Active Re-identification Attacks on Periodically Released Dynamic Social Graphs
English
Chen, Xihui[University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Kepuska, Ema[University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Mauw, Sjouke[University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Ramirez Cruz, Yunior[University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
13-Sep-2020
Computer Security - ESORICS 2020
Chen, Liqun
Li, Ninghui
Liang, Kaitai
Schneider, Steve
185-205
Yes
No
International
25th European Symposium on Research in Computer Security (ESORICS 2020)
from 14-09-2020 to 18-09-2020
[en] dynamic social graphs ; privacy-preserving publication ; re-identification attacks ; active adversaries
[en] Active re-identification attacks pose a serious threat to privacy-preserving social graph publication. Active attackers create fake accounts to enforce structural patterns that can be used to re-identify legitimate users on published anonymised graphs, even without additional background knowledge. So far, this type of attacks has only been studied in the scenario where the inherently dynamic social graph is published once. In this paper, we present the first active re-identification attack in the more realistic scenario where a dynamic social graph is periodically published. Our new attack leverages tempo-structural patterns, created by a dynamic set of sybil nodes, for strengthening the adversary. We evaluate our new attack through a comprehensive set of experiments on real-life and synthetic dynamic social graphs. We show that our new attack substantially outperforms the most effective static active attack in the literature by increasing success probability by at least two times and efficiency by at least 11 times. Moreover, we show that, unlike the static attack, our new attack remains at the same level of efficiency as the publication process advances. Additionally, we conduct a study on the factors that may thwart our new attack, which can help design dynamic graph anonymisation methods displaying a better balance between privacy and utility.
FnR ; FNR11685812 > Yunior Ramirez-Cruz > PrivDA > Privacy-preserving Publication of Dynamic Social Network Data in the Presence of Active Adversaries > 01/06/2018 > 31/05/2021 > 2017