Quantification of de-anonymization risks in social networks

Wei Han Lee; Changchang Liu; Shouling Ji; Prateek Mittal; Ruby Lee

doi:10.5220/0006192501260135

Quantification of de-anonymization risks in social networks

Wei Han Lee, Changchang Liu, Shouling Ji, Prateek Mittal, Ruby Lee

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Scopus citations

Abstract

The risks of publishing privacy-sensitive data have received considerable attention recently. Several deanonymization attacks have been proposed to re-identify individuals even if data anonymization techniques were applied. However, there is no theoretical quantification for relating the data utility that is preserved by the anonymization techniques and the data vulnerability against de-anonymization attacks. In this paper, we theoretically analyze the de-anonymization attacks and provide conditions on the utility of the anonymized data (denoted by anonymized utility) to achieve successful de-anonymization. To the best of our knowledge, this is the first work on quantifying the relationships between anonymized utility and de-anonymization capability. Unlike previous work, our quantification analysis requires no assumptions about the graph model, thus providing a general theoretical guide for developing practical deanonymization/anonymization techniques. Furthermore, we evaluate state-of-the-art de-anonymization attacks on a real-world Facebook dataset to show the limitations of previous work. By comparing these experimental results and the theoretically achievable de-anonymization capability derived in our analysis, we further demonstrate the ineffectiveness of previous de-anonymization attacks and the potential of more powerful de-anonymization attacks in the future.

Original language	English (US)
Title of host publication	ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy
Editors	Paolo Mori, Steven Furnell, Olivier Camp
Publisher	SciTePress
Pages	126-135
Number of pages	10
ISBN (Electronic)	9789897582097
DOIs	https://doi.org/10.5220/0006192501260135
State	Published - 2017
Event	3rd International Conference on Information Systems Security and Privacy, ICISSP 2017 - Porto, Portugal Duration: Feb 19 2017 → Feb 21 2017

Publication series

Name	ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy
Volume	2017-January

Other

Other	3rd International Conference on Information Systems Security and Privacy, ICISSP 2017
Country/Territory	Portugal
City	Porto
Period	2/19/17 → 2/21/17

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Information Systems
Safety, Risk, Reliability and Quality
Computer Science Applications

Keywords

Anonymization Utility
De-anonymization Capability
Structure-based De-anonymization Attacks
Theoretical Bounds

Access to Document

10.5220/0006192501260135

Cite this

Lee, W. H., Liu, C., Ji, S., Mittal, P., & Lee, R. (2017). Quantification of de-anonymization risks in social networks. In P. Mori, S. Furnell, & O. Camp (Eds.), ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy (pp. 126-135). (ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy; Vol. 2017-January). SciTePress. https://doi.org/10.5220/0006192501260135

Lee, Wei Han ; Liu, Changchang ; Ji, Shouling et al. / Quantification of de-anonymization risks in social networks. ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy. editor / Paolo Mori ; Steven Furnell ; Olivier Camp. SciTePress, 2017. pp. 126-135 (ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy).

@inproceedings{9c5c736259f34d6ba79e04dee1f9e9ab,

title = "Quantification of de-anonymization risks in social networks",

abstract = "The risks of publishing privacy-sensitive data have received considerable attention recently. Several deanonymization attacks have been proposed to re-identify individuals even if data anonymization techniques were applied. However, there is no theoretical quantification for relating the data utility that is preserved by the anonymization techniques and the data vulnerability against de-anonymization attacks. In this paper, we theoretically analyze the de-anonymization attacks and provide conditions on the utility of the anonymized data (denoted by anonymized utility) to achieve successful de-anonymization. To the best of our knowledge, this is the first work on quantifying the relationships between anonymized utility and de-anonymization capability. Unlike previous work, our quantification analysis requires no assumptions about the graph model, thus providing a general theoretical guide for developing practical deanonymization/anonymization techniques. Furthermore, we evaluate state-of-the-art de-anonymization attacks on a real-world Facebook dataset to show the limitations of previous work. By comparing these experimental results and the theoretically achievable de-anonymization capability derived in our analysis, we further demonstrate the ineffectiveness of previous de-anonymization attacks and the potential of more powerful de-anonymization attacks in the future.",

keywords = "Anonymization Utility, De-anonymization Capability, Structure-based De-anonymization Attacks, Theoretical Bounds",

author = "Lee, {Wei Han} and Changchang Liu and Shouling Ji and Prateek Mittal and Ruby Lee",

note = "Publisher Copyright: Copyright {\textcopyright} 2017 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved.; 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017 ; Conference date: 19-02-2017 Through 21-02-2017",

year = "2017",

doi = "10.5220/0006192501260135",

language = "English (US)",

series = "ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy",

publisher = "SciTePress",

pages = "126--135",

editor = "Paolo Mori and Steven Furnell and Olivier Camp",

booktitle = "ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy",

}

Lee, WH, Liu, C, Ji, S, Mittal, P & Lee, R 2017, Quantification of de-anonymization risks in social networks. in P Mori, S Furnell & O Camp (eds), ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy. ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy, vol. 2017-January, SciTePress, pp. 126-135, 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017, Porto, Portugal, 2/19/17. https://doi.org/10.5220/0006192501260135

Quantification of de-anonymization risks in social networks. / Lee, Wei Han; Liu, Changchang; Ji, Shouling et al.
ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy. ed. / Paolo Mori; Steven Furnell; Olivier Camp. SciTePress, 2017. p. 126-135 (ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy; Vol. 2017-January).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Quantification of de-anonymization risks in social networks

AU - Lee, Wei Han

AU - Liu, Changchang

AU - Ji, Shouling

AU - Mittal, Prateek

AU - Lee, Ruby

PY - 2017

Y1 - 2017

N2 - The risks of publishing privacy-sensitive data have received considerable attention recently. Several deanonymization attacks have been proposed to re-identify individuals even if data anonymization techniques were applied. However, there is no theoretical quantification for relating the data utility that is preserved by the anonymization techniques and the data vulnerability against de-anonymization attacks. In this paper, we theoretically analyze the de-anonymization attacks and provide conditions on the utility of the anonymized data (denoted by anonymized utility) to achieve successful de-anonymization. To the best of our knowledge, this is the first work on quantifying the relationships between anonymized utility and de-anonymization capability. Unlike previous work, our quantification analysis requires no assumptions about the graph model, thus providing a general theoretical guide for developing practical deanonymization/anonymization techniques. Furthermore, we evaluate state-of-the-art de-anonymization attacks on a real-world Facebook dataset to show the limitations of previous work. By comparing these experimental results and the theoretically achievable de-anonymization capability derived in our analysis, we further demonstrate the ineffectiveness of previous de-anonymization attacks and the potential of more powerful de-anonymization attacks in the future.

AB - The risks of publishing privacy-sensitive data have received considerable attention recently. Several deanonymization attacks have been proposed to re-identify individuals even if data anonymization techniques were applied. However, there is no theoretical quantification for relating the data utility that is preserved by the anonymization techniques and the data vulnerability against de-anonymization attacks. In this paper, we theoretically analyze the de-anonymization attacks and provide conditions on the utility of the anonymized data (denoted by anonymized utility) to achieve successful de-anonymization. To the best of our knowledge, this is the first work on quantifying the relationships between anonymized utility and de-anonymization capability. Unlike previous work, our quantification analysis requires no assumptions about the graph model, thus providing a general theoretical guide for developing practical deanonymization/anonymization techniques. Furthermore, we evaluate state-of-the-art de-anonymization attacks on a real-world Facebook dataset to show the limitations of previous work. By comparing these experimental results and the theoretically achievable de-anonymization capability derived in our analysis, we further demonstrate the ineffectiveness of previous de-anonymization attacks and the potential of more powerful de-anonymization attacks in the future.

KW - Anonymization Utility

KW - De-anonymization Capability

KW - Structure-based De-anonymization Attacks

KW - Theoretical Bounds

UR - http://www.scopus.com/inward/record.url?scp=85049079253&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85049079253&partnerID=8YFLogxK

U2 - 10.5220/0006192501260135

DO - 10.5220/0006192501260135

M3 - Conference contribution

AN - SCOPUS:85049079253

T3 - ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy

SP - 126

EP - 135

BT - ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy

A2 - Mori, Paolo

A2 - Furnell, Steven

A2 - Camp, Olivier

PB - SciTePress

T2 - 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017

Y2 - 19 February 2017 through 21 February 2017

ER -

Lee WH, Liu C, Ji S, Mittal P, Lee R. Quantification of de-anonymization risks in social networks. In Mori P, Furnell S, Camp O, editors, ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy. SciTePress. 2017. p. 126-135. (ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy). doi: 10.5220/0006192501260135

Quantification of de-anonymization risks in social networks

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Keywords

Access to Document

Other files and links

Fingerprint

Cite this