Security and Privacy in Social Networks

Slides:

Advertisements

Similar presentations

Priva cy an d Pr ofessi onali sm When you walk by someones desk in the workplace, your eye is drawn to the pictures and the way they have personalized.

Advertisements

Naïve Bayes. Bayesian Reasoning Bayesian reasoning provides a probabilistic approach to inference. It is based on the assumption that the quantities of.

Resource Management §A resource can be a logical, such as a shared file, or physical, such as a CPU (a node of the distributed system). One of the functions.

UnFriendly: Multi-Party Privacy Risks in Social Networks Kurt Thomas, Chris Grier, David M. Nicol.

Lecture 5 (Classification with Decision Trees)

Working group discussion 1 Cyber Risk Security, Privacy ?

Memoplex Browser: Searching and Browsing in Semantic Networks CPSC 533C - Project Update Yoel Lanir.

UT DALLAS Erik Jonsson School of Engineering & Computer Science FEARLESS engineering Security and Privacy in Social Networks Raymond Heatherly Data Security.

Created by Amber Craddock, Kylee Stone & Caleb Truette.

Using Transactional Information to Predict Link Strength in Online Social Networks Indika Kahanda and Jennifer Neville Purdue University.

B-Trees. CSM B-Trees 2 Motivation for B-Trees So far we have assumed that we can store an entire data structure in main memory What if we have so.

B-Trees. Motivation for B-Trees So far we have assumed that we can store an entire data structure in main memory What if we have so much data that it.

Preventing Private Information Inference Attacks on Social Networks.

Slides for “Data Mining” by I. H. Witten and E. Frank.

Socialbots and its implication On ONLINE SOCIAL Networks Md Abdul Alim, Xiang Li and Tianyi Pan Group 18.

Speaker : Yu-Hui Chen Authors : Dinuka A. Soysa, Denis Guangyin Chen, Oscar C. Au, and Amine Bermak From : 2013 IEEE Symposium on Computational Intelligence.

Don’t Follow me : Spam Detection in Twitter January 12, 2011 In-seok An SNU Internet Database Lab. Alex Hai Wang The Pensylvania State University International.

1 Data Organization Example 1: Heap storage management Maintain a sequence of free chunks of memory Find an appropriate chunk when allocation is requested.

Lazy Loading the Dojo Tree with PHP on the server side ● We will discusses web applications that utilize the Dojo and the PHP to create visual representation.

What Parents Should Know About Social Networking.

More Access – Less Control Access Control in the Web 2.0 Michael Hart, Rob Johnson, Amanda Stent Stony Brook University.

Priority Queues and Heaps Tom Przybylinski. Maps ● We have (key,value) pairs, called entries ● We want to store and find/remove arbitrary entries (random.

A Brief Introduction to Bayesian networks

Creating your online identity

Cyberbullying on Instagram and Snapchat

Security and Privacy in Social Networks

Social Media Security: Understanding how to keep yourself safe.

Bioinformatics 3 V6 – Biological Networks are Scale- free, aren't they? Fri, Nov 2, 2012.

A Guide for Getting Started

E-Safety Briefing

Russellville Independent School District

Updating SF-Tree Speaker: Ho Wai Shing.

Clustering of Web pages

Data Flows in ACTRIS: Considerations for Planning the Future

Module 7: Managing Access to Objects in Organizational Units

E-safety – for teachers

Dealing With Social Media

Personalized Social Image Recommendation

Bhavani Thuraisingham

Friendship Companion Training

Let’s create a better internet together

NO The Right to Say NO by Steven Powe

J.N GRAY R.A LORIE IBM RESEARCH LAB, SAN JOSE, CALIFORNIA

Providing Secure Storage on the Internet

Chapter 2: Entrepreneurs and Enterprising People

Security and Privacy in Social Networks

PROJECTS SUMMARY PRESNETED BY HARISH KUMAR JANUARY 10,2018.

Dynamic Detection of Novice vs. Skilled Use Without a Task Model

Tips for Job Seekers Using Facebook

Operating System Concepts

Today we will analyze the implications of posting online.

Privacy Protection for Social Network Services

Korea University of Technology and Education

E SAFETY ASSEMBLY.

CS 188: Artificial Intelligence Spring 2007

Facebook Group Page Parent Agreement

Lecture 14 Shortest Path (cont’d) Minimum Spanning Tree

Data Structures & Algorithms

CS 188: Artificial Intelligence Spring 2006

Chapter 4 System Modeling.

Notes from 02_CAINE conference

Using Bayesian Network in the Construction of a Bi-level Multi-classifier. A Case Study Using Intensive Care Unit Patients Data B. Sierra, N. Serrano,

Lecture 13 Shortest Path (cont’d) Minimum Spanning Tree

NO The Right to Say NO by Steven Powe

Locality In Distributed Graph Algorithms

Hazelwood Schools Wednesday 2nd October 2019.

Presentation transcript:

Security and Privacy in Social Networks Raymond Heatherly Data Security and Privacy Lab

Social Network Privacy (Heatherly et al) Facebook currently has over 400 million users Each of these users specify details about themselves For example:

What about details they don’t specify? So what? What about details they don’t specify? In our previous example, what political affiliation does she have? What about her job? Two possible reasons: Forgot Don’t want people to know

Privacy But can we figure out anyways? For instance, is there anything our previous example does state that talks about her job? An activity talks about ‘my classroom’

Learning Consider a social network as a graph, where the vertices are the users in the network, and the edges are friendship links between those users. Each node has a finite subset of detail types (hometown, birthdate, groups, books, etc.) Each detail type has a finite number of detail values (books = The Bible, Harry Potter, etc.)

We use these properties to construct three different models: Model Building We use these properties to construct three different models: Details Only Links Only Average

Details Only Naïve Bayesian classifier (Detail independence) Builds a raw model based on training data over all details

Links Only Naïve Bayes based With changes Weigh friendships based on similarity

Average Calculate Link only and Details only probabilities and average them

Collective Inference When we classify large graphs, the decisions we make at one node transfer through the graph CI gives us a series of algorithms to assist with handling these transfers Local Classifier Relational Classifier CI Algorithm

Preserving Privacy What happens when data is released? In what ways can we decrease accuracy of classifiers? We can add or remove links or details Consider what additions mean What about deletions?

Our experiments Performed on data gathered from the DFW network on Facebook in the Spring of 2008 Performing only link or detail deletions For Details, remove the best identifiers of any classification globally For Links, remove links to those individuals most like a person

Results

Access Control in Social Networks (Carminati et al, 2009) What about access to resources? For example, photos: Who should control viewers of a photo on Facebook? Now, on Facebook, the photo uploader has control of the photo’s viewers A person in the picture can only untag

Parental rights over a minor What if a photo is of a minor child? How would a parent be able to (reliably) have photos removed or restricted of their children? What about limiting children’s access to inappropriate videos over a social network?

Propose several generic classes of friends: Friendship Hierarchy Propose several generic classes of friends: Friend Co-Worker Family Some classes can have (user-defined) specific sub-classes, such as a Best Friend, a Boss, a Parent, a child, etc.

Project motivation What if we give all people tagged in a photo some say in who can see photos of them? Additionally, parents of minor children can also have a say in the permissions of photos of their children Instead of a static access list, what about inferring the authorizations using semantic reasoners?

Data Generation Facebook doesn’t give full set of its data to researchers Needed to test efficacy of semantic solution using a comparable size of data Generated 350 million `users’ with their own security policies Simulated a scale-free network Generated Between 750,000 and 350 million resources

Implementation challenges Initially, we attempted to do the reasoning on the entire data set. SweetRules did not update in-memory model of security policies, so gave incorrect responces Pellet then crashed due to the amount of memory required to perform inference on data set

We then decided to partition data Partitioning We then decided to partition data But any single partition would be a cut that would have edges to (at least) one other partition These would decrease our accuracy Dynamic partitioning Owner Tagged individuals Requestor

Experiment 1 Friendship types: Security policies: Coworker Friend: with BestFriend sub-type Family: with Parent/Child sub-type Security policies: 1. Strict – Only BestFriends and Family can view photos of self and any child; child may not view any videos 2. Casual – Anyone can see photos; no restriction on child 3. ParentStrict – Anyone can see photos of the parent, only family can see photos of child;

Discard almost all Link Types Experiment 2 Discard almost all Link Types Keep ParentOf/ChildOf Replace with a Trust value between 1 and 10

Maintained all general and specific link types Experiment 3 Used a hybrid approach Maintained all general and specific link types Each friendship also assigned a Trust Value i.e. A Best Friend with a TV of 6

Time (in seconds) for each inference Results Average Low High Link-Type only 0.585 0.562 0.611 Trust Value Only 0.612 0.534 0.598 Value/Trust Hybrid 0.731 0.643 0.811 Time (in seconds) for each inference

Questions?