View
213
Download
0
Category
Preview:
Citation preview
1
Preserving Link Privacy in Social Network Based Systems
Prateek MittalUniversity of California,
Berkeleypmittal@eecs.berkeley.edu
Charalampos PapamanthouUniversity of California,
Berkeleycpap@eecs.berkeley.edu
Dawn SongUniversity of California,
Berkeleydawnsong@cs.berkeley.edu
Presented By: Kruti Mehta and Lijo T Raju
2/26/2015
2
Outline: • Introduction
• Related Work
• Structured Perturbation
• Utility
• Privacy
• Applications
• Conclusion and Future Work
2/26/2015
3
Introduction:• The Most Important Question – WHY ?
• The Paper focuses on Edge/Link Privacy and not Vertex Privacy
• Structured Graph Perturbation – introducing noise in the Graph
• Contributions: • Random Walks
• Defining a general Metric for characterizing Utility
• Defining Metrics for characterizing Link Privacy
• Real World applicability
2/26/2015
4
Related Work: • Link privacy between labeled vertices
• Anonymizing the vertices
• Differential privacy and social networks
• Link privacy preserving applications
2/26/2015
5
Structured Perturbation
2/26/2015
Protecting link privacy by introducing noisePreserve degree distribution - Structured Graph PerturbationIntroducing Randomization - Facebook Friendship graph and Facebook interaction graph
6
Utility:
2/26/2015
• Develop a formal metric to characterize Utility of Perturbed Graphs
• Analyze utility of the perturbation algorithm of used.
• The vertex utility of a perturbed graph G’ for a vertex v, with respect to the original graph G and an application parameter l, is defined as the statistical distance between the probability distributions induced by l hop random walks starting from v in graphs G and G’, i.e., VU(v; G;G’; l) = distance(Plv(G); Plv(G’)) ;where Plv denotes the v-th row of the matrix Pl
• A lower value of VU(v; G;G0; l) corresponds to higher utility (we want distance between probability distributions over original graph and perturbed graph to be low)
• Worst case scenario would be the maximum value of Vertex Utility over all vertices of G’.
7
Privacy:
2/26/2015
• Computing Link Privacy using Bayes Theorem, in which the adversary has prior knowledge.
• Privacy of a link L (or a subgraph) is the probability of existence of the link (or a subgraph) in the original graph G under the assumption that the adversary has access to the perturbed graph G’ and prior information H.
• To compute link probability, the adversary has to consider all possible graphs , which have the link L, and are consistent with background information H.
• worst case: an attacker knows the entire original graph except the link in question. As per the analysis, even in the worst case scenario, the perturbation mechanism offers good privacy protection.
Cont’d….
8
Privacy:
2/26/2015
• Relationship between privacy and utility: Utility measures the change in graph structure between original and perturbed graphs. If this change is small (high utility), then an adversary can infer information about the original graph given the perturbed graph.
• Computing Link Privacy, in which the adversary has no prior knowledge
• Here we define a new metric called the Structural Impact of Link l in Graph.
• Structural impact (SI) of a link L in graph G with respect to a perturbation mechanism M, as the statistical distance between probability distributions of the output M(G) of the set of possible perturbed graphs
• If the SI privacy of a link is low, then the perturbed graph G’ leaks less information about the link.
9
Applications:
2/26/2015
• Secure routing Sprout - routing system that enhances the security of conventional DHT routing by leveraging trusted
social links.
• Sybil detection
SybilLimit - protocol for Sybil detection, has both false positives and false negatives as honest users. SybilInfer - interplays between mixing time of graphs and the number of attack edges in the Sybil
defense application.
10
Conclusions:
2/26/2015
• Proposes Perturbation Graph that anonymizes links while preserving the properties of Original graph.
• Formally defines Utility of a Perturbed Graph
• Analyzes the privacy of perturbation mechanism from different perspectives • a Bayesian view point that takes into consideration specific adversarial prior • a risk based view point that is independent of the adversary's prior.
• Relationship between utility and privacy of perturbed graphs.
• Demonstrates the applicability of our techniques on applications
11
Future Work:
2/26/2015
• Investigating the applicability of techniques proposed on directed graphs
• Modeling closed form expressions for computing link privacy using the Bayesian framework
• Investigating tighter bounds on for computing link privacy in the risk-based frame-work, and
• Modeling temporal dynamics of social networks in quantifying link privacy.
12
Thank You
2/26/2015
Recommended