Preventing abuse of online communities

Irani, Danesh

02 July 2012

Online communities are growing at a phenomenal rate and with the large number of users these communities contain, attackers are drawn to exploit these users. Denial of information (DoI) attacks and information leakage attacks are two popular attacks that target users on online communities. These information based attacks are linked by their opposing views on low-quality information. On the one hand denial of information attacks which primarily use low-quality information (such as spam and phishing) are a nuisance for information consumers. On the other hand information leakage attacks, which use inadvertently leaked information, are less effective when low-quality information is used, and thus leakage of low-quality information is prefered by private information producers. In this dissertation, I introduce techniques for preventing abuse against these attacks in online communities using meta-model classification and information unification approaches, respectively. The meta-model classification approach involves classifying the ``connected payload" associated with the information and using the classification result for the determination. This approach allows for detection of DoI attacks in emerging domains where the amount of information may be constrained. My information unification approach allows for modeling and mitigating information leakage attacks. Unifying information across domains followed by a quantificiation of the information leaked, provides one of the first studies on users' susceptibality to information leakage attacks. Further, the modeling introduced allows me to quantify the reduced threat of information leakage attacks after applying information cloaking.

Online social networks

Social media

Computer networks Security measures

Practical privacy and security for opportunistic networks

Parris, Iain

January 2014

When in physical proximity, data can be directly exchanged between the mobile devices people carry - for example over Bluetooth. If people cooperate to store, carry and forward messages on one another's behalf, then an opportunistic network may be formed, independent of any fixed infrastructure. To enable performant routing within opportunistic networks, use of social network information has been proposed for social network routing protocols. But the decentralised and cooperative nature of the networks can however expose users of such protocols to privacy and security threats, which may in turn discourage participation in the network. In this thesis, we examine how to mitigate privacy and security threats in opportunistic networks while maintaining network performance. We first demonstrate that privacy-aware routing protocols are required in order to maintain network performance while respecting users' privacy preferences. We then demonstrate novel social network routing protocols that mitigate specific threats to privacy and security while maintaining network performance.

005.8

Applying contextual integrity to the study of social network sites

Hutton, Luke

January 2015

Social network sites (SNSs) have become very popular, with more than 1.39 billion people using Facebook alone. The ability to share large amounts of personal information with these services, such as location traces, photos, and messages, has raised a number of privacy concerns. The popularity of these services has enabled new research directions, allowing researchers to collect large amounts of data from SNSs to gain insight into how people share information, and to identify and resolve issues with such services. There are challenges to conducting such research responsibly, ensuring studies are ethical and protect the privacy of participants, while ensuring research outputs are sustainable and can be reproduced in the future. These challenges motivate the application of a theoretical framework that can be used to understand, identify, and mitigate the privacy impacts of emerging SNSs, and the conduct of ethical SNS studies. In this thesis, we apply Nissenbaum's model of contextual integrity to the study of SNSs. We develop an architecture for conducting privacy-preserving and reproducible SNS studies that upholds the contextual integrity of participants. We apply the architecture to the study of informed consent to show that contextual integrity can be leveraged to improve the acquisition of consent in such studies. We then use contextual integrity to diagnose potential privacy violations in an emerging form of SNS.

302.30285

Data, learning and privacy in recommendation systems / Données, apprentissage et respect de la vie privée dans les systèmes de recommandation

Mittal, Nupur

25 November 2016

Les systèmes de recommandation sont devenus une partie indispensable des services et des applications d’internet, en particulier dû à la surcharge de données provenant de nombreuses sources. Quel que soit le type, chaque système de recommandation a des défis fondamentaux à traiter. Dans ce travail, nous identifions trois défis communs, rencontrés par tous les types de systèmes de recommandation: les données, les modèles d'apprentissage et la protection de la vie privée. Nous élaborons différents problèmes qui peuvent être créés par des données inappropriées en mettant l'accent sur sa qualité et sa quantité. De plus, nous mettons en évidence l'importance des réseaux sociaux dans la mise à disposition publique de systèmes de recommandation contenant des données sur ses utilisateurs, afin d'améliorer la qualité des recommandations. Nous fournissons également les capacités d'inférence de données publiques liées à des données relatives aux utilisateurs. Dans notre travail, nous exploitons cette capacité à améliorer la qualité des recommandations, mais nous soutenons également qu'il en résulte des menaces d'atteinte à la vie privée des utilisateurs sur la base de leurs informations. Pour notre second défi, nous proposons une nouvelle version de la méthode des k plus proches voisins (knn, de l'anglais k-nearest neighbors), qui est une des méthodes d'apprentissage parmi les plus populaires pour les systèmes de recommandation. Notre solution, conçue pour exploiter la nature bipartie des ensembles de données utilisateur-élément, est évolutive, rapide et efficace pour la construction d'un graphe knn et tire sa motivation de la grande quantité de ressources utilisées par des calculs de similarité dans les calculs de knn. Notre algorithme KIFF utilise des expériences sur des jeux de données réelles provenant de divers domaines, pour démontrer sa rapidité et son efficacité lorsqu'il est comparé à des approches issues de l'état de l'art. Pour notre dernière contribution, nous fournissons un mécanisme permettant aux utilisateurs de dissimuler leur opinion sur des réseaux sociaux sans pour autant dissimuler leur identité. / Recommendation systems have gained tremendous popularity, both in academia and industry. They have evolved into many different varieties depending mostly on the techniques and ideas used in their implementation. This categorization also marks the boundary of their application domain. Regardless of the types of recommendation systems, they are complex and multi-disciplinary in nature, involving subjects like information retrieval, data cleansing and preprocessing, data mining etc. In our work, we identify three different challenges (among many possible) involved in the process of making recommendations and provide their solutions. We elaborate the challenges involved in obtaining user-demographic data, and processing it, to render it useful for making recommendations. The focus here is to make use of Online Social Networks to access publicly available user data, to help the recommendation systems. Using user-demographic data for the purpose of improving the personalized recommendations, has many other advantages, like dealing with the famous cold-start problem. It is also one of the founding pillars of hybrid recommendation systems. With the help of this work, we underline the importance of user’s publicly available information like tweets, posts, votes etc. to infer more private details about her. As the second challenge, we aim at improving the learning process of recommendation systems. Our goal is to provide a k-nearest neighbor method that deals with very large amount of datasets, surpassing billions of users. We propose a generic, fast and scalable k-NN graph construction algorithm that improves significantly the performance as compared to the state-of-the art approaches. Our idea is based on leveraging the bipartite nature of the underlying dataset, and use a preprocessing phase to reduce the number of similarity computations in later iterations. As a result, we gain a speed-up of 14 compared to other significant approaches from literature. Finally, we also consider the issue of privacy. Instead of directly viewing it under trivial recommendation systems, we analyze it on Online Social Networks. First, we reason how OSNs can be seen as a form of recommendation systems and how information dissemination is similar to broadcasting opinion/reviews in trivial recommendation systems. Following this parallelism, we identify privacy threat in information diffusion in OSNs and provide a privacy preserving algorithm for the same. Our algorithm Riposte quantifies the privacy in terms of differential privacy and with the help of experimental datasets, we demonstrate how Riposte maintains the desirable information diffusion properties of a network.

Systèmes de recommandation

K plus proches voisins

Diffusion de l'information

Respect de la vie privée

Qualité et quantité de données

Apprentissage

Recommendation systems

K nearest neighbors

Information diffusion

Privacy in social networks

Data quality and quantity

Learning in recommendation systems