Results 1 - 10
of
31
Exploiting Innocuous Activity for Correlating Users Across Sites
"... We study how potential attackers can identify accounts on different social network sites that all belong to the same user, exploiting only innocuous activity that inherently comes with posted content. We examine three specific features on Yelp, Flickr, and Twitter: the geo-location attached to a use ..."
Abstract
-
Cited by 13 (2 self)
- Add to MetaCart
(Show Context)
We study how potential attackers can identify accounts on different social network sites that all belong to the same user, exploiting only innocuous activity that inherently comes with posted content. We examine three specific features on Yelp, Flickr, and Twitter: the geo-location attached to a user’s posts, the timestamp of posts, and the user’s writing style as captured by language models. We show that among these three features the location of posts is the most powerful feature to identify accounts that belong to the same user in different sites. When we combine all three features, the accuracy of identifying Twitter accounts that belong to a set of Flickr users is comparable to that of existing attacks that exploit usernames. Our attack can identify 37 % more accounts than using usernames when we instead correlate Yelp and Twitter. Our results have significant privacy implications as they present a novel class of attacks that exploit users ’ tendency to assume that, if they maintain different personas with different names, the accounts cannot be linked together; whereas we show that the posts themselves can provide enough information to correlate the accounts.
A Framework for Context-Aware Privacy of Sensor Data on Mobile Systems
"... We study the competing goals of utility and privacy as they arise when a user shares personal sensor data with apps on a smartphone. On the one hand, there can be value to the user for sharing data in the form of various personalized services and recommendations; on the other hand, there is the risk ..."
Abstract
-
Cited by 6 (1 self)
- Add to MetaCart
(Show Context)
We study the competing goals of utility and privacy as they arise when a user shares personal sensor data with apps on a smartphone. On the one hand, there can be value to the user for sharing data in the form of various personalized services and recommendations; on the other hand, there is the risk of revealing behaviors to the app producers that the user would like to keep private. The current approaches to privacy, usually defined in multi-user settings, rely on anonymization to prevent such sensitive behaviors from being traced back to the user—a strategy which does not apply if user identity is already known, as is the case here. Instead of protecting identity, we focus on the more general problem of choosing what data to share, in such a way that certain kinds of inferences—i.e., those indicating the user’s sensitive behavior—cannot be drawn. The use of inference functions allows us to establish a terminology to unify prior notions of privacy as special cases of this more general problem. We identify several information disclosure regimes, each corresponding to a specific privacyutility tradeoff, as well as privacy mechanisms designed to realize these tradeoff points. Finally, we propose ipShield as a privacy-aware framework which uses current user context together with a model of user behavior to quantify an adversary’s knowledge regarding a sensitive inference, and obfuscate data accordingly before sharing. We conclude by describing initial work towards realizing this framework.
Cryptography and the Economics of Supervisory Information: Balancing Transparency and Confidentiality
, 2013
"... ..."
(Show Context)
Quantifying the Effect of Co-Location Information on Location Privacy
"... Abstract. Mobile users increasingly report their co-locations with other users, in addition to revealing their locations to online services. For in-stance, they tag the names of the friends they are with, in the messages and in the pictures they post on social networking websites. Combined with (pos ..."
Abstract
-
Cited by 4 (2 self)
- Add to MetaCart
(Show Context)
Abstract. Mobile users increasingly report their co-locations with other users, in addition to revealing their locations to online services. For in-stance, they tag the names of the friends they are with, in the messages and in the pictures they post on social networking websites. Combined with (possibly obfuscated) location information, such co-locations can be used to improve the inference of the users ’ locations, thus further threat-ening their location privacy: as co-location information is taken into ac-count, not only a user’s reported locations and mobility patterns can be used to localize her, but also those of her friends (and the friends of their friends and so on). In this paper, we study this problem by quantifying the effect of co-location information on location privacy, with respect to an adversary such as a social network operator that has access to such information. We formalize the problem and derive an optimal inference algorithm that incorporates such co-location information, yet at the cost of high complexity. We propose two polynomial-time approximate infer-ence algorithms and we extensively evaluate their performance on a real dataset. Our experimental results show that, even in the case where the adversary considers co-locations with only a single friend of the targeted user, the location privacy of the user is decreased by up to 75 % in a typical setting. Even in the case where a user does not disclose any lo-cation information, her privacy can decrease by up to 16 % due to the information reported by other users.
Building Dissent Networks: Towards Effective Countermeasures against Large-Scale Communications Blackouts
"... Large-scale communications blackouts, such as those carried out by Egypt and Libya in 2011 and Syria in 2012 and 2013, have motivated a series of projects that aim to enable citizens to communicate even in the face of such heavy-handed censorship efforts. A common theme across these proposals has be ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
(Show Context)
Large-scale communications blackouts, such as those carried out by Egypt and Libya in 2011 and Syria in 2012 and 2013, have motivated a series of projects that aim to enable citizens to communicate even in the face of such heavy-handed censorship efforts. A common theme across these proposals has been the use of wireless mesh networks. We argue that such networks are poorly equipped to serve as a meaningful countermeasure against large-scale blackouts due to their intrinsically poor scaling properties. We further argue that projects in this space must consider user safety as first design priority and thus far have failed to preserve user anonymity and to rely only on innocuous hardware. From these two insights, we frame a definition of dissent networks to capture the essential requirements for blackout circumvention solutions. 1
MinUS: Mining User Similarity with Trajectory Patterns
"... Abstract. The development of positioning systems and wireless connectivity has made it possible to collect users ’ fine-grained movement data. This availability of movement data can be applied in a broad range of services. In this paper, we present a novel tool for calculating users ’ similarity bas ..."
Abstract
-
Cited by 3 (2 self)
- Add to MetaCart
(Show Context)
Abstract. The development of positioning systems and wireless connectivity has made it possible to collect users ’ fine-grained movement data. This availability of movement data can be applied in a broad range of services. In this paper, we present a novel tool for calculating users ’ similarity based on their movements. This tool, MinUS, integrates the technologies of trajectory pattern mining with the state-of-the-art research on discovering user similarity with trajectory pat-terns. Specifically, with MinUS, we provide a platform to manage movement datasets, and construct and compare users ’ trajectory patterns. Tool users can compare results given by a series of user similarity metrics, which allows them to learn the importance and limitations of different similarity metrics and pro-motes studies in related areas, e.g., location privacy. Additionally, MinUS can also be used by researchers as a tool for preliminary process of movement data and parameter tuning in trajectory pattern mining. 1
Structure based data de-anonymization of social networks and mobility traces. ISC
, 2014
"... Abstract. We present a novel de-anonymization attack on mobility trace data and social data. First, we design an Unied Similarity (US) measurement, based on which we present a US based De-Anonymization (DA) framework which iteratively de-anonymizes data with an accura-cy guarantee. Then, to de-anony ..."
Abstract
-
Cited by 3 (2 self)
- Add to MetaCart
(Show Context)
Abstract. We present a novel de-anonymization attack on mobility trace data and social data. First, we design an Unied Similarity (US) measurement, based on which we present a US based De-Anonymization (DA) framework which iteratively de-anonymizes data with an accura-cy guarantee. Then, to de-anonymize data without the knowledge of the overlap size between the anonymized data and the auxiliary data, we generalize DA to an Adaptive De-Anonymization (ADA) framework. Fi-nally, we examine DA/ADA on mobility traces and social data sets. 1
Near-Pri: Private, Proximity Based Location Sharing
"... Abstract—As the ubiquity of smartphones increases we see an increase in the popularity of location based services. Specifically, online social networks provide services such as alerting the user of friend co-location, and finding a user’s k nearest neighbors. Location information is sensitive, which ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
(Show Context)
Abstract—As the ubiquity of smartphones increases we see an increase in the popularity of location based services. Specifically, online social networks provide services such as alerting the user of friend co-location, and finding a user’s k nearest neighbors. Location information is sensitive, which makes privacy a strong concern for location based systems like these. We have built one such service that allows two parties to share location information privately and securely. Our system allows every user to maintain and enforce their own policy. When one party, (Alice), queries the location of another party, (Bob), our system uses homomorphic encryption to test if Alice is within Bob’s policy. If she is, Bob’s location is shared with Alice only. If she is not, no user location information is shared with anyone. Due to the importance and sensitivity of location information, and the easily deployable design of our system, we offer a useful, practical, and important system to users. Our main contribution is a flexible, practical protocol for private proximity testing, a useful and efficient technique for representing location values, and a working implementation of the system we design in this paper. It is implemented as an Android application with the Facebook online social network used for communication between users. I.
