Privacy-preserving mechanism for social network data publishing

 Privacy is receiving growing concern from various parties especially consumers due to the simplification of the collection and distribution of personal data. This research focuses on preserving privacy in social network data publishing. The study explores the data anonymization mechanism in order to improve privacy protection of social network users. We identified new type of privacy breach and has proposed an effective mechanism for privacy protection

Privacy preserving social network data publication

The introduction of online social networks (OSN) has transformed the way people connect and interact with each other as well as share information. OSN have led to a tremendous explosion of network-centric data that could be harvested for better understanding of interesting phenomena such as sociological and behavioural aspects of individuals or groups. As a result, online social network service operators are compelled to publish the social network data for use by third party consumers such as researchers and advertisers. As social network data publication is vulnerable to a wide variety of reidentification and disclosure attacks, developing privacy preserving mechanisms are an active research area. This paper presents a comprehensive survey of the recent developments in social networks data publishing privacy risks, attacks, and privacy-preserving techniques. We survey and present various types of privacy attacks and information exploited by adversaries to perpetrate privacy attacks on anonymized social network data. We present an in-depth survey of the state-of-the-art privacy preserving techniques for social network data publishing, metrics for quantifying the anonymity level provided, and information loss as well as challenges and new research directions. The survey helps readers understand the threats, various privacy preserving mechanisms, and their vulnerabilities to privacy breach attacks in social network data publishing as well as observe common themes and future directions

Performance and divisional trust and purpose-based access control for privacy preservation

Privacy has been recognized to be a critical requirement in computing environments. To keep the privacy safe from inappropriate use, one of the most popular methods that can be used is the access control. Currently, many augmentation of access control models has been developed to improve the effectiveness in preserving the privacy. However, there are still issues that need improvements. In current Purpose-Based Access Control (PBAC) Models, all authorized users in the domain are allowed to access the personal information especially sensitive attributes equally. It may cause the risk of privacy disclosure by ‘limited-authorized’ user, i.e., legitimate user but untrusted and unauthorized to access certain personal information with sensitive attributes. In this study a finer-grained access control called performance and divisional trust and purpose-based access control is proposed to prevent limited-authorized user access to the privacy. Based on organizational structure (functional departmentalization) current PBAC Models permit authorized user in the functional level to access the personal information. This model can be set at the next level after the functional level, i.e., the divisional level to access it. Subsequently, a comprehensive policy is proposed to permit user to access sensitive attributes based on two trust metrics namely user experience and behaviour. To evaluate the trustworthiness of the authorized user, a quantification method is proposed to measure those metrics. Based on the results, this model may significantly permit or prohibit access to personal information or with sensitive attributes. Besides, the issue of privacy disclosure by limited-authorized user to access certain privacy is resolved

A requirement engineering model for big data software

Most prevailing software engineering methodologies assume that software systems are developed from scratch to capture business data and subsequently generate reports. Nowadays, massive data may exist even before software systems are developed. These data may also be freely available on Internet or may present in silos in organizations. The advancement in artificial intelligence and computing power has also prompted the need for big data analytics to unleash more business values to support evidence-based decisions. Some business values are less evident than others, especially when data are analyzed in silos. These values could be potentially unleashed and augmented from the insights discovered by data scientists through data mining process. Data mining may involve overlaying and merging data from different sources to extract data patterns. Ideally, these values should be eventually incorporated into the information systems to be. To realize this, we propose that software engineers ought to elicit software requirements together with data scientists. However, in the traditional software engineering process, such collaboration and business values are usually neglected. In this paper, we present a new requirement engineering model that allows software engineers and data scientists to discover these values hand in hand as part of software requirement process. We also demonstrate how the proposed requirement model captures and expresses business values that unleashed through big data analytics using an adapted use case diagram

Character property method for Arabic text steganography with biometric multifactor authentication using liveness detection

Arabic text steganography (ATS) offers a potential opportunity in hiding secret information in characters and features. The combination with any other security sub discipline such as cryptography usually will enhance its level of security. However, it is limited in its ability to optimize embedded data capacity with a high perceptual transparency level that will also not raise suspicion when written. Besides that, other concerns are active attacks by intruders which are a crucial security issue in the transmission of the shared secret key that enables the receiver to extract the secret information. Also, such attacks can be affected through a fake identity that allows the receiver to modify the secret information thus degrading its integrity. To overcome these drawbacks, we propose a hybrid ATS with biometric multi factor authentication (BMA), which uses liveness detection using fingerprints and heartbeat sensors as the authentication factors. We propose a new ATS method, the Character Property method (CPM) which uses the basic properties of the Arabic Text such as dots, calligraphy typographical proportions, and sharp-edges to hide the secret message using a table index mapping technique to optimize data capacity with high perceptual transparency to avert suspicion. The results for the biometric authentication showed that the proposed method correctly authenticates users, having a false rejection rate of only 4%, and a 0% false acceptance rate. As for liveness detection, the results were significant where the proposed method correctly detected live subjects compared to a fingerprint only biometric authentication approach, which had a high acceptance of fake inputs. BMA was implemented through a custom Arduino smartwatch with a fingerprint and heartbeat sensor as a ‘proof-of-concept’ device which increased the capacity in hiding the secret message up to 23.5% compared to the previous methods. Given our Arabic Character Properties method (CPM) did not affect the stego-text appearance, its 1.0 Jaro Similarity score was compared to the other methods proving high transparency of the stego-text, in addition to higher security regarding user authentication using BMA with liveness detection

Preserving utility in social network graph anonymization

To protect from privacy disclosure, the social network graph is modified in order to hide the information that potentially be used to disclose person\u27s identity. However, when the social network graph is changed, it is a great challenge to balance between the privacy gained and the loss of data utility. In this paper, we address this problem. We propose a new graph topological-based metric to improve utility preservation in social network graph anonymization. We compare the proposed approach with the amount-of-edge-change metric that popularly used in most of previous works. Experimental evaluation shows that our approach generates anonymized social network with improved utility preservation

Attack vector analysis and privacy-preserving social network data publishing

This paper addresses the problem of privacy-preserving data publishing for social network. Research on protecting the privacy of individuals and the confidentiality of data in social network has recently been receiving increasing attention. Privacy is an important issue when one wants to make use of data that involves individuals\u27 sensitive information, especially in a time when data collection is becoming easier and sophisticated data mining techniques are becoming more efficient. In this paper, we discuss various privacy attack vectors on social networks. We present algorithms that sanitize data to make it safe for release while preserving useful information, and discuss ways of analyzing the sanitized data. This study provides a summary of the current state-of-the-art, based on which we expect to see advances in social networks data publishing for years to come

Privacy threat analysis of social network data

Social network data has been increasingly made publicly available and analyzed in a wide spectrum of application domains. The practice of publishing social network data has brought privacy concerns to the front. Serious concerns on privacy protection in social networks have been raised in recent years. Realization of the promise of social networks data requires addressing these concerns. This paper considers the privacy disclosure in social network data publishing. In this paper, we present a systematic analysis of the various risks to privacy in publishing of social network data. We identify various attacks that can be used to reveal private information from social network data. This information is useful for developing practical countermeasures against the privacy attacks.<br /

Utility-aware social network graph anonymization

As the need for social network data publishing continues to increase, how to preserve the privacy of the social network data before publishing is becoming an important and challenging issue. A common approach to address this issue is through anonymization of the social network structure. The problem with altering the structure of the links relationship in social network data is how to balance between the gain of privacy and the loss of information (data utility). In this paper, we address this problem. We propose a utility-aware social network graph anonymization. The approach is based on a new metric that calculates the utility impact of social network link modification. The metric utilizes the shortest path length and the neighborhood overlap as the utility value. The value is then used as a weight factor in preserving structural integrity in the social network graph anonymization. For any modification made to the social network links, the proposed approach guarantees that the distance between vertices in the modified social network stays as close as the original social network graph prior to the modification. Experimental evaluation shows that the proposed metric improves the utility preservation as compared to the number-of-change metric