In recent years, social networks and their related theories and applications attract widespread attentions in computer science. Many applications are designed by exploring the social information among users, such as social peer-to-peer systems, mobile cloud, and online recommendation systems. Most of the existing works only focus on how to use social information but ignore the fact that social information itself may cause severe security and privacy problems. In this dissertation, we first present some social information-assisted application systems that we have designed, and then, we present several social information-involved privacy and security risks and their countermeasures. Generally speaking, the design procedure of any social information-assisted application involves three tasks: publishing, accessing, and using social information. However, all of these tasks contain privacy and security issues. Social information can be published from a centralized system or a distributed one. For the centralized scheme, the social information is directly published from online social networking systems, such as Facebook or Twitter. However, we found that the data of a social network essentially is a time-evolving graph. Most of the existing approaches fail to preserve users' identity privacy once a malicious attacker has the external knowledge about the victim's time-varying behaviors. For avoiding the new privacy issue, we propose a time-based anonymization scheme. For the distributed social information-sharing scheme, each user's information is propagated from friend to friend's friends, and so on. We design a new scheme to gradually enhance the privacy protection along a propagation path, in the meanwhile, maximally preserve the overall utility of the user's data. From a data accessing aspect, social information can be used by malicious users for launching new attacks. In this dissertation, we find a friendship-based privacy disclosure attack, and a corresponding defense approach is designed. Location-based service has been widely adopted. In order to preserve location privacy, users usually turn off the corresponding applications when visiting sensitive locations. However, once social relationships are known, attackers are able to infer these hidden locations, which disclose users' location privacy. For preserving the location privacy, we design a fake location-based approach, which efficiently disorders the social-geographic relationships among users. From the data usage aspect, social information and its related data may come from users. A system may lose functioning if some malicious users inject plenty of fake information. Mobile clouds and Friend Locator are two typical systems, which are vulnerable to the fake information-related attacks. Mobile clouds explore the idle computing resources of surrounding devices by recruiting nearby friends to participate in the same task. However, malicious users may inject wrong friendships information to mess up the system. When visiting a new place, Friend Locator provides navigation services for participators by creating a map based their trajectories. The functioning of the system is based on the trust among participators. Once a user's device is controlled by attackers, all other users may receive wrong navigation. For defending these attacks, we provide different countermeasure. / Computer and Information Science
Identifer | oai:union.ndltd.org:TEMPLE/oai:scholarshare.temple.edu:20.500.12613/2682 |
Date | January 2016 |
Creators | Chang, Wei |
Contributors | Wu, Jie, 1961-, Tan, Chiu C., Yang, Wei-shih, 1954-, Srinivasan, Avinash, Biswas, Saroj K. |
Publisher | Temple University. Libraries |
Source Sets | Temple University |
Language | English |
Detected Language | English |
Type | Thesis/Dissertation, Text |
Format | 283 pages |
Rights | IN COPYRIGHT- This Rights Statement can be used for an Item that is in copyright. Using this statement implies that the organization making this Item available has determined that the Item is in copyright and either is the rights-holder, has obtained permission from the rights-holder(s) to make their Work(s) available, or makes the Item available under an exception or limitation to copyright (including Fair Use) that entitles it to make the Item available., http://rightsstatements.org/vocab/InC/1.0/ |
Relation | http://dx.doi.org/10.34944/dspace/2664, Theses and Dissertations |
Page generated in 0.0172 seconds