an automated social graph de anonymization technique
play

An Automated Social Graph De-anonymization Technique Kumar Sharad 1 - PowerPoint PPT Presentation

Oct 18, 2023 •17 likes •527 views

An Automated Social Graph De-anonymization Technique Kumar Sharad 1 George Danezis 2 1 2 November 3, 2014 Workshop on Privacy in the Electronic Society, Scottsdale, Arizona, USA This Talk 1 The Art of Data Anonymization 2 The D4D Challenge 3

  1. An Automated Social Graph De-anonymization Technique Kumar Sharad 1 George Danezis 2 1 2 November 3, 2014 Workshop on Privacy in the Electronic Society, Scottsdale, Arizona, USA

  2. This Talk 1 The Art of Data Anonymization 2 The D4D Challenge 3 An Ad-hoc Attack 4 Learning De-anonymization 5 Results 2

  3. The Art of Data Anonymization 3

  4. Releasing Anonymized Data Motivation : Process data without jeopardizing privacy. Popular : Randomize identifiers and/or perturb data. Pros : Cheap, preserves utility, provides legal immunity. Cons : Practiced as an art form . 4

  5. The Data for Development (D4D) Challenge 5

  6. The D4D Challenge 1 Introduced by a large Telco for research related to social development in Ivory Coast. Four datasets of anonymized call patterns released. Datasets include: Antenna-to-antenna calls, individual trajectories of varying spatial resolution and call graphs. Ivory Coast facts: Population – 22.4 million. Mobile phone users – 17.3 million. Telco subscribers – 5 million. A country fraught with civil war. 1http://www.d4d.orange.com/ 6

  7. Timeline July 2012 : A preliminary version of the datasets made available to us for evaluation. September 2012 : We provide feedback depicting weaknesses of the scheme, specifically the anonymized call graphs. Late 2012 : The challenge goes live after strengthening the anonymization. Released under strict NDA. 7

  8. The Dataset 4: Anonymized Call Graphs 2-hop communication network (egonet) of an individual. Vertices represent users and edges their interactions. Scheme 1 (pre-review): 8300 egonets. Edge attributes: call volume, duration and directionality. Scheme 2 (post-review): 5000 egonets. All edges between 2-hop nodes are removed . Edge attributes: redacted . 8

  9. Scheme 1 vs. Scheme 2: Illustrated 1-hop 2-hop 2-hop ego 1-hop 2-hop 1-hop 2-hop Scheme 1: Pre-review 9

  10. Scheme 1 vs. Scheme 2: Illustrated 1-hop 1-hop 2-hop 2-hop 2-hop 2-hop ego ego 1-hop 1-hop 2-hop 2-hop 1-hop 1-hop 2-hop 2-hop Scheme 1: Pre-review Scheme 2: Post-review 9

  11. Scheme 1 vs. Scheme 2: Illustrated 1-hop 1-hop 2-hop 2-hop 2-hop 2-hop ego ego 1-hop 1-hop 2-hop 2-hop 1-hop 1-hop 2-hop 2-hop Scheme 1: Pre-review Scheme 2: Post-review 9

  12. Anonymization Strategy Individuals picked at random. Identifiers randomized in each egonet. Tries to conceal the larger graph. Hope: Facilitate analysis while preserving privacy. Anonymity strengthened by redacting information. 10

  13. How to Evaluate Anonymization Schemes? Option 1 : We believe the scheme is secure. Hard to merge the egonets. Difficulty of linking egonets should be quantifiable. 11

  14. How to Evaluate Anonymization Schemes? Option 1 : We believe the scheme is secure. Hard to merge the egonets. Difficulty of linking egonets should be quantifiable. Option 2 : We believe the scheme is insecure. Show that a significant fraction of egonets can be re-linked. Discern real world identities. Recover full communication graph. 11

  15. How to Evaluate Anonymization Schemes? Option 1 : We believe the scheme is secure. Hard to merge the egonets. Difficulty of linking egonets should be quantifiable. Option 2 : We believe the scheme is insecure. Show that a significant fraction of egonets can be re-linked. Discern real world identities. Recover full communication graph. Gap : Lack of an attack does not imply security. 11

  16. An Ad-hoc Attack 12

  17. Ad-hoc Attack on Scheme 1 Transformation into egonets preserves an important variant. The degree of egos and 1-hop nodes is preserved. Degrees of the 1-hop sub-graph of 1-hop nodes is preserved. Can be used as a stable signature. 13

  18. Ad-hoc Attack on Scheme 1: Illustrated 1-hop 2-hop 2-hop ego 1-hop 2-hop 1-hop 2-hop 14

  19. Ad-hoc Attack on Scheme 1: Illustrated 1-hop 2-hop 2-hop ego A 1-hop 2-hop 1-hop 2-hop 14

  20. Ad-hoc Attack on Scheme 1: Illustrated 1-hop 2-hop deg: 2 2-hop ego deg: 1 A deg: 3 1-hop 2-hop 1-hop deg: 2 2-hop 14

  21. Ad-hoc Attack on Scheme 1: Illustrated 1-hop 2-hop deg: 2 2-hop ego deg: 1 A deg: 3 1-hop 2-hop 1-hop sig: [1 , 2 , 2 , 3] deg: 2 2-hop 14

  22. Ad-hoc Attack on Scheme 1: Illustrated 1-hop deg: 4 sig: [1 , 1 , 1 , 4] B 2-hop deg: 1 2-hop deg: 1 ego deg: 1 deg: 1 A 1-hop 2-hop 1-hop sig: [1 , 2 , 2 , 3] 2-hop 14

  23. Success Rate: Scheme 1 100% match for identical node pairs (theoretical). Over 99.9% mismatch for non-identical node pairs. 15

  24. Learning De-anonymization 16

  25. Security Economics: Attacking a Class of Schemes Scheme 2 defeats the ad-hoc attack. A piecemeal approach towards de-anonymization does not scale. Defeating an instance of anonymization is not generalizable. Can we generalize attacks? 17

  26. A Machine Learning Approach Traditional approach: 1 An anonymization strategy is designed. 2 Manually construct an attack. 3 Strategy is tweaked. 4 GO TO 2. Machine learning approach: 1 An anonymization strategy is designed. 2 Generate training and test data based on the algorithm. 3 Extract features. 4 Train the model. 5 Evaluate the performance 18

  27. The Model for D4D Learning Task Original Call Graph 19

  28. The Model for D4D Learning Task Original Call Graph Anonymization Process 19

  29. The Model for D4D Learning Task Original Call Graph Anonymization Process Anonymized Egonets 19

  30. The Model for D4D Learning Task Original Call Graph Anonymization Process Anonymized Egonets Training Set Evaluation Set Known node pairs 19

  31. The Model for D4D Learning Task Original Call Graph Anonymization Process Anonymized Egonets Training Set Evaluation Set Known node pairs Identical node pair? 19

  32. Node Features Must distinguish identical and non-identical node pairs. Feature vector purely based on topology (no edge weights or directionality). Too generic: high false positives. Too specific: low true positives. Extend the signature by quantizing it. 20

  33. Internals: Feature Vector Feature vector of a node with neighbors of degrees – [1 , 1 , 3 , 3 , 5 , 6 , 7 , 13 , 16 , 20 , 21 , 30 , 65 , 69 , 72 , 1030 , 1100]. 21

  34. Internals: Feature Vector Feature vector of a node with neighbors of degrees – [1 , 1 , 3 , 3 , 5 , 6 , 7 , 13 , 16 , 20 , 21 , 30 , 65 , 69 , 72 , 1030 , 1100]. 70 bins . . . . . . c 0 = 8 c 1 = 4 c 2 = 0 c 4 = 3 c 69 = 2 . . . . . . size = 15 21

  35. Internals: Feature Vector Feature vector of a node with neighbors of degrees – [ 1 , 1 , 3 , 3 , 5 , 6 , 7 , 13 , 16 , 20 , 21 , 30 , 65 , 69 , 72 , 1030 , 1100]. 70 bins . . . . . . c 0 = 8 c 1 = 4 c 2 = 0 c 4 = 3 c 69 = 2 . . . . . . size = 15 22

  36. Internals: Feature Vector Feature vector of a node with neighbors of degrees – [1 , 1 , 3 , 3 , 5 , 6 , 7 , 13 , 16 , 20 , 21 , 30 , 65 , 69 , 72 , 1030 , 1100]. 70 bins . . . . . . c 0 = 8 c 1 = 4 c 2 = 0 c 4 = 3 c 69 = 2 . . . . . . size = 15 23

  37. Internals: Feature Vector Feature vector of a node with neighbors of degrees – [1 , 1 , 3 , 3 , 5 , 6 , 7 , 13 , 16 , 20 , 21 , 30 , 65 , 69 , 72 , 1030 , 1100]. 70 bins . . . . . . c 0 = 8 c 1 = 4 c 2 = 0 c 4 = 3 c 69 = 2 . . . . . . size = 15 24

  38. Internals: Feature Vector Feature vector of a node with neighbors of degrees – [1 , 1 , 3 , 3 , 5 , 6 , 7 , 13 , 16 , 20 , 21 , 30 , 65 , 69 , 72 , 1030 , 1100]. 70 bins . . . . . . c 0 = 8 c 1 = 4 c 2 = 0 c 4 = 3 c 69 = 2 . . . . . . size = 15 25

  39. Internals: Feature Vector Feature vector of a node with neighbors of degrees – [1 , 1 , 3 , 3 , 5 , 6 , 7 , 13 , 16 , 20 , 21 , 30 , 65 , 69 , 72 , 1030 , 1100 ]. 70 bins . . . . . . c 0 = 8 c 1 = 4 c 2 = 0 c 4 = 3 c 69 = 2 . . . . . . size = 15 26

  40. Internals: Random Forest 400 trees trained. Identical node pair types: 1-hop, 1,2-hop and 2-hop. 4 random forests trained: 1 per category + 1 generic Prediction: Aggregate the decision of all trees. 27

  41. Results 28

  42. Evaluation: Datasets Evaluation does NOT use D4D datasets. Ethical concerns Lack of ground truth. Publicly available datasets used D4D (5M nodes) – 5000 egonets released. Epinions (75K nodes) – 100 egonets extracted. Pokec (1.6M nodes) – 1000 egonets extracted. 29

  43. Pokec Dataset: ROC Curves Pokec: Scheme 1 (self-validation) Pokec: Scheme 2 (self-validation) 1.0 1.0 0.8 0.8 True Positive True Positive 0.6 0.6 0.4 0.4 1-hop: AUC = 0.952 1-hop: AUC = 0.978 0.2 0.2 1,2-hop: AUC = 0.914 1,2-hop: AUC = 0.930 2-hop: AUC = 0.802 2-hop: AUC = 0.984 Complete: AUC = 0.793 Complete: AUC = 0.891 0.0 0.0 0.0 0.2 0.4 0.6 0.8 1.0 0.0 0.2 0.4 0.6 0.8 1.0 False Positive False Positive 30

  44. Pokec: FP vs TP (self-validation) Scheme 1 False Positive 0.01% 0.1% 1% 10% 25% 1-hop 27 . 50 42 . 92 51 . 04 88 . 75 93 . 96 1,2-hop 5 . 25 11 . 58 36 . 16 73 . 24 88 . 68 2-hop 0 . 00 12 . 55 23 . 15 49 . 14 69 . 96 Complete 0 . 01 10 . 44 20 . 48 47 . 60 68 . 36 Scheme 2 False Positive 0.01% 0.1% 1% 10% 25% 1-hop 4 . 20 16 . 26 49 . 89 97 . 20 99 . 58 1,2-hop 0 . 79 6 . 41 28 . 32 73 . 88 94 . 66 2-hop 1 . 62 12 . 12 50 . 42 99 . 96 99 . 99 Complete 0 . 68 6 . 12 21 . 14 64 . 12 86 . 10 31

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Towards Plausible Graph Anonymization Yang Zhang, Mathias Humbert, Bartlomiej Surma, Praveen

Towards Plausible Graph Anonymization Yang Zhang, Mathias Humbert, Bartlomiej Surma, Praveen

Towards Plausible Graph Anonymization Yang Zhang, Mathias Humbert, Bartlomiej Surma, Praveen Manoharan, Jilles Vreeken, Michael Backes Graph sharing 2 Graph anonymization 3 Graph anonymization id 3 id 7 id 1 id 6 id 4 id 2 id 8 id 5

622 views • 36 slides
Noise Graph Addition: A New Perspective for Graph Anonymization Vicen Torra, Julin Salas

Noise Graph Addition: A New Perspective for Graph Anonymization Vicen Torra, Julin Salas

Graph Perturbation as Noise Graph Addition: A New Perspective for Graph Anonymization Vicen Torra, Julin Salas Data Privacy Management Luxembourg, 26 September 2019 Outline 1. Introduction Motivations and objectives Random graph

355 views • 20 slides
Learning to de-anonymize social networks A machine learning approach to social graph

Learning to de-anonymize social networks A machine learning approach to social graph

Learning to de-anonymize social networks A machine learning approach to social graph de-anonymization Kumar Sharad October 28, 2016 Royal Holloway, University of London ACM Workshop on Artificial Intelligence and Security, Vienna, Austria

1.01k views • 69 slides
MULTILINGUAL AUTOMATED TEXT ANONYMIZATION Francisco Dias francisco.m.c.dias@tecnico.ulisboa.pt

MULTILINGUAL AUTOMATED TEXT ANONYMIZATION Francisco Dias francisco.m.c.dias@tecnico.ulisboa.pt

MULTILINGUAL AUTOMATED TEXT ANONYMIZATION Francisco Dias francisco.m.c.dias@tecnico.ulisboa.pt 03/06/2016 Instituto Superior Tcnico Slide 1 of 52 INTRODUCTION RELATED WORK ARCHITECTURE INTRODUCTION ANONYMIZATION METHODS

694 views • 52 slides
CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today Recap/Taxonomy of Anonymization Microdata anonymization Microaggregation based anonymization Taxonomy of Anonymization Problem

620 views • 59 slides
CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today Clustering based anonymization (cont) Permutation based anonymization Other privacy principles Microaggregation/Clustering Two steps:

879 views • 52 slides
Data Masking and Anonymization for PostgreSQL 1 The Anonymization Challenge 8 Strategies

Data Masking and Anonymization for PostgreSQL 1 The Anonymization Challenge 8 Strategies

Data Masking and Anonymization for PostgreSQL 1 The Anonymization Challenge 8 Strategies PostgreSQL Anonymizer The Future 2 3 My Story 4 LETS DO THIS ! jailer pgantomizer ARX pgsync anomyze-it anonymizer mat2 Talend open

1.12k views • 77 slides
1 Wri<ng and maintaining tests is tedious and error-prone.

1 Wri<ng and maintaining tests is tedious and error-prone.

{HEADSHOT} This lesson introduces a powerful automated tes<ng technique called dynamic symbolic execu<on. This technique is based on hybrid

1.18k views • 72 slides
Kernel methods and Graph kernels Social and Technological Networks Rik Sarkar University of

Kernel methods and Graph kernels Social and Technological Networks Rik Sarkar University of

Kernel methods and Graph kernels Social and Technological Networks Rik Sarkar University of Edinburgh, 2018. Kernels Kernels are a type of measures of similarity Important technique in Machine learning Used to increase power of many

359 views • 19 slides
Kernel methods and Graph kernels Social and Technological Networks Rik Sarkar University of

Kernel methods and Graph kernels Social and Technological Networks Rik Sarkar University of

Kernel methods and Graph kernels Social and Technological Networks Rik Sarkar University of Edinburgh, 2019. Kernels Kernels are a type of measures of similarity Important technique in Machine learning Used to increase power of many

568 views • 25 slides
Automated method in proving graph properties Kailiang Ji INRIA & Universit e Paris

Automated method in proving graph properties Kailiang Ji INRIA & Universit e Paris

Automated method in proving graph properties Kailiang Ji INRIA & Universit e Paris Diderot-Paris 7 October 31, 2013 Outline Background Expressions of graph properties Automated theorem proving Implementation Motivation

1.08k views • 65 slides
CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today Permutation based anonymization methods (cont.) Other privacy principles for microdata publishing publishing Statistical databases

986 views • 51 slides
Graph Databases Marco Serafini COMPSCI 532 Lecture 10 Graph DB Use cases Social network

Graph Databases Marco Serafini COMPSCI 532 Lecture 10 Graph DB Use cases Social network

Graph Databases Marco Serafini COMPSCI 532 Lecture 10 Graph DB Use cases Social network queries E.g. Facebook stores the entire metadata in a social graph Network security Find sequence of steps that lead to intrusion

320 views • 18 slides
Graph Essentials Graph Basics Social Media Mining Social Media Mining Measures and Metrics

Graph Essentials Graph Basics Social Media Mining Social Media Mining Measures and Metrics

Social Media Mining Graph Essentials Graph Basics Social Media Mining Social Media Mining Measures and Metrics Graph Essentials 2 2 Nodes and Edges A network is a graph nodes, actors, or vertices (plural of vertex ) Connections,

978 views • 63 slides
Contents Graph and Social Network Analysis Graph Construction Graph Visualization Graph Query

Contents Graph and Social Network Analysis Graph Construction Graph Visualization Graph Query

Social Network Analysis with R Yanchang Zhao http://www.RDataMining.com R and Data Mining Course Beijing University of Posts and Telecommunications, Beijing, China July 2019 Chapter 11: Social Network Analysis, in R and Data Mining:

606 views • 37 slides
Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference

Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference

Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference control Anonymization problem Anonymization notions and approaches (and how they fail to work!) k-anonymity l-diversity t-closeness

741 views • 51 slides
Egocentric Analysis of Dynamic Networks with EgoLines Jian Zhao, Michael Glueck, Fanny Chevalier,

Egocentric Analysis of Dynamic Networks with EgoLines Jian Zhao, Michael Glueck, Fanny Chevalier,

Egocentric Analysis of Dynamic Networks with EgoLines Jian Zhao, Michael Glueck, Fanny Chevalier, Yanhong Wu, Azam Khan Dynamic Networks Time 2 Year 1 Year 2 3 Egocentric Analysis My co-authors co-author Me My co-author 4

481 views • 27 slides
Distributed, Egocentric Representations of Graphs for Detecting Critical Structures Ruo-Chun Tzeng

Distributed, Egocentric Representations of Graphs for Detecting Critical Structures Ruo-Chun Tzeng

Distributed, Egocentric Representations of Graphs for Detecting Critical Structures Ruo-Chun Tzeng 1 Shan-Hung Wu 2 1 Microsoft Inc, Taiwan 2 National Tsing Hua University, Taiwan International Conference on Machine Learning, 2019 Ruo-Chun Tzeng

496 views • 15 slides
Distributed, Egocentric Representations of Graphs for Detecting Critical Structures Ruo-Chun Tzeng

Distributed, Egocentric Representations of Graphs for Detecting Critical Structures Ruo-Chun Tzeng

Distributed, Egocentric Representations of Graphs for Detecting Critical Structures Ruo-Chun Tzeng 1 Shan-Hung Wu 2 1 Microsoft Inc, Taiwan 2 National Tsing Hua University, Taiwan 36th International Conference on Machine Learning Ruo-Chun Tzeng,

299 views • 10 slides
Information Theory & the Efficient Coding Hypothesis Jonathan Pillow Mathematical Tools for

Information Theory & the Efficient Coding Hypothesis Jonathan Pillow Mathematical Tools for

Information Theory & the Efficient Coding Hypothesis Jonathan Pillow Mathematical Tools for Neuroscience (NEU 314) Spring, 2016 lecture 19 Information Theory A mathematical theory of communication , Claude Shannon 1948 Entropy

375 views • 19 slides
Ego-Centric Relational-Events: 2 nd Data Set From WTC, OKC Events taken from police reports,

Ego-Centric Relational-Events: 2 nd Data Set From WTC, OKC Events taken from police reports,

Ego-Centric Relational-Events: 2 nd Data Set From WTC, OKC Events taken from police reports, firefighter oral history interviews 168 police in WTC (8722), 30 firefighters for WTC (3817), 30 police for OKC (1678) Movement,

147 views • 4 slides
Subgraph Frequencies: The Empirical and Extremal Geography of Large Graph Collections Johan

Subgraph Frequencies: The Empirical and Extremal Geography of Large Graph Collections Johan

Subgraph Frequencies: The Empirical and Extremal Geography of Large Graph Collections Johan Ugander, Lars Backstrom, Jon Kleinberg World Wide Web Conference May 16 , 2013 Graph collections Neighborhoods: graph induced by friends of a single

714 views • 42 slides
Gravitational waves Scientific symposium 20th anniversary of the Auger observatory J. Casanueva

Gravitational waves Scientific symposium 20th anniversary of the Auger observatory J. Casanueva

Gravitational waves Scientific symposium 20th anniversary of the Auger observatory J. Casanueva European Gravitational Observatory The physics 2 Einsteins Theory of Gravity 1915 Space-Time is a deformable medium. Mass and Energy deform

730 views • 37 slides
Behaviour Design The economics of nudging India HCI 2014 workshop . 7 th Dec 2014 Workshop

Behaviour Design The economics of nudging India HCI 2014 workshop . 7 th Dec 2014 Workshop

Behaviour Design The economics of nudging India HCI 2014 workshop . 7 th Dec 2014 Workshop overview Workshop overview What is behavioural economics? Economics How aggregate demand evolves Designing incentives How firms compete How market

490 views • 19 slides

More recommend