Robust active attacks on social graphs

In order to prevent the disclosure of privacy-sensitive data, such as names and relations between users, social network graphs have to be anonymised before publication. Naive anonymisation of social network graphs often consists in deleting all identifying information of the users, while maintaining the original graph structure. Various types of attacks on naively anonymised graphs have been developed. Active attacks form a special type of such privacy attacks, in which the adversary enrols a number of fake users, often called sybils, to the social network, allowing the adversary to create unique structural patterns later used to re-identify the sybil nodes and other users after anonymisation. Several studies have shown that adding a small amount of noise to the published graph already suffices to mitigate such active attacks. Consequently, active attacks have been dubbed a negligible threat to privacy-preserving social graph publication. In this paper, we argue that these studies unveil shortcomings of specific attacks, rather than inherent problems of active attacks as a general strategy. In order to support this claim, we develop the notion of a robust active attack, which is an active attack that is resilient to small perturbations of the social network graph. We formulate the design of robust active attacks as an optimisation problem and we give definitions of robustness for different stages of the active attack strategy. Moreover, we introduce various heuristics to achieve these notions of robustness and experimentally show that the new robust attacks are considerably more resilient than the original ones, while remaining at the same level of feasibility

Preventing active re-identification attacks on social graphs via sybil subgraph obfuscation

Active re-identification attacks constitute a serious threat to privacy-preserving social graph publication, because of the ability of active adversaries to leverage fake accounts, a.k.a. sybil nodes, to enforce structural patterns that can be used to re-identify their victims on anonymised graphs. Several formal privacy properties have been enunciated with the purpose of characterising the resistance of a graph against active attacks. However, anonymisation methods devised on the basis of these properties have so far been able to address only restricted special cases, where the adversaries are assumed to leverage a very small number of sybil nodes. In this paper, we present a new probabilistic interpretation of active re-identification attacks on social graphs. Unlike the aforementioned privacy properties, which model the protection from active adversaries as the task of making victim nodes indistinguishable in terms of their fingerprints with respect to all potential attackers, our new formulation introduces a more complete view, where the attack is countered by jointly preventing the attacker from retrieving the set of sybil nodes, and from using these sybil nodes for re-identifying the victims. Under the new formulation, we show that k-symmetry, a privacy property introduced in the context of passive attacks, provides a sufficient condition for the protection against active re-identification attacks leveraging an arbitrary number of sybil nodes. Moreover, we show that the algorithm K-Match, originally devised for efficiently enforcing the related notion of k-automorphism, also guarantees k-symmetry. Empirical results on real-life and synthetic graphs demonstrate that our formulation allows, for the first time, to publish anonymised social graphs (with formal privacy guarantees) that effectively resist the strongest active re-identification attack reported in the literature, even when it leverages a large number of sybil nodes

Conditional adjacency anonymity in social graphs under active attacks

Social network data is typically made available in a graph format, where users and their relations are represented by vertices and edges, respectively. In doing so, social graphs need to be anonymised to resist various privacy attacks. Among these, the so-called active attacks, where an adversary has the ability to enrol sybil accounts in the social network, have proven difficult to counteract. In this article, we provide an anonymisation technique that successfully thwarts active attacks while causing low structural perturbation. We achieve this goal by introducing (k, Γ G,ℓ) -adjacency anonymity: a privacy property based on (k, ℓ) -anonymity that alleviates the computational burden suffered by anonymisation algorithms based on (k, ℓ) -anonymity and relaxes some of its assumptions on the adversary capabilities. We show that the proposed method is efficient and establish tight bounds on the number of modifications that it performs on the original graph. Experimental results on real-life and randomly generated graphs show that when compared to methods based on (k, ℓ) -anonymity, the new method continues to provide protection from equally capable active attackers while introducing a much smaller number of changes in the graph structure

The Simultaneous Local Metric Dimension of Graph Families

In a graph G = ( V , E ) , a vertex v ∈ V is said to distinguish two vertices x and y if d G ( v , x ) ≠ d G ( v , y ) . A set S ⊆ V is said to be a local metric generator for G if any pair of adjacent vertices of G is distinguished by some element of S. A minimum local metric generator is called a local metric basis and its cardinality the local metric dimension of G. A set S ⊆ V is said to be a simultaneous local metric generator for a graph family G = { G 1 , G 2 , … , G k } , defined on a common vertex set, if it is a local metric generator for every graph of the family. A minimum simultaneous local metric generator is called a simultaneous local metric basis and its cardinality the simultaneous local metric dimension of G . We study the properties of simultaneous local metric generators and bases, obtain closed formulae or tight bounds for the simultaneous local metric dimension of several graph families and analyze the complexity of computing this parameter

Distance-based vertex identification in graphs: The outer multiset dimension

Given a graph $G$ and a subset of vertices $S = \{w_1, \ldots, w_t\} \subseteq V(G)$, the multiset representation of a vertex $u\in V(G)$ with respect to $S$ is the multiset $m(u|S) = \{| d_G(u, w_1), \ldots, d_G(u, w_t) |\}$. A subset of vertices $S$ such that $m(u|S) = m(v|S) \iff u = v$ for every $u, v \in V(G) \setminus S$ is said to be a multiset resolving set, and the cardinality of the smallest such set is the outer multiset dimension. We study the general behaviour of the outer multiset dimension, and determine its exact value for several graph families. We also show that computing the outer multiset dimension of arbitrary graphs is NP-hard, and provide methods for efficiently handling particular cases

Publishing Community-Preserving Attributed Social Graphs with a Differential Privacy Guarantee

We present a novel method for publishing differentially private synthetic attributed graphs. Our method allows, for the first time, to publish synthetic graphs simultaneously preserving structural properties, user attributes and the community structure of the original graph. Our proposal relies on CAGM, a new community-preserving generative model for attributed graphs. We equip CAGM with efficient methods for attributed graph sampling and parameter estimation. For the latter, we introduce differentially private computation methods, which allow us to release communitypreserving synthetic attributed social graphs with a strong formal privacy guarantee. Through comprehensive experiments, we show that our new model outperforms its most relevant counterparts in synthesising differentially private attributed social graphs that preserve the community structure of the original graph, as well as degree sequences and clustering coefficients

Active Re-identification Attacks on Periodically Released Dynamic Social Graphs

Active re-identification attacks pose a serious threat to privacy-preserving social graph publication. Active attackers create fake accounts to enforce structural patterns that can be used to re-identify legitimate users on published anonymised graphs, even without additional background knowledge. So far, this type of attacks has only been studied in the scenario where the inherently dynamic social graph is published once. In this paper, we present the first active re-identification attack in the more realistic scenario where a dynamic social graph is periodically published. Our new attack leverages tempo-structural patterns, created by a dynamic set of sybil nodes, for strengthening the adversary. We evaluate our new attack through a comprehensive set of experiments on real-life and synthetic dynamic social graphs. We show that our new attack substantially outperforms the most effective static active attack in the literature by increasing success probability by at least two times and efficiency by at least 11 times. Moreover, we show that, unlike the static attack, our new attack remains at the same level of efficiency as the publication process advances. Additionally, we conduct a study on the factors that may thwart our new attack, which can help design dynamic graph anonymisation methods displaying a better balance between privacy and utility