectiu d’optimitzar la presa de decisions, com per exemple, en el camp del comerç electrònic. La quantitat de dades existent a Internet és tan extensa que els usuaris necessiten sistemes automàtics per ajudar-los a distingir entre informació valuosa i soroll. No obstant, sistemes de recomanació com el Filtratge Col·laboratiu tenen diverses limitacions, com ara la manca de resposta i la privadesa. Una part important d'aquesta tesi es dedica al desenvolupament de metodologies per fer front a aquestes limitacions. A més de les aportacions anteriors, en aquesta tesi també ens centrem en el procés d'urbanització que s'està produint a tot el món i en la necessitat de crear ciutats més sostenibles i habitables. En aquest context, ens proposem solucions de salut intel·ligent (s-health) i metodologies eficients de caracterització de canals sense fils, per tal de proporcionar assistència sanitària sostenible en el context de les ciutats intel·ligents.En la actualidad, los sistemas de recomendación se han convertido en una herramienta indispensable para proporcionar a los usuarios información útil y filtrada, con el objetivo de optimizar la toma de decisiones en una gran variedad de contextos. La cantidad de datos existente en Internet es tan extensa que los usuarios necesitan sistemas automáticos para ayudarles a distinguir entre información valiosa y ruido. Sin embargo, sistemas de recomendación como el Filtrado Colaborativo tienen varias limitaciones, tales como la falta de respuesta y la privacidad. Una parte importante de esta tesis se dedica al desarrollo de metodologías para hacer frente a esas limitaciones. Además de las aportaciones anteriores, en esta tesis también nos centramos en el proceso de urbanización que está teniendo lugar en todo el mundo y en la necesidad de crear ciudades más sostenibles y habitables. En este contexto, proponemos soluciones de salud inteligente (s-health) y metodologías eficientes de caracterización de canales inalámbricos, con el fin de proporcionar asistencia sanitaria sostenible en el contexto de las ciudades inteligentes.Our society lives an age where the eagerness for information has resulted in problems such as infobesity, especially after the arrival of Web 2.0. In this context, automatic systems such as recommenders are increasing their relevance, since they help to distinguish noise from useful information. However, recommender systems such as Collaborative Filtering have several limitations such as non-response and privacy. An important part of this thesis is devoted to the development of methodologies to cope with these limitations. In addition to the previously stated research topics, in this dissertation we also focus in the worldwide process of urbanisation that is taking place and the need for more sustainable and liveable cities. In this context, we focus on smart health solutions and efficient wireless channel characterisation methodologies, in order to provide sustainable healthcare in the context of smart cities

Web3Recommend: Decentralised recommendations with trust and relevance

Web3Recommend is a decentralized Social Recommender System implementation that enables Web3 Platforms on Android to generate recommendations that balance trust and relevance. Generating recommendations in decentralized networks is a non-trivial problem because these networks lack a global perspective due to the absence of a central authority. Further, decentralized networks are prone to Sybil Attacks in which a single malicious user can generate multiple fake or Sybil identities. Web3Recommend relies on a novel graph-based content recommendation design inspired by GraphJet, a recommendation system used in Twitter enhanced with MeritRank, a decentralized reputation scheme that provides Sybil-resistance to the system. By adding MeritRank's decay parameters to the vanilla Social Recommender Systems' personalized SALSA graph algorithm, we can provide theoretical guarantees against Sybil Attacks in the generated recommendations. Similar to GraphJet, we focus on generating real-time recommendations by only acting on recent interactions in the social network, allowing us to cater temporally contextual recommendations while keeping a tight bound on the memory usage in resource-constrained devices, allowing for a seamless user experience. As a proof-of-concept, we integrate our system with MusicDAO, an open-source Web3 music-sharing platform, to generate personalized, real-time recommendations. Thus, we provide the first Sybil-resistant Social Recommender System, allowing real-time recommendations beyond classic user-based collaborative filtering. The system is also rigorously tested with extensive unit and integration tests. Further, our experiments demonstrate the trust-relevance balance of recommendations against multiple adversarial strategies in a test network generated using data from real music platforms

Privacy-preserving Recommender Systems Facilitated By The Machine Learning Approach

Recommender systems, which play a critical role in e-business services, are closely linked to our daily life. For example, companies such as Youtube and Amazon are always trying to secure their profit by estimating personalized user preferences and recommending the most relevant items (e.g., products, news, etc.) to each user from a large number of candidates. State-of-the-art recommender systems are often built on top of collaborative filtering techniques, of which the accuracy performance relies on precisely modeling user-item interactions by analyzing massive user historical data, such as browsing history, purchasing records, locations and so on. Generally, more data can lead to more accurate estimations and more commercial strategies, as such, service providers have incentives to collect and use more user data. On the one hand, recommender systems bring more income to service providers and more convenience to users; on the other hand, the user data can be abused, arising immediate privacy risks to the public. Therefore, how to preserve privacy while enjoying recommendation services becomes an increasingly important topic to both the research community and commercial practitioners. The privacy concerns can be disparate when constructing recommender systems or providing recommendation services under different scenarios. One scenario is that, a service provider wishes to protect its data privacy from the inference attack, a technique aims to infer more information (e.g., whether a record is in or not) about a database, by analyzing statistical outputs; the other scenario is that, multiple users agree to jointly perform a recommendation task, but none of them is willing to share their private data with any other users. Security primitives, such as homomorphic encryption, secure multiparty computation, and differential privacy, are immediate candidates to address privacy concerns. A typical approach to build efficient and accurate privacy-preserving solutions is to improve the security primitives, and then apply them to existing recommendation algorithms. However, this approach often yields a solution far from the satisfactory-of-practice, as most users have a low tolerance to the latency-increase or accuracy-drop, regarding recommendation services. The PhD program explores machine learning aided approaches to build efficient privacy-preserving solutions for recommender systems. The results of each proposed solution demonstrate that machine learning can be a strong assistant for privacy-preserving, rather than only a troublemaker