skip to main content
10.1145/2133601.2133607acmconferencesArticle/Chapter ViewAbstractPublication PagescodaspyConference Proceedingsconference-collections
research-article

Stalking online: on user privacy in social networks

Published: 07 February 2012 Publication History

Abstract

With the extreme popularity of Web and online social networks, a large amount of personal information has been made available over the Internet. On the other hand, advances in information retrieval, data mining and knowledge discovery technologies have enabled users to efficiently satisfy their information needs over the Internet or from large-scale data sets. However, such technologies also help the adversaries such as web stalkers to discover private information about their victims from mass data.
In this paper, we study privacy-sensitive information that are accessible from the Web, and how these information could be utilized to discover personal identities. In the proposed scenario, an adversary is assumed to possess a small piece of "seed" information about a targeted user, and conduct extensive and intelligent search to identify the target over both the Web and an information repository collected from the Web. In particular, two types of attackers are modeled, namely tireless attackers and resourceful attackers. We then analyze detailed attacking mechanisms that could be performed by these attackers, and quantify the threats of both types of attacks to general Web users. With extensive experiments and sophisticated analysis, we show that a large portion of users with online presence are highly identifiable, even when only a small piece of (possibly inaccurate) seed information is known to the attackers.

References

[1]
G. Aggarwal, T. Feder, K. Kenthapadi, R. Motwani, R. Panigrahy, D. Thomas, and A. Zhu. k-anonymity: Algorithms and hardness. Technical report, Stanford University, 2004.
[2]
L. Backstrom, C. Dwork, and J. Kleinberg. Wherefore art thou r3579x?: anonymized social networks, hidden patterns, and structural steganography. In Proceedings of ACM international conference on World Wide Web, pages 181--190, 2007.
[3]
P. Cashmore. Privacy is dead, and social media hold smoking gun. CNN, October 2009.
[4]
J. Caverlee and S. Webb. A large-scale study of myspace: Observations and implications for online social networks. In Proceedings of the International Conference on Weblogs and Social Media, 2008.
[5]
X. Chen and S. Shi. A literature review of privacy research on social network sites. In Multimedia Information Networking and Security, 2009. MINES '09. International Conference on, volume 1, pages 93--97, nov. 2009.
[6]
T. Cheng, X. Yan, and K. C.-C. Chang. Entityrank: searching entities directly and holistically. In VLDB '07: Proceedings of the 33rd international conference on Very large data bases, pages 387--398, 2007.
[7]
S. Chester and G. Srivastava. Social network privacy for attribute disclosure attacks. In Advances in Social Networks Analysis and Mining (ASONAM), 2011 International Conference on, pages 445 --449, july 2011.
[8]
R. Dingledine, N. Mathewson, and P. Syverson. Tor: the second-generation onion router. In USENIX Security Symposium, 2004.
[9]
B. Dubow. Confessions of 'Facebook stalkers'USA Today, March 2007.
[10]
O. Etzioni, M. Cafarella, D. Downey, A.-M. Popescu, T. Shaked, S. Soderland, D. S. Weld, and A. Yates. Unsupervised named-entity extraction from the web: An experimental study. Artificial Intelligence, 165(1):91 -- 134, 2005.
[11]
G. Eysenbach and J. E. Till. Ethical issues in qualitative research on internet communities. BMJ, 323:1103--1105, 2001.
[12]
L. Garton, C. Haythornthwaite, and B. Wellman. Studying online social networks. Journal of Computer-Mediated Communication, 3(1), 1997.
[13]
P. Golle. Revisiting the uniqueness of simple demographics in the us population. In WPES '06: Proceedings of the 5th ACM workshop on Privacy in electronic society, pages 77--80, New York, NY, USA, 2006. ACM.
[14]
R. Gross, A. Acquisti, and I. H. John Heinz. Information revelation and privacy in online social networks (the facebook case). In Proceedings of ACM workshop on Privacy in the electronic society, pages 71--80, 2005.
[15]
M. Hay, G. Miklau, D. Jensen, D. Towsley, and P. Weis. Resisting structural re-identification in anonymized social networks. Proc. VLDB Endow., 1(1):102--114, 2008.
[16]
J. He and W. W. Chu. Protecting private information in online social networks. In Intelligence and Security Informatics, pages 249--273, 2008.
[17]
J. He, W. W. Chu, and Z. Liu. Inferring privacy information from social networks. In IEEE International Conference on Intelligence and Security Informatics, pages 154--165, 2006.
[18]
X. He, J. Vaidya, B. Shafiq, N. Adam, and V. Atluri. Preserving privacy in social networks: A structure-aware approach. In Web Intelligence and Intelligent Agent Technologies, 2009. WI-IAT '09. IEEE/WIC/ACM International Joint Conferences on, volume 1, pages 647 --654, sept. 2009.
[19]
B. A. Huberman, E. Adar, and L. R. Fine. Valuating privacy. IEEE Security and Privacy, 3(5):22--25, 2005.
[20]
M. Irvine. Social network users overlook privacy pitfalls. USA Today, April 2008.
[21]
P. Joshi and C.-C. Kuo. Security and privacy in online social networks: A survey. In Multimedia and Expo (ICME), 2011 IEEE International Conference on, pages 1--6, july 2011.
[22]
V. Kostakos, J. Venkatanathan, B. Reynolds, N. Sadeh, E. Toch, S. A. Shaikh, and S. Jones. Who's your best friend?: targeted privacy attacks in location-sharing social networks. In Proceedings of the 13th international conference on Ubiquitous computing, UbiComp '11, pages 177--186, 2011.
[23]
B. Krishnamurthy and C. E. Wills. On the leakage of personally identifiable information via online social networks. In WOSN '09: Proceedings of the 2nd ACM workshop on Online social networks, pages 7--12, New York, NY, USA, 2009. ACM.
[24]
J. Leskovec and E. Horvitz. Planetary-scale views on a large instant-messaging network. In WWW '08: Proceeding of the 17th international conference on World Wide Web, pages 915--924, 2008.
[25]
F. Li, J. Y. Chen, X. Zou, and P. Liu. New privacy threats in healthcare informatics: When medical records join the web. In ACM SIGKDD Workshop on Data Mining in Bioinformatics, 2010.
[26]
N. Li, T. Li, and S. Venkatasubramanian. t-closeness: Privacy beyond k-anonymity and l-diversity. In Proceedings of the 23rd International Conference on Data Engineering, pages 106--115, 2007.
[27]
Y.-R. Lin, Y. Chi, S. Zhu, H. Sundaram, and B. L. Tseng. Facetnet: a framework for analyzing communities and their evolutions in dynamic networks. In WWW '08: Proceeding of the 17th international conference on World Wide Web, pages 685--694, 2008.
[28]
K. Liu and E. Terzi. Towards identity anonymization on graphs. In Proceedings of the 2008 ACM SIGMOD, pages 93--106, 2008.
[29]
K. Liu and E. Terzi. A framework for computing the privacy scores of users in online social networks. In Data Mining, 2009. ICDM '09. Ninth IEEE International Conference on, pages 288 --297, dec. 2009.
[30]
K. Liu and E. Terzi. A framework for computing the privacy scores of users in online social networks. ACM Trans. Knowl. Discov. Data, 5:6:1--6:30, December 2010.
[31]
L. Liu, J. Wang, J. Liu, and J. Zhang. Privacy preserving in social networks against sensitive edge disclosure. Technical Report CMIDA-HiPSCCS 006-08, University of Kentucky, 2008.
[32]
B. Luo and D. Lee. On protecting private information in social networks: A proposal. In Workshop on Modeling, Managing, and Mining of Evolving Social Networks - in conjunction with IEEE ICDE, 2009.
[33]
A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam. L-diversity: Privacy beyond k-anonymity. ACM Trans. Knowl. Discov. Data, 1(1):3, 2007.
[34]
A. Masoumzadeh and J. Joshi. Preserving structural properties in anonymization of social networks. In Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), 2010 6th International Conference on, pages 1 --10, oct. 2010.
[35]
L. Singh and J. Zhan. Measuring topological anonymity in social networks. In GRC '07: Proceedings of the 2007 IEEE International Conference on Granular Computing, page 770, Washington, DC, USA, 2007. IEEE Computer Society.
[36]
A. C. Squicciarini, M. Shehab, and J. Wede. Privacy policies for shared content in social network sites. The VLDB Journal, 19:777--796, December 2010.
[37]
J. Staddon. Finding "hidden" connections on linkedin an argument for more pragmatic social network privacy. In Proceedings of the 2nd ACM workshop on Security and artificial intelligence, AISec '09, pages 11--14, New York, NY, USA, 2009. ACM.
[38]
L. Sweeney. Uniqueness of simple demographics in the u.s. population, 2000.
[39]
L. Sweeney. k-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl.-Based Syst., 10(5):557--570, 2002.
[40]
X. Ying and X. Wu. Randomizing social networks: a spectrum preserving approach. In SIAM International Conference on Data Mining (SDM), 2008.
[41]
C. Zhang, J. Sun, X. Zhu, and Y. Fang. Privacy and security for online social networks: challenges and opportunities. Network, IEEE, 24(4):13 --18, july-august 2010.
[42]
E. Zheleva and L. Getoor. Preserving the privacy of sensitive relationships in graph data. In International Workshop on Privacy, Security, and Trust in KDD (PinKDD), pages 153--171, 2008.
[43]
E. Zheleva and L. Getoor. To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles. In 18th International World Wide Web conference (WWW), April 2009. Earlier version appears as CS-TR-4926.
[44]
B. Zhou and J. Pei. Preserving privacy in social networks against neighborhood attacks. In Proceedings of the 24th International Conference on Data Engineering (ICDE), April 2008.
[45]
B. Zhou, J. Pei, and W. Luk. A brief survey on anonymization techniques for privacy preserving publishing of social network data. SIGKDD Explor. Newsl., 10(2):12--22, 2008.
[46]
L. Zou, L. Chen, and M. T. Özsu. k-automorphism: a general framework for privacy preserving network publication. Proc. VLDB Endow., 2:946--957, August 2009.

Cited By

View all
  • (2025)The Relationship Between Profile Disclosure Breadth and Network Size on Professional Social Media: Gender as a ModeratorACM SIGMIS Database: the DATABASE for Advances in Information Systems10.1145/3715966.371597256:1(79-100)Online publication date: 28-Jan-2025
  • (2025)A Quantitative Privacy Evaluation Method Based on Tsallis Entropy for Trustworthy Data SharingService-Oriented and Cloud Computing10.1007/978-3-031-84617-5_11(131-145)Online publication date: 21-Feb-2025
  • (2022)Surveillance Of The Individual Digital Image: An Empirical Research On Instagram Stalk PracticeİNİF E - Dergi10.47107/inifedergi.1076559Online publication date: 30-Jun-2022
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
CODASPY '12: Proceedings of the second ACM conference on Data and Application Security and Privacy
February 2012
338 pages
ISBN:9781450310918
DOI:10.1145/2133601
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 February 2012

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. attacks
  2. privacy
  3. social networks
  4. web

Qualifiers

  • Research-article

Conference

CODASPY'12
Sponsor:

Acceptance Rates

CODASPY '12 Paper Acceptance Rate 21 of 113 submissions, 19%;
Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)30
  • Downloads (Last 6 weeks)3
Reflects downloads up to 19 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2025)The Relationship Between Profile Disclosure Breadth and Network Size on Professional Social Media: Gender as a ModeratorACM SIGMIS Database: the DATABASE for Advances in Information Systems10.1145/3715966.371597256:1(79-100)Online publication date: 28-Jan-2025
  • (2025)A Quantitative Privacy Evaluation Method Based on Tsallis Entropy for Trustworthy Data SharingService-Oriented and Cloud Computing10.1007/978-3-031-84617-5_11(131-145)Online publication date: 21-Feb-2025
  • (2022)Surveillance Of The Individual Digital Image: An Empirical Research On Instagram Stalk PracticeİNİF E - Dergi10.47107/inifedergi.1076559Online publication date: 30-Jun-2022
  • (2021)Cyberstalking Victimization Model Using Criminological Theory: A Systematic Literature Review, Taxonomies, Applications, Tools, and ValidationsElectronics10.3390/electronics1014167010:14(1670)Online publication date: 13-Jul-2021
  • (2021)Evaluating security and privacy issues of social networks based information systems in Industry 4.0Enterprise Information Systems10.1080/17517575.2021.191376516:10-11(1694-1710)Online publication date: 14-Apr-2021
  • (2021)An automatic mechanism to provide privacy awareness and control over unwittingly dissemination of online private informationComputer Networks10.1016/j.comnet.2021.108614(108614)Online publication date: Nov-2021
  • (2021)Inverse document frequency-based sensitivity scoring for privacy analysisSignal, Image and Video Processing10.1007/s11760-021-02013-116:3(735-743)Online publication date: 30-Aug-2021
  • (2020)A Semantic Inference Based Method for Privacy MeasurementIEEE Access10.1109/ACCESS.2020.30343988(200112-200128)Online publication date: 2020
  • (2019)#DontTweetThis: Scoring Private Information in Social NetworksProceedings on Privacy Enhancing Technologies10.2478/popets-2019-00592019:4(72-92)Online publication date: 30-Jul-2019
  • (2019)DUEF-GA: data utility and privacy evaluation framework for graph anonymizationInternational Journal of Information Security10.1007/s10207-019-00469-4Online publication date: 23-Sep-2019
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media