[PhD Thesis 2020 / Pesto] Enforcing Social Network Privacy by Adversarial Machine Learning

Keywords: Social networks, Privacy, Inference attacks, Machine Learning.

– Context:
Personal information if revealed may have serious consequences on social network users. This information can be exploited to carry out personalized spam attacks, identity the attacks, cloning attacks, Sybil attacks, etc. They might cause serious damage to companies such as degradation of reputation, copyright infringement, loss of intellectual property, etc. Social networks provide several solutions in order to safeguard the privacy of users. However, their main deficiencies are usually due to complicated, non-uniform, periodically updated and unintelligible privacy policies, long and ambiguous user charters, and non-ergonomic privacy management interfaces. Although most social networks offer similar services (creating profiles, pages and groups, establishing links and interactions), their visibility management and the definition of links (symmetrical, non-symmetrical) are different. These design differences may be confusing for users of multiple social networks that are careless with checking each network settings. Moreover, the default parameters promote public dissemination but increase the risk of sensitive information leakage. Most importantly, social networks do not provide protection against inference of implicit information. Derived by correlating different public attributes and/or different public profiles, as in collaborative recommendation, this information is actually the main profit source of social networks’ business model as they can be exploited for targeted advertising. Therefore, knowledge accumulated from social networks about users goes beyond what is published and can be a threat to their privacy.

– Project description:
The objective is to design a tool for users to audit their own profiles with respect to privacy. The tool will simulate inference attacks on sensitive attributes. The approach will rely on vector space representations of socnet data and machine learning techniques. A fast and selective sampling algorithm must be used in order to guide the collector toward most relevant data and speed up the process so that audits can be performed in real-time. The attribute inference attacks obtained by
simulation should provide explanatory elements too, so that some adequate countermeasures are ultimately derived and implemented for users.

– Bibliography:

1. Younes Abid, Abdessamad Imine, Amedeo Napoli, Chedy Raïssi, Michaël Rusinowitch: Online Link Disclosure Strategies for Social Networks. CRiSIS 2016: 153-168.

2. Younes Abid, Abdessamad Imine, Amedeo Napoli, Chedy Raïssi, Michaël Rusinowitch: Two-Phase Preference Disclosure in Attributed Social Networks. DEXA (1) 2017: 249-263.

3. Younes Abid, Abdessamad Imine, Michaël Rusinowitch: Sensitive Attribute Prediction for Social Networks Users. EDBT/ICDT Workshops 2018: 28-35.

4. Bizhan Alipour, Abdessamad Imine, Michaël Rusinowitch: Gender Inference for Facebook Picture Owners. TrustBus 2019: 145-160.

 

– Profile and skills required:

Master qualification in computer science.
Good knowledge in a directly relevant area (graph algorithmic, probability and statistics, security, privacy or data-mining).
Programming (python, java, …).

 

– Contacts:

Abdessamad Imine (abdessamad.imine@loria.fr)

Michaël Rusinowitch (michael.rusinowitch@inria.fr)

Logo d'Inria