• No results found

Securing Social Networks Using Data Mining Techniques and Principles

N/A
N/A
Info
Download
Protected

Academic year: 2022

Share "Securing Social Networks Using Data Mining Techniques and Principles"

Copied!
9
0
0

Loading.... (view fulltext now)

Download now ( 9 Page )

Full text

(1)

Shikha Bansal, IJRIT 273 IJRIT International Journal of Research in Information Technology, Volume 1, Issue 6, June 2013, Pg. 273-281

International Journal of Research in Information Technology (IJRIT)

www.ijrit.com ISSN 2001-5569

Securing Social Networks Using Data Mining Techniques and Principles

1 Shikha Bansal, 2 Dr. Ravindra kumar Purwar ,

1 Guru Tegh Bahadur Institute of Technology, Delhi

2 University School of Information Technology, GGSIPU

1 [email protected], 2 [email protected]

Abstract

Social network analysis can be easily presented as graphs where the graph represents the complex sets of relationships between members of social systems. It has emerged as a key technique in modern sociology. The rapid increase in the interest in social networks has motivated the need for more specialized venues with wider spectrum capable of meeting the needs and expectations of a variety of researchers and readers. Though social network data is very useful to researchers and policy makers, releasing such data to the public may cause invasion of privacy Anonymization of these social graphs is important to facilitate is also gaining importance by this, we propose a structure aware anonymization approach that maximally preserves the structure of the original network as well its structural properties while anonymizing it. In this paper we focus on understanding the impact of network topology and framework for anonymizing social network for better security aspects.

1. Introduction

1.1 Social network analysis (SNA) refers to methods used to analyze social networks, social structures made up of individuals (or organizations) called "nodes", which are tied (connected) by one or more specific types of interdependency, such as friendship, kinship, common interest, financial exchange, dislike, sexual relationships, or relationships of beliefs, knowledge or prestige. In addition to graph structure social network data also contains descriptive and possible sensitive information about the entities, such as age, gender, address, professional and business affiliation, hobbies, and social clubs and activities. Sharing and mining social network data should not intrude the personal privacy of individuals. Recently more and more social network data has been released to the public for the purpose of data analysis. Though the analysis of social network data is valuable to researchers and policy makers , there may be risk of privacy invasion. Thus, data anonymization techniques are considered essential for safe and secure publishing and mining of social network data. The data anonymization techniques proposed in the literature can be classified as:

(2)

1.1.1 Nature of data:

Techniques have been proposed for tabular data ,which represents information about entities(e.g.

people),their quasi –identifiers(e.g. age, gender, zip code),and their sensitive information(e.g. salary ,disease).

1.1.2. Anonymization approaches:

Anonymization techniques use a variety of approaches including

a) Suppression ,where information (e.g. gender ) is removed from the data ;b)Generalization, where information (e.g. age) is coarsened into sets(into age ranges) c) perturbation, where noise is added to the data(e.g. salary).

1.1.3. Anonymization Objectives:

Privacy goals are achieved by applying particular approaches a)k-anonymity ,where each individual in the database must be distinguishable from k-1 others b)l-diversity, which seeks to ensure sufficient diversity in the sensitive information.

2. Privacy Preserving Data Mining Techniques

With an increased use of computers there has been a rise in security issues. While transmitting information electronically the major issue that arises is of its security. The goal of information security is to prevent data from intrusions, frauds and malwares like viruses, worms and more and from any criminal activities. Due to the large amounts of data in databases which requires security due to its sensitive nature, there is various privacy preserving data mining techniques that have been proposed in literature.

2.1Heuristic-Based Techniques: These techniques are mainly used for centralized data where the raw and aggregated data is hidden using techniques like perturbation, aggregation, blocking, swapping, sampling and generalization.

2.2 Reconstruction Based Techniques: These techniques are also used for centralized data and they aim at hiding the raw sensitive data by applying techniques that are based on probability distributions.

2.3. Cryptography Based Techniques: These techniques are used for distributed scenario and are aimed at using encryption techniques. Cryptographic techniques generally use secure multiparty computations .

2.4.Pseudonomyzation: It is a privacy preservation technique by which the sensitive information or the identifiers are replaced with false names in order to hide the sensitive information but this technique is not very secure and is susceptible to re-identification attack.

2.5. Anonymization: The objective of anonymization is to hide the sensitive data in such a way that an unauthorized party cannot infer anything from the published data while the authorized party can analyses the data to get the desired results.

2.6 Anonymization Definitions:-

2.6.1 K-Anonymity- It states that a data set is k-anonymous. If every equivalence class is of size K(includes at least k records).It was observed that sensitive attributes was the same for all records in an equivalence class then the size of equivalence class did not provide anonymity since mapping a unique identifier to the equivalence class was sufficient to map it to the sensitive attribute, this is called attribute –disclosure.

(3)

Shikha Bansal, IJRIT 275 2.6.2 P-sensitivity- It suggested to defend against attribute disclosure while complementing k-anonymity. It states that there must also be at least p different values for each sensitive attribute within a given equivalence class.

2.6.3 L-Diversity: To prevent attribute disclosure through either requiring a minimum of entropy in the values of the sensitive attribute.

2.6.4 T-Closeness- Approaches the problem of skewness by bounding the distance between the distribution of sensitive attribute values in the entire data set and their distribution within each equivalence class.

3. Need of Anonymization in Social Network

With the growing increase in usage of social network, the risks and privacy issues have also increased the responsibility of protecting this sensitive information lies with these service providers. The service providers release this social network data to various third parties like advertisers and researches for their benefit. This social network data cannot be released to such parties in its original form, as it contains the sensitive information of the individuals present in the network and its release can cause a major privacy threat to them. The need of anonymization arises here, when this social network data cannot be released in its original form. This sensitive social network data has to be converted into some other form before releasing it to third parties in order to maintain the privacy of the users.

The goal of anonymization is to hide this sensitive data by converting it into some other form so that any unauthorized user cannot extract any sensitive data, while the authorized users are able to perform the desired tasks without any security breach.

3.1 Classification Method 1. Identity disclosure 2. Link disclosure 3. Content disclosure.

These three dimensions cover all the attacks which could be accomplished on the released social network data by the attacker. In order to achieve a complete privacy-protection all the three dimensions should be considered.

3.1.1. Identity disclosure is referred to as the disclosure of an individual who is associated with node revealed. The identity disclosure problem occurs when the social network data is publically released or to a third party which could be used for further analysis by the attacker. Simple naive anonymization (removing the personally identifying information or replacement with a pseudorandom name) may not always guarantee privacy protection and could be susceptible to active and passive attacks. a. The situation gets even worse by the existence of background knowledge with the attacker. The attacker could use different type of queries for re-identification such as vertex refinement queries, sub-graph queries; hub fingerprint queries.

3.1.2. Link disclosure: Link disclosure is referred as the disclosure of relationships between the targets. These relationships could be sensitive to reveal. The link disclosure problem occurs when some structural information is leaked or may be inferred using observed relationship or node attributes.

3.1.3 Content disclosure: Content disclosure is referred to the disclosure of the data associated with the target like GPRS info, mail, and telephone calls. This is possible by linking or matching the various set of released data.

Anonymization techniques can be classified into following four approaches 1. Clustering

(4)

2. Clustering with constraints 3. Modification of graph 4. Hybrid

This information corresponds to the background knowledge which attackers possess and may utilize in launching an attack. In fact, the various anonymization techniques consider only some of the background knowledge and their combination which could be possessed and utilize by the attacker.

1. Vertex properties 2. Vertex degree 3. Sensitive attributes 4. Link relationship

5. Neighborhood information 6. Structural properties 7. Graph metrics 8. Sub-graphs

(5)

Shikha Bansal, IJRIT 277 Classification framework for anonymization in social networks

1. Clustering: A clustering-based method clusters vertices and edges into groups and anonymizes a sub graph into a super-vertex . Like we use generalization approach to hide an individual’s identity in relational data, we can use clustering to hide it in social network data. clustering approaches can further be classified in to vertex clustering methods, edge clustering methods, vertex and edge clustering methods and vertex-attribute mapping clustering methods

2. Clustering with constraints: The cluster edge anonymization with constraints technique creates edges between equivalence classes, but it requires equivalence class nodes to have some constraints as any two nodes in the original data.

3. Modification of graph: This approach makes use of insertion, deletion and/or swapping of some nodes and edges in a social network. It also includes perturbation or random modification and greedy graph modifications.

4. Hybrid approach: This approach includes combination of any of the above. There are various instances where people have used a combination of clustering and graph modification to achieve.

4. Dynamic Network Analysis

With an increased use of social media in recent times, dynamic network analysis as a topic of research has gained a lot of prominence. Though a lot of research has been done in the area of dynamic network analysis, use of clustering techniques for community identification in dynamic networks is quiet new and there are various techniques proposed under the evolutionary and incremental clustering approaches.

Dynamic network analysis is used to handle large, dynamic, multi-dimensional, multi-mode, multi-link and multi- level networks having ambiguities in them (varying level of uncertainty). Dynamic network analysis tracks the evolution and model changes in multiple networks at the same time.

5. Proposed Conceptual Framework For Social Network Data Security: The Role Of Social Network Analysis And Data Mining Techniques.

Anonymization as a technique to secure social network data has gained popularity but there are challenges in implementing it effectively. This chapter presents a conceptual framework to secure the social network data effectively by using data mining techniques to perform in-depth social network analysis before carrying out the actual anonymization process. In this chapter we shall discuss the use of data mining techniques to analyze the social network on security parameters and use the result of this analysis to select and implement the right anonymization techniques. We would also define the role of community analysis in social network and its various features and temporal metrics. Then we discuss the application of those data mining techniques that can deal with the dynamic nature of social network and discover important attributes of the social network.

5.1 Need OF the Framework

The challenges in securing social network data are primarily due to lack of proper understanding of the network structure and analysis. If the social network is properly comprehended and analyzed before applying any security measure or anonymization technique, it will provide reasonably important information about the network structures that will help to better anonymize the social network data and provide better security from various breaches. The

(6)

analysis of social network looks into the relationships among individuals, their location, flows and other connected information to find out the strong connections, nodes which are powerful and active, reveal more information or can be critical for the entire network, group or community. All this information can be very vital from the security point of view but is ignored by most anonymization techniques as they do not perform complete social network analysis, leading to security breaches. This highlights the need for examining the social network data on security parameters before applying any of the anonymization techniques. The framework that is presented caters to this need of developing a sound base for the application of anonymization techniques.

(7)

Shikha Bansal, IJRIT 279 5.1.1. Maximum Flow: The property of maximum flow finds all the possible number of paths from the source node to the target node and not just the efficient ones. The flow approach suggests that the strength of ties lies in the maximum number of alternatives that the source has towards the destination than the weakest link in the chain of connections. The weakest links are the ones with lack of alternatives.

5.1.2. Hubbell and Katz Cohesion: The maximum flow property focuses on the vulnerability or redundancy of connection between pair of actors whereas the Hubbell and Katz cohesion considers the strength of all links as defining connections, but it would not be appropriate to select a path of length 10 as important as a path of length 1.

The Hubbell and Katz approach counts total connections between actors and assign weights to each connection. The greater the length, the weaker the connection will be considered.

5.1.3. Centrality and Power: Power is the fundamental property of social network, and centrality and power are closely interrelated to one another. In social network analysis, measures of centrality are used than measures of power. Centrality measures provide a comprehensive view into various roles, grouping and relationships among the actors in a network. Below are explained the various measures of centrality:

a) Degree Centrality: It is used to measure the network activity for a node. It is defined as the number of links that a node has with other nodes in a network. It is generally considered that having more connections have high influence in a network, but this is not always true. There might be nodes with less number of connections but still they might be more important from connectedness point, as they may have connections with different groups or clusters.

b) Betweeness Centrality: It is a measure that defines the influence of those nodes in the network that act as brokers or are the point of failures. They are the critical components which upon their removal can isolate nodes or group of nodes.

c) Closeness Centrality: It is used to measure the length of the paths to other nodes in a network. It includes those nodes which might have less number of connections but would be able to form paths to all nodes in a network.

This framework uses the dynamic clustering techniques for performing the analysis of social networks and specifically performs analysis of community structures and there evolution with time.

6. Conclusion and Future Work

The role of data mining in information security has increased many folds and so a review was done on applications of data mining in information security. Of the various fields in information security where data mining has been applied, one emerging field which has more recently gained importance is Social Networks.

It was found that the social network data cannot be released in its original form and has to be converted in some other form in order achieve privacy and this was the reason that brought about the need of anonymization in social networks. Application of anonymization techniques for preservation of privacy in social networks is an emerging trend in the industry. It has attracted the attention of practitioners and academics alike. Research on privacy preserving techniques will increase in the future based on the increasing interest in social networking.

Various challenges have been identified that an anonymization technique confronts while performing anonymization on social network data. It has been seen that not all anonymization techniques have been able to provide the desired privacy as they ignore one or more critical parameters. Hence various critical parameters are proposed for assessing different anonymization technique for privacy preservation of social network data. The various parameters like level of privacy, robustness, adaption to republication can help to evaluate the different

(8)

anonymization technique. These parameters would help determine which among the available anonymization techniques best fulfills the privacy requirement in social network and would also help the future researcher to design or improve the anonymization technique for social network.

There are still some interesting works left for future research and can include

• anonymization techniques for achieving better privacy than the existing techniques.

• dimension to the work which can be continued for future enhancement in the already existing algorithms.

• explored to uncover hidden problems which can be overcome by the incremental or evolutionary clustering algorithms.

• Implementation of the framework on dynamic data sets of social networks.

7. References

[1] Aggarwal, C.C. and Yu, P.S. 2008, Privacy-preserving data mining: Models and algorithms, Advances in Database Systems,34, Springer.

[2] Backstrom, L., Dwork, C. and Kleinberg, J. 2007, Wherefore art thou r3579x? anonymized social networks, hidden patterns, and structural steganography, International Conference on World Wide Web (WWW), NY, USA, 181-190.

[3] Folino, F. and Pizzuti, C, 2010, A Multiobjective and Evolutionary Clustering Method for Dynamic Networks, International Conference on Advances in Social Networks Analysis and Mining, IEEE, 256-263

[4] Bilge, L., Strufe, T., Balzarotti, D. and Kirda, E. 2009, All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks, 18th International Conference on World Wide Web (WWW).

[5] Business ETC 2011 Facebook security breach allowed advertisers access to user data, available at http://businessetc.thejournal.ie/facebook-security-breach-allowed-advertisers-access-to-user-data-134549-

May2011/(accessed on Aug 2011) .

[6] Mitra, S., Bagchi, A. and Bandyopadhaya, A. K. 2007, Design of a Data Model for Social Network Applications, Journal of Database Management, 18(4), 51-79.

[7] Narayanan, A. and Shmatikov, V. 2009, De-anonymizing social networks, IEEE Symposium on Security and Privacy (S&P).

[8] Lin, Y. R., Chi, Y., Zhu, S., Sundaram, H. and Tseng, B. L. 2008, Facetnet: a framework for analyzing communities and their evolutions in dynamic networks, Proceeding of WWW '08 Proceedings of the 17th international conference on World Wide Web,685-694. .

[9] Ning, H., Xu, W., Chi, Y., Gong, Y. and Huang, T. 2010, Incremental spectral clustering by efficiently updating the eigen-system, Journal of Pattern Recognition Society, 43(1), 113–127

[10] Parker, B.D 2002, Motivating the Workforce to Support Security Objectives: A Long-Term View available at http://www.iwar.org.uk/comsec/resources/sa-tools/Motivation-for-Information- Security.pdf (accessed on 1st December, 2011).

[11] Folino, F. and Pizzuti, C, 2010, A Multiobjective and Evolutionary Clustering Method for Dynamic Networks, International Conference on Advances in Social Networks Analysis and Mining, IEEE, 256-263

(9)

Shikha Bansal, IJRIT 281 [12] Pattaya Daily News 2010, Facebook Security Breach, Private Details Published on Pirate Bay, available at http://www.pattayadailynews.com/en/2010/07/29/facebook-security-breach-private-details-published-on-pirate- bay/(accessed on Aug 2011).

[13] Sipior, J. C., Ward, B. T. and Rongione N. M. 2009, Consumer privacy expectations in a virtual environment: a framework for corporate risk assessment, International Journal of Networking and Virtual Organisations, 6(6), 558 – 573.

[14] Sirikulvadhana, S. 2002, Data Mining As A Financial Auditing Tool, M.Sc. Thesis in Accounting, Swedish School of Economics and Business Administration available at http://www.pafis.shh.fi/graduates/supsir01.pdf (accessed on 1st December, 2011).

[15] Song, H.H., Cho, T.W., Dave, V., Zhang, Y. and Qiu, L. 2009, Scalable proximity estimation and link prediction in online social networks, Proc. Internet Measurement Conference, 322-335.

[16] Sun, X., Sun, L. and Wang, H. 2011, Extended k-anonymity models against sensitive attribute disclosure, Presented at Computer Communications, 526–535.

[17] Sweeney, L. 2002, k-anonymity: a model for protecting privacy, International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 10(5), 557–570.

[18] Tang, J., Musolesi, M., Mascolo, C. and Latora, V. 2009, Temporal distance metrics for social network analysis, WOSN, Barcelona, Spain, 31-36

References

Download now ( PDF - 9 Page - 1.11 MB )

Related documents

A n n u a l R e p o r t

A civil service commission headed by the Ministry of Transport and Communications submitted its proposals in April which would open up the rail network to competitive bidding

Qualitative Monitoring of Saveh Plain's Groundwater Based on Water Quality Index (WQI)

Based on WQI, the more we move from West ,the groundwater quality reduces, in the way that the quality of ground water in western areas of plain are in High class and in the eastern

Accepting the Limits of Tax Law and Economics

This Article explores the limits of tax law and economics, attributing them to the unique complexity of the tax optimization problem. Designers of the optimal tax system must

All cells with a shaded background are calculated cells - don't type anything in these cells or the formulas will be lost!

Archery Family Travel 1 Make a list of things to take on a 3-day trip Nutrition 1 Make a poster of foods that are good for you Video Games 1 Explain the rating system. BB Gun Shooting

Support for Growth-oriented Women Entrepreneurs in Kenya

It receives support from the World Bank, UNDP, the Kenya Gatsby Charitable Trust, the Global Fund for Women, Trickle-Up, the Government of Kenya, the Consultative Group to Assist

Calculating and Displaying Fatigue Results

Once you have made the decision on which type of fatigue analysis to perform, Stress Life or Strain Life, and have determined your loading type, the next decision is whether to apply

Weld County Treasurer John Lefebvre

• Prior to December - Delinquent real property tax liens in Colorado are sold to investors at annual tax lien sales.. This is

THE CITY UNIVERSITY OF NEW YORK STATE ENVIRONMENTAL QUALITY REVIEW NEGATIVE DECLARATION Notice of Determination of Nonsignificance

The Proposed Project would introduce a new institutional use to the relocation site; however, the occupation of the space for office uses is compatible with the other