Yan Leng,Yijun Chen,Xiaowen Dong,Junfeng Wu,Guodong Shi

DOI: https://doi.org/10.2139/ssrn.3875878

2021-01-01

SSRN Electronic Journal

Abstract:There exists a growing concern about the privacy threats inherently encoded in the increasingly available behavioral data. In this paper, we focus on online service providers over which users reveal preferences (e.g., ratings or reviews) as publicly available behavioral data. We model users' strategic interactions in making these decisions as quadratic games on networks, where a user's payoff depends not only on their actions but also on their neighbors in a social interaction network. Based on the assumption that the observed preferences correspond to the Nash equilibrium of the game, we investigate whether eavesdroppers or competitors having access to such behavioral data could potentially infer or even thoroughly learn the hidden social interaction network from the observed user actions, leading to privacy risks at a system level for the platform. We introduce three notions of privacy risks on networks: fundamental privacy, conditional privacy, and practical privacy. We establish necessary and sufficient conditions for fundamental and conditional privacy of the social interaction structure, suggesting that at the system level, such interaction structure is not facing a critical risk of being fully exposed regardless of the amount of data available. To study practical privacy, we further propose and analyze a novel learning framework by solving a joint optimization problem for the network structure and the individual marginal benefits in the game. Extensive experiments on synthetic and real-world data demonstrate the effectiveness of the proposed framework, hence illustrating that behavioral data indeed present substantial privacy risks in practice. Broadly, this study enriches the network privacy literature and provides implications for online platforms by revealing the unexpected consequence of leaking network connections due to public consumer revealed preferences.

Linlin Yang,Wei Wang,Yanjiao Chen,Qian Zhang

DOI: https://doi.org/10.1016/j.comnet.2014.12.017

IF: 5.493

2015-01-01

Computer Networks

Abstract:With the prosperity of the Internet, many advertisers choose to deliver their advertisements by online targeting, where the ad broker is responsible for matching advertisements with users who are likely to be interested in the underlying products or services. However, this online advertisement targeting system requires user profile information and may fail due to privacy issues. In light of growing privacy concerns, we propose a privacy-aware framework for online advertisement targeting, where users are compensated for their privacy leakage and motivated to click more advertisements. In the framework, an ad broker pays a varying amount of money to users for clicking different advertisements due to distinct privacy leakage. Meanwhile advertisers send advertisements to the ad broker and determine the price per user click they need to pay. We model the interactions among advertisers, the ad broker and users as a three-stage game, where every player aims at maximizing its own utility, and Nash Equilibrium is achieved by backward induction. We further analyze the optimal strategies for advertisers, the ad broker and users. Numerical results have shown that the proposed privacy-aware framework is effective as it enables all advertisers, the ad broker and users to maximize their utilities in case of different levels of user privacy sensitivities. In addition, the proposed framework produces higher profits for advertisers and the ad broker than the traditional “paid to click” system.

Jun Du,Chunxiao Jiang,Kwang-Cheng Chen,Yong Ren,H. Vincent Poor

DOI: https://doi.org/10.1109/tifs.2017.2758756

IF: 7.231

2018-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Social networks have attracted billions of users and supported a wide range of interests and practices. Users of social networks can be connected with each other by different communities according to professions, living locations, and personal interests. With the development of diverse social network applications, academic researchers, and practicing engineers pay increasing attention to the related technology. As each user on the social network platforms typically stores and shares a large amount of personal data, the privacy of such user-related information raises serious concerns. Most research on privacy protection relies on specific information security techniques such as anonymization or access control. However, the protection of privacy depends heavily on the incentive mechanisms of social networks, like users' psychological decisions on security execution and socio-economic considerations. For example, the desire to influence the behaviors of other people may change a user's choice of security setting. In this paper, a game theoretic framework is established to model users' interactions that influence users' decisions as to whether to undertake privacy protection or not. To model the relationship of user communities, community-structured evolutionary dynamics are introduced, in which interactions of users can only happen among those users who have at least one community in common. Then the dynamics of the users' strategies to take a specific privacy protection or not is analyzed based on the proposed community structured evolutionary game theoretic framework. Experiments show that the proposed framework is effective in modeling the users' relationships and privacy protection behaviors. Moreover, results can also help social network managers to design appropriate security service and payment mechanisms to encourage their users to take the privacy protection, which can promote the spreading of privacy behavior throughout the network.

Jun Du,Chunxiao Jiang,Shui Yu,Kwang-Cheng Chen,Yong Ren

DOI: https://doi.org/10.1109/globalsip.2016.7905993

2016-01-01

Abstract:Users of social networks can be connected with each other by different communities according to professions, living locations and personal interests. As each user on the social network platforms stores and shows a large amount of personal data, the privacy protection raises as a major concern. This paper establishes a game theoretic framework to model users' interactions to influence users' strategies to take the privacy protection or not. To model the relationship of user communities, we introduce the community-structured evolutionary dynamics. Users' interactions can only happen among those who have at least one common community. Then we analyze the dynamics of users' privacy protection behavior based on the proposed community structured evolutionary game theoretic framework. Results show that social network managers need to provide appropriate security service b and payment mechanism c to ensure that cost performance b/c is larger than the critical cost performance, which can promote the spread of the privacy security behavior over the network. Moreover, results can help to design appropriate structure of the social network and control the convergence speed that all users take the privacy protection.

Fang Liu,Li Pan,Lihong Yao

DOI: https://doi.org/10.1109/dsc.2018.00046

2018-01-01

Abstract:With the increasing development of online social networks, privacy protection attracts more and more concerns. Most research on privacy protection focus on specific techniques, and they assume users adopt security protection mechanisms for granted. The impact of user behaviors on the deployment of these mechanisms is usually neglected. In fact, the actual effect of privacy protection mechanisms depends heavily on user behaviors. Whether a user adopts the security mechanism is affected by incentives, interactions with friends and other factors. It is necessary to encourage users to take privacy protection settings in order to improve the security environment in social networks. Therefore, in this paper, a network evolutionary game model is proposed for studying the influence of user behaviors on the deployment of privacy protection mechanisms, where whether to take privacy settings is used as game strategies. Considering real interactions in social networks, games only happen between connected users in the model. Then the dynamic equation of user behaviors over time is derived. Based on the dynamic equation, evolutionary stability conditions are proven according to the benefit cost ratio of taking the protection. Experiments in real social networks verify the feasibility of the proposed model. The analysis results are helpful for guiding security services to promote the deployment of privacy protection mechanisms in social networks.

Li Kuang,Yujia Zhu,Shuqi Li,Xuejin Yan,Han Yan,Shuiguang Deng

DOI: https://doi.org/10.1155/2018/3486529

IF: 1.968

2018-01-01

Security and Communication Networks

Abstract:With the rapid development of sensor acquisition technology, more and more data are collected, analyzed, and encapsulated into application services. However, most of applications are developed by untrusted third parties. Therefore, it has become an urgent problem to protect users’ privacy in data publication. Since the attacker may identify the user based on the combination of user’s quasi-identifiers and the fewer quasi-identifier fields result in a lower probability of privacy leaks, therefore, in this paper, we aim to investigate an optimal number of quasi-identifier fields under the constraint of trade-offs between service quality and privacy protection. We first propose modelling the service development process as a cooperative game between the data owner and consumers and employing the Stackelberg game model to determine the number of quasi-identifiers that are published to the data development organization. We then propose a way to identify when the new data should be learned, as well, a way to update the parameters involved in the model, so that the new strategy on quasi-identifier fields can be delivered. The experiment first analyses the validity of our proposed model and then compares it with the traditional privacy protection approach, and the experiment shows that the data loss of our model is less than that of the traditional k-anonymity especially when strong privacy protection is applied.

Ulugbek Mengibaev,Xiaodan Jia,Yeqing Ma

DOI: https://doi.org/10.1016/j.amc.2020.125231

IF: 4.397

2020-01-01

Applied Mathematics and Computation

Abstract:With the rapid development of social networks, privacy protection has become a hot issue in the field of information security. Here we introduce the framework of evolutionary game theory to explore the issue of privacy protection in social networks. Since reciprocity is widely present in social activities, we introduce the heterogeneous interaction mode, in which players can adopt different strategies for different opponents. In addition, the parameter u is introduced to measure the player's dependence on the opponent who interacts directly with the central individual during the update strategy phase. Here, we explore the impact of heterogeneous interaction dependency strength on privacy protection. A series of computer simulation results suggest that heterogeneous decision behavior can promote privacy protection, and there exists an optimal dependence strength interval for the group to achieve a higher level of privacy protection. Certainly, larger reciprocity strength and smaller cost can significantly increase the privacy protection behavior. Our research work is of great significance in solving the long-term safe and effective development of social networks.

Yuzi Yi,Jingsha He,Nafei Zhu,Xiangjun Ma

DOI: https://doi.org/10.1002/spy2.194

2021-01-01

Security and Privacy

Abstract:Privacy inference attacks in online social networks aim at inferring hidden attributes of target users based on released attributes of the users as well as information about social relationships in the networks. Although many privacy inference methods have been proposed in recent years, most of the methods have mostly focused on pursuing high accuracy of the inference results without paying too much attention on identifying users who make the most contributions to the inference, making it less useful in the development of effective countermeasures. In this paper, by taking full consideration of the roles of users in privacy inference, we propose a privacy inference method based on graph attention networks that can provide information about not only the private attributes of the target users, but also the importance of the users in the process of inferring the results. We also design a novel mechanism for the selection of influential users to make our proposed method adaptive to the characteristics of user influence diffusion, resulting in involving fewer number of users in privacy inference and hence improving the efficiency. We also performed some experiment to evaluate the proposed method using a real online social network dataset to show the effectiveness of the proposed method. Comparison with other comparable methods also shows that the results of our proposed method are more accurate.

Yuzi Yi,Nafei Zhu,Jingsha He,Anca Delia Jurcut,Xiangjun Ma,Yehong Luo

DOI: https://doi.org/10.1002/ett.4876

IF: 3.6

2024-01-01

Transactions on Emerging Telecommunications Technologies

Abstract:Privacy inference imposes a serious threat to user privacy in Online Social Networks (OSNs) as the vast amount of personal data and relationships in OSNs can be used not only to infer user privacy but also to enrich the training set of inference methods. Previous studies have mostly focused on privacy inference from the perspective of the adversary with the objective of tracking the accuracy of the inference results. However, countering privacy inference requires not only the analysis of the inference method but also the roles that data would play in the inference process, i.e., to determine the sensitivity of the data. To address this issue, in this paper, we propose a model for the identification of privacy-sensitive data in which we formulate the identification as an influence maximization problem to identify both the privacy-sensitive users and the privacy-sensitive attributes for privacy inference. In our model, a privacy-affected tree is first constructed based on the influence between users with respect to the concerned privacy. Then, privacy-sensitive users in the privacy-affected tree are identified along with their privacy-sensitive attributes based on their contribution to the inference result of the concerned privacy. Experiments show that the results of our proposed model can significantly affect the accuracy of privacy inference, which demonstrates that our model can identify the privacy-sensitive data. Meanwhile, the impact of privacy-sensitive users and privacy-sensitive attributes is analyzed to guide the design of effective privacy-enhancing technologies.

Jingsha He,Yue Li,Nafei Zhu

DOI: https://doi.org/10.3390/fi15030092

2023-02-28

Future Internet

Abstract:Online social networks (OSNs) have experienced rapid growth in recent years, and an increasing number of people now use OSNs, such as Facebook and Twitter, to share and spread information on a daily basis. As a special type of information, user personal information is also widely disseminated in such networks, posing threats to user privacy. The study on privacy information dissemination is thus useful for the development of mechanisms and tools for the effective protection of privacy information in OSNs. In this paper, we propose to apply the game theory to establish a sender–receiver game model and the Nash equilibrium to describe the behavioral strategies of users in disseminating privacy information. Factors that affect the dissemination of privacy information are also analyzed with two important aspects: intimacy and popularity of the privacy-concerning subject. Simulation experiments were conducted based on real data sets from scale-free networks and real social networks to compare and analyze the effectiveness of the model. Results show that the proposed game theory is applicable to the privacy information dissemination model, which implements intimacy and popularity in the modeling of the dissemination of privacy information in OSNs. Both the impact of the macro-level OSNs and the micro-relationships between users are evaluated on the dissemination of privacy information, which provides a new perspective for exploring the dissemination of privacy information and facilitates the development of effective mechanisms for privacy protection in OSNs.

Yizhou Shen,Shigen Shen,Qi Li,Haiping Zhou,Zongda Wu,Youyang Qu

DOI: https://doi.org/10.1016/j.dcan.2022.05.004

IF: 6.348

2022-05-01

Digital Communications and Networks

Abstract:The fast proliferation of edge devices for the Internet of Things (IoT) has led to massive volumes of data explosion. The generated data is collected and shared using edge-based IoT structures at a considerably high frequency. Thus, the data-sharing privacy exposure issue is increasingly intimidating when IoT devices make malicious requests for filching sensitive information from a cloud storage system through edge nodes. To address the identified issue, we present evolutionary privacy preservation learning strategies for an edge computing-based IoT data sharing scheme. In particular, we introduce evolutionary game theory and construct a payoff matrix to symbolize intercommunication between IoT devices and edge nodes, where IoT devices and edge nodes are two parties of the game. IoT devices may make malicious requests to achieve their goals of stealing privacy. Accordingly, edge nodes should deny malicious IoT device requests to prevent IoT data from being disclosed. They dynamically adjust their own strategies according to the opponent's strategy and finally maximize the payoffs. Built upon a developed application framework to illustrate the concrete data sharing architecture, a novel algorithm is proposed that can derive the optimal evolutionary learning strategy. Furthermore, we numerically simulate evolutionarily stable strategies, and the final results experimentally verify the correctness of the IoT data sharing privacy preservation scheme. Therefore, the proposed model can effectively defeat malicious invasion and protect sensitive information from leaking when IoT data is shared.

telecommunications

Cong Tang,Yonggang Wang,Hu Xiong,Tao Yang,Jianbin Hu,Qingni Shen,Zhong Chen

DOI: https://doi.org/10.1109/AINA.2011.57

2011-01-01

Abstract:Private attributes of Online Social Network (OSN) users can be inferred from other information (which is usually from users' friends and group information). To address this, social networking sites allow users to hide their friend lists and group lists, so that general public cannot see them. However, if a user doesn't make his friend list public, but his friends have public friend list where we can find him, we can do reverse lookup to extend the friend lists of the user. Furthermore, many social networks allow non-group members to list the members of public groups (e.g., Face book). These are strong violations of OSN users' privacy, and can be considered as privacy risks caused by the asymmetric configuration of settings in OSNs. In this paper we present the privacy risks due to the lack of symmetric configurations, which exist in most of the OSNs. To make our idea more clear, we propose a inference attack and show that it can be used to infer users' private information, even users already made their friend list private. We theoretically analyze the risk of proposed privacy issues, and evaluate the risk using experiments based on real-world OSN data. We show that it is not sufficient to only disable friend list and group list to guarantee privacy, and propose methods to mitigate these privacy issues.

Xing Zhang,Yongtao Cai,Fangyu Liu,Fuli Zhou

DOI: https://doi.org/10.1108/k-03-2024-0544

IF: 2.352

2024-06-13

Kybernetes

Abstract:Purpose This paper aims to propose a solution for dissolving the "privacy paradox" in social networks, and explore the feasibility of adopting a synergistic mechanism of "deep-learning algorithms" and "differential privacy algorithms" to dissolve this issue. Design/methodology/approach To validate our viewpoint, this study constructs a game model with two algorithms as the core strategies. Findings The "deep-learning algorithms" offer a "profit guarantee" to both network users and operators. On the other hand, the "differential privacy algorithms" provide a "security guarantee" to both network users and operators. By combining these two approaches, the synergistic mechanism achieves a balance between "privacy security" and "data value". Practical implications The findings of this paper suggest that algorithm practitioners should accelerate the innovation of algorithmic mechanisms, network operators should take responsibility for users' privacy protection, and users should develop a correct understanding of privacy. This will provide a feasible approach to achieve the balance between "privacy security" and "data value". Originality/value These findings offer some insights into users' privacy protection and personal data sharing.

computer science, cybernetics

Kaiyang Li,Ling Tian,Wei Li,Guangchun Luo,Zhipeng Cai

DOI: https://doi.org/10.1016/j.comnet.2018.11.036

IF: 5.493

2018-01-01

Computer Networks

Abstract:By exploiting rich personal information, Internet of Things can provide users with various customized experience and services, improving entertainment, convenience and quality for users’ life. However, unavoidably, these users suffer from serious risk of privacy leakage in the presence of untrusted service provider and malicious adversary. Game theory is treated as one of the most promising methodologies to investigate participants’ incentive, response, and behaviors and has been widely applied to design privacy preserving schemes. Nevertheless, the complex interactions among users, service provider, and adversary are not fully investigated in the existing work. What’s more, users’ social connection and interaction are ignored. In this paper, such complex interactions are modeled as a three-party game for the problem of private data trading in IoT with considering user’s social interaction in online social network. Particularly, data trading between service provider and adversary is formulated to be a Nash bargaining game, for which Nash bargaining solutions are analyzed via both theoretical analysis and numerical experiments. Our analysis can clearly illustrate data trading strategies between service provider and adversary and offer guidance for designing privacy protection scheme in IoT.

Yuzi Yi,Nafei Zhu,Jingsha He,Anca Delia Jurcut,Xiangjun Ma,Yehong Luo

DOI: https://doi.org/10.1016/j.comcom.2023.01.010

IF: 5.047

2023-01-01

Computer Communications

Abstract:Privacy leakage resulting from information sharing in online social networks (OSNs) is a serious concern for individuals. One of the culprits behind the problem is that existing privacy policies developed for OSNs are not fine-grained or flexible enough, resulting in privacy settings that could hardly meet the privacy requirements of individuals. Neither would such privacy settings allow individuals to control where the information could go. In addition, there are hardly any effective mechanisms for measuring potential threats to privacy during information propagation. To alleviate the situation, in this paper, we propose a novel privacy-preserving information sharing scheme for OSNs in which information flow can be controlled according to the privacy requirements of the information owner and the context of the information flow. Specifically, we first formally define the privacy-dependent condition (PDC) for information sharing in OSNs and then design a PDC-based privacy-preserving information sharing scheme (PDC-InfoSharing) to protect the privacy of individuals according to the heterogeneous privacy requirements of individuals as well as the potential threats that they may face. Furthermore, to balance information sharing and privacy protection, the techniques of reinforcement learning is utilized to help individuals reach a trade-off. PDC-InfoSharing would allow the privacy policies for specific information audience to be derived based on PDC to achieve dynamical control of the flow of information. Theoretical analysis proves that the proposed scheme can assist individuals in adopting fine-grained privacy policies and experiment shows that it can adapt to different situations to help individuals achieve the trade-off between information sharing and privacy protection.

Yuzi Yi,Nafei Zhu,Jingsha He,Anca Delia Jurcut,Bin Zhao

DOI: https://doi.org/10.1016/j.comnet.2022.109429

IF: 5.493

2022-01-01

Computer Networks

Abstract:The growing popularity of online social networks (OSNs) in recent years has generated a lot of concern on personal privacy. One approach of protecting privacy in OSNs is to intervene in the flow of privacy information, making the study of the dynamics of privacy information propagation necessary for the design of effective privacy protection mechanisms. Although previous work on information propagation has produced some models, these models are not adequate for privacy information since they do not reflect the main characteristics of privacy information. In this paper, we propose a model for privacy information propagation. We first analyze the structural characteristics of privacy information and then design the model by incorporating these characteris-tics. A unique feature of the model is that it infers the privacy attitudes of the information recipients to the privacy concerning subject implicated in the privacy information to determine the forwarding decisions of the recipients. Thus, by mapping the heterogeneous tendency of information forwarding by the recipients to a limited number of privacy attitudes, the model can predict the decisions on forwarding privacy information and thus describe the macroscopic process of privacy information propagation. Results of the experiment based on real OSN datasets show that the proposed model can be used to learn both the scope and the trend of privacy information propagation in OSNs, demonstrating the importance of the privacy attitudes of recipients on privacy information propagation. The properties of the model are also studied through experiment to examine the impact of various factors on privacy information propagation in OSNs.

Dongning Jia,Bo Yin,Xianqing Huang

DOI: https://doi.org/10.1155/2021/1181129

2021-01-01

Wireless Communications and Mobile Computing

Abstract:As people's awareness of the issue of privacy leakage continues to increase, and the demand for privacy protection continues to increase, there is an urgent need for some effective methods or means to achieve the purpose of protecting privacy. So far, there have been many achievements in the research of location-based privacy services, and it can effectively protect the location privacy of users. However, there are few research results that require privacy protection, and the privacy protection system needs to be improved. Aiming at the shortcomings of traditional differential privacy protection, this paper designs a differential privacy protection mechanism based on interactive social networks. Under this mechanism, we have proved that it meets the protection conditions of differential privacy and prevents the leakage of private information with the greatest possibility. In this paper, we establish a network evolution game model, in which users only play games with connected users. Then, based on the game model, a dynamic equation is derived to express the trend of the proportion of users adopting privacy protection settings in the network over time, and the impact of the benefit-cost ratio on the evolutionarily stable state is analyzed. A real data set is used to verify the feasibility of the model. Experimental results show that the model can effectively describe the dynamic evolution of social network users' privacy protection behaviors. This model can help social platforms design effective security services and incentive mechanisms, encourage users to adopt privacy protection settings, and promote the deployment of privacy protection mechanisms in the network.

Mengxiao Zhang,Fernando Beltran,Jiamou Liu

DOI: https://doi.org/10.1145/3384943.3409425

2020-10-06

Abstract:Online social networks have become very important sources of personal data that contain preferences, tastes, interests and friendships of their users. The potential that these data may be exploited poses a rising concern over how privacy is protected by these social network platforms. As a consequence, users are starting to demand privacy protection and privacy compensation when their data are used. This situation begs the question: How to properly compensate social network users for the disclosure of their data hosted in the network while preserving their privacy? In this paper, we consider data trade between a large amount of privacy-aware social network users, and a data broker with a budget who wants to find out aggregate friendship information of this social network. We propose an incentive mechanism for pricing social network data and privacy preservation. We prove that the proposed mechanism satisfies many desirable properties, including incentive compatibility, individual rationality, budget balance, and node differential privacy. Further, the accuracy of the proposed mechanism is theoretically analysed and its effectiveness is validated by experiments on real-world datasets.

Yu Wu,Li Pan

DOI: https://doi.org/10.1016/j.cose.2020.102157

IF: 5.105

2020-01-01

Computers & Security

Abstract:Online social networks are indispensable platforms where people share personal data from their daily lives. However, social sharing raises many privacy issues. One of the most difficult, the “privacy paradox,” is that social-network users want to meet their social needs by enhancing interactions with their friends and are at the same time concerned about the risk of privacy leakage. This work aims to help social-network users weigh the benefits of social sharing and the costs of privacy leakage. A proposed criterion for privacy-risk measurement can quantify the probability of privacy leakage according to multi-person competitive behaviors. By analyzing the continuous competition between a user and some unwanted knowers, a general-sum stochastic game model related to the privacy paradox is constructed. The Markov decision process (MDP) and a role-mining method are introduced to facilitate the game analysis. The existence of a Nash equilibrium strategy is proved theoretically, and effective personal access-control policies are derived from this strategy as solved by a reinforcement learning algorithm. Experiments evaluate the constructed privacy stochastic game model and the new criterion for privacy-risk measurement. This work helps users develop effective personal policies in all cases to optimize their payoffs in the privacy paradox.

Yuzi Yi,Jingsha He,Nafei Zhu,Xiangjun Ma,Yehong Luo

DOI: https://doi.org/10.1109/cecit58139.2022.00057

2022-01-01

Abstract:Various privacy-preserving mechanisms have been proposed to protect the privacy of individuals in online social networks, which have corresponding advantages in situations where they are primarily concerned. However, most of them applied static policies to all information audiences, resulting in the inability to satisfy the fine-grained requirements of information owners because audiences in the information propagation path are heterogeneous. To this end, we propose a novel privacy-preserving mechanism, in which the impact of each audience on the privacy situation of the information owner is evaluated. Particularly, to meet the subjective requirements of the information owner, the prospect theory is utilized to match the impact of the audience with the requirements of the owner, only the audience who satisfies the matching conditions can be authorized to receive the information. Furthermore, the Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is leveraged to implement the proposed mechanism, and the use of CP-ABE can also prevent service providers from obtaining the information of individuals. Therefore, through our mechanism, the information owner could reduce the risk from individuals and service providers, while meeting its personalized requirements. The theoretical analysis and simulation experiment demonstrates that our mechanism has obvious advantages in controlling privacy risk and is compatible with various scenarios.