一种增强的位置分享隐私保护方案*

目前,位置分享已经成为移动在线社交网络中一个非常重要的功能。与此同时,人们也对位置分享过程中产生的隐私泄露问题越来越担忧。如果得不到足够的隐私保护,用户很可能不愿意分享自己的位置信息。针对移动在线社交网络中位置分享的隐私保护问题,本文进行了深入的研究,指出了已有的保护方案的缺陷,提出了一个名为BMobishare 的安全方案。该方案改进了先前方案的架构,并采用位置加密和Bloom过滤器来阻止非法攻击。最后,通过安全分析和模拟实验,证明了BMobishare 方案能有效地保护用户位置和社交网络的隐私信息。     

浅析面向用户关系的网络隐私攻击与保护

随着网络信息技术的发展和社交网站的普及,网络用户隐私泄露问题变得日益严重。本文介绍了三种类型的网络隐私攻击手段,并重点讨论了面向用户关系的网络隐私攻击与保护。本文采用图的理想模型描述网络用户关系,分析了随机化社交网络图中边的保护技术。通过对图频谱属性的研究,整体评估了不同随机方法的保护效果。用现有实验验证了频谱保护技术相比于基本方法对保护用户关系的优越性。     

社交媒体用户行为的时间模式隐私攻击方法

网络社交媒体用户个人隐私信息的保护具有极其重要的意义。现有的有关隐私保护的研究集中于一般关系型数据、位置和轨迹信息、社交网络关系等数据类型的隐私保护,而社交媒体数据结构的复杂性使得隐私泄露的情况变得更加隐蔽,现有针对其他类型数据的隐私泄露的判定方式和隐私保护方法难于直接用于社交媒体用户行为的时间模式分析。为了发现社交媒体复杂时间数据中存在的潜在隐私泄露问题,给出针对网络论坛用户的行为时间模式的隐私泄露挖掘方法,设计并实现了多方法、多选择的聚类攻击者模型,实验通过攻击社交媒体用户的行为模式数据集,发现了用户行为时间模式的特异性和网络论坛中广泛存在着的用户隐私泄露的问题,应当引起充分重视。     

社会网络的隐私保护研究综述*

某些网站将匿名处理后的社会网络数据公开发布,或者提供给科研机构、大学或者其他组织和个人使用,而这些数据往往侵犯了用户的隐私,但有关社会网络中个人信息安全和隐私保护的研究却处于起步阶段。综述了当前在线社会网络的研究成果,主要就社会网络及其隐私漏洞、信息泄露、再识别攻击、聚集攻击、推理攻击等进行了分析,并对今后的发展提出了预测,为社会网络的科研指出了可行的研究方向。     

一种新型在线社交网络协作访问控制机制

在线社交网络可以为数字用户提供社会互动和信息共享,但是它存在隐私安全问题。针对用户隐私保护问题,提出了一种保护机制,允许用户在协作条件下控制访问共享资源。这种新的在线社交网路协作访问控制机制,通过定义数据拥有者、利益相关者和信任度三个因素来描述其控制机制,对于新方案重点协作策略规则和信任度的计算,给出了具体的解释。研究结果表明,用户共享内容的安全问题很大程度上得到保护,且不论单用户访问还是多用户访问,隐私安全大大得到加强。     

一种新的在线社交网络的隐私保护方案

针对用户数据隐私容易被截取的问题,提出了一种新的用户在线社交网络隐私保护方案.传统解决方案依赖于公共密钥基础设施或传统密钥分布技术,而新的方案则充分利用朋友和用户的私有属性熵之间的信任.通过重新构建密码模块建立安全协议,对在线社交网络提供安全信息服务、安全信息匹配和安全通信三种服务,最终使用户能够安全地存储自己的私有数据,并建立一个会话密钥的安全通信.     

社交网络用户隐私保护的博弈模型

基于不完全信息的动态博弈,分别通过攻防博弈、共同防御博弈、联合攻击博弈研究了社交网络用户隐私的攻防博弈过程,并重点探讨了用户关系层次对博弈结果的影响。结论表明,非完全自私的防御者可以优化整体的防御水平,优化的程度取决于用户隐私价值大小和关系层次的综合作用;攻击者之间共谋可以获得更高的攻击效用,关系层次对不同的攻击者具有不同的影响。研究结果对社交网络用户更好地保护隐私具有一定指导作用。     

可证明安全的社交网络隐私保护方案

针对社交网络隐私保护方案的安全性证明问题,提出了一种可证明安全的社交网络隐私保护方案。首先,通过分析社交网络中节点隐私的安全需求（不可区分的节点结构和不可区分的发送消息）,分别建立其安全模型;其次,基于该安全模型运用双线性映射构造社交网络节点隐私保护方案;最后,证明了该方案是可证明安全的,并且分析和对比了该方案的安全性,分析结果表明,该方案除了具有可证明安全性外,还能抵抗再识别攻击、推理攻击和信息聚集攻击。     

社交网络中的社团隐私研究综述

社团是社交网络的重要特征,社团检测技术的发展给网络用户带来隐私泄露的危险.如何保护敏感的社团信息不被泄露,保障用户与社团安全已经成为网络安全领域的研究热点.近几年,社团保护技术取得了初步进展,但针对社交网络中的社团隐私或社团安全研究进展综述较少,不利于该研究方向的长远发展.因此,主要针对社团结构隐私方面的研究进展进行综...     

基于社交网络好友攻击的位置隐私保护模型

随着无线网络的发展,移动社交网络用户发布其所在的地理位置信息时,如果包含敏感地理位置会导致用户隐私受到攻击。现有的位置隐私保护方法都是对用户发布的位置进行泛化处理,以牺牲用户的服务质量为代价,且大部分都是将攻击者定位在LBS服务商,没有考虑到统一对社交网络中的好友根据其可靠程度的不同提供不同准确度的地理位置信息。针对此问题,提出了基于社交网络好友亲密度分级的隐私保护模型L-intimacy,用来防止好友攻击者的攻击。理论分析和实验结果表明,与加入到Latitude服务的Google Maps相比,该方法既能保护移动社交网络用户的相关隐私,同时又具有较小的信息损失度。     

Anonymizing popularity in online social networks with full utility

With the rapid growth of social network applications, more and more people are participating in social networks. Privacy protection in online social networks becomes an important issue. The illegal disclosure or improper use of users’ private information will lead to unaccepted or unexpected consequences in people’s lives. In this paper, we concern on authentic popularity disclosure in online social networks. To protect users’ privacy, the social networks need to be anonymized. However, existing anonymization algorithms on social networks may lead to nontrivial utility loss. The reason is that the anonymization process has changed the social network’s structure. The social network’s utility, such as retrieving data files, reading data files, and sharing data files among different users, has decreased. Therefore, it is a challenge to develop an effective anonymization algorithm to protect the privacy of user’s authentic popularity in online social networks without decreasing their utility. In this paper, we first design a hierarchical authorization and capability delegation (HACD) model. Based on this model, we propose a novel utility-based popularity anonymization (UPA) scheme, which integrates proxy re-encryption with keyword search techniques, to tackle this issue. We demonstrate that the proposed scheme can not only protect the users’ authentic popularity privacy, but also keep the full utility of the social network. Extensive experiments on large real-world online social networks confirm the efficacy and efficiency of our scheme.     

基于随机模型检验的社交网络隐私保护研究

针对现有社交网络所提供静态隐私策略的隐私设置不够灵活且难以定量验证问题,提出一种动态隐私保护框架,将社交网络建模为离散时间马尔科夫链模型,通过设置触发条件实现用户动态隐私规约并将其转化为概率计算树逻辑公式,同时结合随机模型检验和运行时验证中的参数化与监控技术,保护社交网络发生随机故障情况下的用户动态隐私信息。在Diaspora开源社交网络上的实验结果表明,与静态隐私保护框架相比,动态隐私保护框架具有更高的安全性和灵活性,能较好满足用户的隐私保护需求。     

Privacy policies for shared content in social network sites

Social networking is one of the major technological phenomena of the Web 2.0, with hundreds of millions of subscribed users. Social networks enable a form of self-expression for users and help them to socialize and share content with other users. In spite of the fact that content sharing represents one of the prominent features of existing Social network sites, they do not provide any mechanisms for collective management of privacy settings for shared content. In this paper, using game theory, we model the problem of collective enforcement of privacy policies on shared data. In particular, we propose a solution that offers automated ways to share images based on an extended notion of content ownership. Building upon the Clarke-Tax mechanism, we describe a simple mechanism that promotes truthfulness and that rewards users who promote co-ownership. Our approach enables social network users to compose friendship based policies based on distances from an agreed upon central user selected using several social networks metrics. We integrate our design with inference techniques that free the users from the burden of manually selecting privacy preferences for each picture. To the best of our knowledge, this is the first time such a privacy protection mechanism for social networking has been proposed. We also extend our mechanism so as to support collective enforcement across multiple social network sites. In the paper, we also show a proof-of-concept application, which we implemented in the context of Facebook, one of today’s most popular social networks. Through our implementation, we show the feasibility of such approach and show that it can be implemented with a minimal increase in overhead to end-users. We complete our analysis by conducting a user study to investigate users’ understanding of co-ownership, usefulness and understanding of our approach. Users responded favorably to the approach, indicating a general understanding of co-ownership and the auction, and found the approach to be both useful and fair.     

Shall I post this now? Optimized,delay-based privacy protection in social networks

Despite the several advantages commonly attributed to social networks such as easiness and immediacy to communicate with acquaintances and friends, significant privacy threats provoked by unexperienced or even irresponsible users recklessly publishing sensitive material are also noticeable. Yet, a different, but equally significant privacy risk might arise from social networks profiling the online activity of their users based on the timestamp of the interactions between the former and the latter. In order to thwart this last type of commonly neglected attacks, this paper proposes an optimized deferral mechanism for messages in online social networks. Such solution suggests intelligently delaying certain messages posted by end users in social networks in a way that the observed online activity profile generated by the attacker does not reveal any time-based sensitive information, while preserving the usability of the system. Experimental results as well as a proposed architecture implementing this approach demonstrate the suitability and feasibility of our mechanism.     

基于社会网络的(α,k)-匿名方法

随着网络技术的快速发展,大量在线社会网络的建立和使用,越来越多的人参加到社会网络中分享和交流信息,而在这种交互过程中,会产生大量的数据。这些数据中有些是用户个人生活领域中不愿意别人知道的事情,可以认为它们是用户的隐私。社会网络数据发布的隐私保护成为新兴的研究课题。本文提出了应用于社会网络的(α,k)-匿名方法,采用基于聚类的方法,对节点的属性及节点之间的关系进行保护。每个聚类中的节点数至少为k个,并且聚类中任一敏感属性值相关的节点的百分比不高于α。理论分析和实验结果表明,基于社会网络的(α,k)-匿名方法能在信息损失尽可能小的情况下有效地保护隐私。     

What about Privacy of My OSN Data?

In the arena of internet of things, everyone has the ability to share every aspect of their lives with other people. Social media is the most popular and effective medium to provide communication. Social media has gripped our lives in a dramatic way. Privacy of users data lying with the service providers needs to be preserved when published for the purpose of research as the release of sensitive personal information of an individual may pose security threats. This has become an important research area nowadays. To some extent, the concepts of anonymization that were earlier used to preserve privacy of relational microdata have been applied to preserve privacy of social networks data. Anonymizing social networks data is challenging as it is a complex structure with users connected to one another graphically and the most important is to preserve the structural properties of the graph depicting the social network relationships while applying such concepts. Recent studies based upon K-anonymity and L-diversity help to preserve privacy of online social networks data and subsequently identify attacks that arise while applying these techniques in different scenarios. K-anonymity equalizes the degree of the nodes to prevent the data from identity disclosure but it cannot preserve sensitive information and also cannot handle attacks arising due to background knowledge and homogeneity. To cope up with the drawbacks of K anonymity, L-diversity was introduced that protects the sensitive labels of the users. In this paper, a novel technique has been proposed which implements the combined features of K-anonymity and L-diversity. Our proposed approach has been validated using the data of real time social network–Twitter (most popular microblogging network). The performance of the proposed technique has been measured by the metrics, such as average path length, average change in sensitive labels, and remaining ratio of top influential users. It thus becomes evident from the results that the values of these parameters attained with the proposed technique for the anonymized graph has minimal variation to that of original structural graph. So, it is possible to retain the utility without compromising privacy while publishing social networks data. Further, the performance of the proposed technique has been discussed by calculating the information loss that addresses the concern of preserving privacy with the least variation of actual content viz info loss.     

Saving face on Facebook: privacy concerns,social benefits,and impression management

The nearly ubiquitous use of online social networks generally entails substantial personal disclosure and elicits significant privacy concerns. This research uses Social Exchange Theory and the impression management (IM) literature to examine how privacy concerns can be counterbalanced by the perceived social benefits afforded by a social network’s ability to support IM. We frame social network use as an attempt to engage in IM, and we highlight the importance of a social network’s IM affordances in predicting social benefits from, and disclosure through, a social network. We test our model with a sample of 244 Facebook users, finding support for the proposed relationships and yielding the following contributions. First, this research provides a novel positioning of perceived IM affordances as a primary driver of both perceived social benefits and IM disclosure propensity. Second, this research illuminates that trust in both the social network provider and social network peers influences privacy concerns, social benefits, and perceived IM affordances. Our theory has important implications for researchers and practitioners interested in privacy issues within social networks.     

在线社交网络中的位置服务研究进展与趋势

在基于位置的社交网络中, 用户通过发布嵌入了位置数据的媒体信息获得服务, 如位置或好友推荐、旅行路线推荐等。用户和位置都是网络的主体, 位置作为桥梁将用户的虚拟网络世界与现实世界联系起来。综述了基于位置的在线社交网络中的位置信息获取、用户识别、位置识别、信息的共享与传播及位置隐私的相关研究, 预测了基于位置的在线社交网络未来的研究趋势。     

社交网络用户隐私泄露量化评估方法

社交网络用户隐私泄露的量化评估有利于帮助用户了解个人隐私泄露状况,提高公众隐私保护和防范意识,同时也能为个性化隐私保护方法的设计提供依据.针对目前隐私量化评估方法主要用于评估隐私保护方法的保护效果,无法有效评估社交网络用户的隐私泄露风险的问题,提出了一种社交网络用户隐私泄露量化评估方法.基于用户隐私偏好矩阵,利用皮尔逊相似度计算用户主观属性敏感性,然后取均值得到客观属性敏感性;采用属性识别方法推测用户隐私属性,并利用信息熵计算属性公开性;通过转移概率和用户重要性估计用户数据的可见范围,计算数据可见性;综合属性敏感性、属性公开性和数据可见性计算隐私评分,对隐私泄露风险进行细粒度的个性化评估,同时考虑时间因素,支持用户隐私泄露状况的动态评估,为社交网络用户了解隐私泄露状况、针对性地进行个性化隐私保护提供支持.在新浪微博数据上的实验结果表明,所提方法能够有效地对用户的隐私泄露状况进行量化评估.