Collective Data-Sanitization for Preventing Sensitive Information Inference Attacks in Social Networks

Collective Data-Sanitization for Preventing Sensitive Information Inference Attacks in Social Networks

Abstract:

Releasing social network data could seriously breach user privacy. User profile and friendship relations are inherently private. Unfortunately, it is possible to predict sensitive information carried in released data latently by utilizing data mining techniques. Therefore, sanitizing network data prior to release is necessary. In this paper, we explore how to launch an inference attack exploiting social networks with a mixture of non-sensitive attributes and social relationships. We map this issue to a collective classification problem and propose a collective inference model. In our model, an attacker utilizes user profile and social relationships in a collective manner to predict sensitive information of related victims in a released social network dataset. To protect against such attacks, we propose a data sanitization method collectively manipulating user profile and friendship relations. The key novel idea lies that besides sanitizing friendship relations, the proposed method can take advantages of various data-manipulating methods. We show that we can easily reduce adversary’s prediction accuracy on sensitive information, while resulting in less accuracy decrease on non-sensitive information towards three social network datasets. To the best of our knowledge, this is the first work that employs collective methods involving various data-manipulating methods and social relationships to protect against inference attacks in social networks.