Active re-identification attacks pose a serious threat to privacy-preserving
social graph publication. Active attackers create fake accounts to build
structural patterns in social graphs which can be used to re-identify
legitimate users on published anonymised graphs, even without additional
background knowledge. So far, this type of attacks has only been studied in the
scenario where the inherently dynamic social graph is published once. In this
paper, we present the first active re-identification attack in the more
realistic scenario where a dynamic social graph is periodically published. The
new attack leverages tempo-structural patterns for strengthening the adversary.
Through a comprehensive set of experiments on real-life and synthetic dynamic
social graphs, we show that our new attack substantially outperforms the most
effective static active attack in the literature by increasing the success
probability of re-identification by more than two times and efficiency by
almost 10 times. Moreover, unlike the static attack, our new attack is able to
remain at the same level of effectiveness and efficiency as the publication
process advances. We conduct a study on the factors that may thwart our new
attack, which can help design graph anonymising methods with a better balance
between privacy and utility