Sharing Social Networks Using a Novel Differentially Private Graph Model

Online social networks (OSNs) often contain sensitive information about individuals. Therefore, anonymizing social network data before releasing it becomes an important issue. Recent research introduces several graph abstraction models to extract graph features and add sufficient noise to achieve differential privacy.In this paper, we design and analyze a comprehensive differentially private graph model that combines the dK-1, dK-2, and dK-3 series together. The dK-1 series stores the degree frequency, the dK-2 series adds the joint degree frequency, and the dK-3 series contains the linking information between edges. In our scheme, low dimensional data makes the regeneration process more executable and effective, while high dimensional data preserves additional utility of the graph. As the higher dimensional model is more sensitive to the noise, we carefully design the executing sequence. The final released graph increases the graph utility under differential privacy

Studying the Utility Preservation in Social Network Anonymization via Persistent Homology

Following the trend of preserving privacy in online-social-network publishing, various anonymization mechanisms have been designed and applied. Differential privacy is an approach that guarantees the privacy level. Many existing mechanisms claim that they can also preserve the utility very well during anonymization. However, their utility analysis is always based on some specifically chosen metrics. While the existing metrics only partially present the graph utility, this paper aims to find a novel approach that describes the network in multiple scales. Persistent homology is a high-level metric, in that it reveals the parameterized topological features with various scales, and it is applicable for real-world applications. In this paper, four differential privacy mechanisms with different abstraction models are analyzed with traditional graph metrics and with persistent homology. The evaluation results demonstrate that all algorithms can partially or conditionally preserve certain graph utilities, but none of them are suitable for all metrics. Furthermore, none of the existing mechanisms fully preserves persistent homology, especially in high dimensions, which implies that the true graph utility is lost

PHDP: Preserving Persistent Homology in Differentially Private Graph Publications

Online social networks (OSNs) routinely share and analyze user data. This requires protection of sensitive user information. Researchers have proposed several techniques to anonymize the data of OSNs. Some differential-privacy techniques claim to preserve graph utility under certain graph metrics, as well as guarantee strict privacy. However, each graph utility metric reveals the whole graph in specific aspects.We employ persistent homology to give a comprehensive description of the graph utility in OSNs. This paper proposes a novel anonymization scheme, called PHDP, which preserves persistent homology and satisfies differential privacy. To strengthen privacy protection, we add exponential noise to the adjacency matrix of the network and find the number of adding/deleting edges. To maintain persistent homology, we collect edges along persistent structures and avoid perturbation on these edges. Our regeneration algorithms balance persistent homology with differential privacy, publishing an anonymized graph with a guarantee of both. Evaluation result show that the PHDP-anonymized graph achieves high graph utility, both in graph metrics and application metrics

Efficient Content Delivery via Interest Queueing

Content sharing is an approach to relieve the congestion of cellular networks with alternative communication technologies such as the Wi-Fi and bluetooth. Through a Content Delivery Network (CDN), only a small portion of users need to download the data directly. Other users obtain packets from these users through short-range communications. However, the uncertainty of movement of mobile users challenges the effectiveness of CDNs. Unlike previous CDN solutions, in this paper, we present a novel scheme that studies the probabilistic meeting of users. When the accessibility to the cellular network is limited, we apply the queueing theory to guide the downloading or waiting strategies of users. In this system, the users who hold the content become seeds in the CDN and benefit their neighbors. Therefore we also consider the seed growing performance in the strategy. The purpose of our scheme is to let every user efficiently obtain their target content with restricted cellular data. The evaluation results show that our scheme gains significant satisfaction throughput improvements compared to the performance of basic downloading strategies

Obfuscating Function Call Topography to Test Structural Malware Detection against Evasion Attacks

The incredible popularity of the Android mobile operating system has resulted in a massive influx of malicious applications for the platform. This malware can come from a number of sources as Google allows the installation of Android App Packages (APKs) from third parties. Even within its own Google Play storefront, however, malicious software can be found. One type of approach to identify malware focuses on the structural properties of the function call graphs (FCGs) extracted from APKs. The aim of this research work is to test the robustness of one example method in this category, named the ACTS (App topologiCal signature through graphleT Sampling) method. By extracting graphlet statistics from a FCG, the ACTS approach is able to efficiently differentiate between benign app samples and malware with good accuracy. In this work, we obfuscate the FCG of malware in several ways, and test the ACTs method against these evasion attacks. The statistical results of running ACTS against unmodified real malware samples is compared with the results of ACTS running against obfuscated versions of those same apps

De-Anonymization of Dynamic Online Social Networks via Persistent Structures

Service providers of Online Social Networks (OSNs) periodically publish anonymized OSN data, which creates an opportunity for adversaries to de-anonymize the data and identify target users. Most commonly, these adversaries use de-anonymization mechanisms that focus on static graphs. Some mechanisms separate dynamic OSN data into slices of static graphs, in order to apply a traditional de-anonymization attack. However, these mechanisms do not account for the evolution of OSNs, which limits their attack performance. In this paper, we provide a novel angle, persistent homology, to capture the evolution of OSNs. Persistent homology barcodes show the birth time and death time of holes, i.e., polygons, in OSN graphs. After extracting the evolution of holes, we apply a two-phase de-anonymization attack. First, holes are mapped together according to the similarity of birth/death time. Second, already mapped holes are converted into super nodes and we view them as seed nodes. We then grow the mapping based on these seed nodes. Our de-anonymization mechanism is extremely compatible to the adversaries who suffer latency in relationship collection, which is very similar to real-world cases

Android Malware Detection via Graphlet Sampling

Android systems are widely used in mobile & wireless distributed systems. In the near future, Android is believed to dominate the mobile distributed environment. However, with the popularity of Android-based smartphones/tablets comes the rampancy of Android-based malware. In this paper, we propose a novel topological signature of Android apps based on the function call graphs (FCGs) extracted from their Android App PacKages (APKs). Specifically, by leveraging recent advances on graphlet mining, the proposed method fully captures the invocator-invocatee relationship at local neighborhoods in an FCG without exponentially inflating the state space. Using real benign app and malware samples, we demonstrate that our method, ACTS (App topologiCal signature through graphleT Sampling), can detect malware and identify malware families robustly and efficiently. More importantly, we demonstrate that, without augmenting the FCG with any semantic features such as bytecode-based vertex typing, local topological information captured by ACTS alone can achieve a high malware detection accuracy. Since ACTS only uses structural features, which are orthogonal to semantic features, it is expected that combining them would give a greater improvement in malware detection accuracy than combining non-orthogonal semantic features

ACTS: Extracting Android App Topological Signature through Graphlet Sampling

Android systems are widely used in mobile & wireless distributed systems. In the near future, Android is believed to dominate the mobile distributed environment. However, with the popularity of Android-based smartphones/tablets comes the rampancy of Android-based malware. In this paper, we propose a novel topological signature of Android apps based on the function call graphs (FCGs) extracted from their Android App Packages (APKs). Specifically, by leveraging recent advances in graphlet sampling, the proposed method fully captures the invocator-invocatee relationship at local neighborhoods in an FCG without exponentially inflating the state space. Using real benign app and malware samples, we demonstrate that our method, ACTS (App topologiCal signature through graphleT Sampling), can detect malware and identify malware families robustly and efficiently. More importantly, we demonstrate that, without augmenting the FCG with any semantic features such as bytecode-based vertex typing, local topological information captured by ACTS alone can achieve a high malware detection accuracy. Since ACTS only uses structural features, which are orthogonal to semantic features, it is expected that combining them would give a greater improvement in malware detection accuracy than combining non-orthogonal semantic features

Multi-Armed-Bandit-based Shilling Attack on Collaborative Filtering Recommender Systems

Collaborative Filtering (CF) is a popular recommendation system that makes recommendations based on similar users' preferences. Though it is widely used, CF is prone to Shilling/Profile Injection attacks, where fake profiles are injected into the CF system to alter its outcome. Most of the existing shilling attacks do not work on online systems and cannot be efficiently implemented in real-world applications. In this paper, we introduce an efficient Multi-Armed-Bandit-based reinforcement learning method to practically execute online shilling attacks. Our method works by reducing the uncertainty associated with the item selection process and finds the most optimal items to enhance attack reach. Such practical online attacks open new avenues for research in building more robust recommender systems. We treat the recommender system as a black box, making our method effective irrespective of the type of CF used. Finally, we also experimentally test our approach against popular state-of-the-art shilling attacks

Understanding Shilling Attacks and Their Detection Traits: A Comprehensive Survey

The internet is the home for huge volumes of useful data that is constantly being created making it difficult for users to find information relevant to them. Recommendation System is a special type of information filtering system adapted by online vendors to provide recommendations to their customers based on their requirements. Collaborative filtering is one of the most widely used recommendation systems; unfortunately, it is prone to shilling/profile injection attacks. Such attacks alter the recommendation process to promote or demote a particular product. Over the years, multiple attack models and detection techniques have been developed to mitigate the problem. This paper aims to be a comprehensive survey of the shilling attack models, detection attributes, and detection algorithms. Additionally, we unravel and classify the intrinsic traits of the injected profiles that are exploited by the detection algorithms, which has not been explored in previous works. We also briefly discuss recent works in the development of robust algorithms that alleviate the impact of shilling attacks, attacks on multi-criteria systems, and intrinsic feedback based collaborative filtering methods