How to Cooperate Locally to Improve Global Privacy in Social Networks? On Amplification of Privacy Preserving Data Aggregation
Krzysztof Grining, Marek Klonowski, Ma{\l}gorzata Sulkowska

TL;DR
This paper introduces two methods to enhance privacy in social network data aggregation by leveraging local cooperation, with theoretical analysis and experiments demonstrating effectiveness against strong adversaries.
Contribution
The paper proposes novel local cooperation methods that significantly amplify privacy in social networks with limited communication, addressing challenges of privacy preservation in distributed systems.
Findings
Methods significantly increase privacy in social network data aggregation.
Experimental results show robustness against powerful adversaries.
Theoretical analysis confirms privacy amplification effectiveness.
Abstract
In many systems privacy of users depends on the number of participants applying collectively some method to protect their security. Indeed, there are numerous already classic results about revealing aggregated data from a set of users. The conclusion is usually as follows: if you have enough friends to "aggregate" the private data, you can safely reveal your private information. Apart from data aggregation, it has been noticed that in a wider context privacy can be often reduced to being hidden in a crowd. Generally, the problems is how to create such crowd. This task may be not easy in some distributed systems, wherein gathering enough "individuals" is hard for practical reasons. Such example are social networks (or similar systems), where users have only a limited number of semi trusted contacts and their aim is to reveal some aggregated data in a privacy preserving manner. This…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
How to Cooperate Locally to Improve Global Privacy in Social Networks?
On Amplification of Privacy Preserving Data Aggregation
Krzysztof Grining
Department of Computer Science
Faculty of Fundamental
Problems of Technology, WUT
Marek Klonowski
Department of Computer Science
Faculty of Fundamental
Problems of Technology, WUT
Malgorzata Sulkowska
Department of Computer Science
Faculty of Fundamental
Problems of Technology, WUT
Abstract
In many systems privacy of users depends on the number of participants applying collectively some method to protect their security. Indeed, there are numerous already classic results about revealing aggregated data from a set of users. The conclusion is usually as follows: if you have enough friends to “aggregate” the private data, you can safely reveal your private information.
Apart from data aggregation, it has been noticed that in a wider context privacy can be often reduced to being hidden in a crowd. Generally, the problems is how to create such crowd. This task may be not easy in some distributed systems, wherein gathering enough “individuals” is hard for practical reasons.
Such example are social networks (or similar systems), where users have only a limited number of semi trusted contacts and their aim is to reveal some aggregated data in a privacy preserving manner. This may be particularly problematic in the presence of a strong adversary that can additionally corrupt some users.
We show two methods that allow to significantly amplify privacy with only limited number of local operations and very moderate communication overhead. Except theoretical analysis we show experimental results on topologies of real-life social networks to demonstrate that our methods can significantly amplify privacy of chosen aggregation protocols even facing a massive attack of a powerful adversary.
We believe however that our results can have much wider applications for improving security of systems based on locally trusted relations.
Index Terms:
anonymity, random graph, big component, adversary
111Supported by Polish National Science Center - NCN, decision number DEC-2013/ 08/M/ST6/00928 (Harmonia)
I Introduction
Most algorithms providing anonymity or privacy in distributed systems consist in hiding an element in a group of other elements. Indeed, one of the very first definitions of anonymity from [1] describes it as a * state of being not identifiable within a set of subjects, the “anonymity set”.*
Similar approach to privacy in the context of data bases is caught in -anonymity metrics ( [2, 3, 4]). That is, the privacy is preserved as long as each element is revealed in a group of at least other, identical elements. In this metric as well as some consecutive concepts like -diversity [5] or -invariance [6], the bigger the “anonymity set” is, the stronger the privacy guarantees are. This idea is also reflected in further definitions of anonymity/privacy [7, 8].
It turns out however that similar phenomenon can be also observed in systems typically investigated from differential privacy perspective. Let us remind that this privacy metric is in fact a standard one and was introduced in the seminal paper [9]. In the context of distributed system of somehow connected individuals we usually consider a problem where some function of data has to be revealed preserving privacy of individuals. Many real life cases fall into this scenario. The most obvious example is privacy preserving data aggregation, wherein we need to reveal e.g. a sum of values of users protecting their privacy at the same time. Such aim can be realized using combination of cryptography and the common trick of adding random value, (a noise), to the aggregated data (see for example [10] and [11]). It turns however that the bigger the set of individual contributed to the sum, the less noise has to be added to protect privacy of individuals. Alternatively, having the same level of privacy one can reveal more exact statistics if they refer to a bigger set of individuals.
In our paper we consider a distributed system that consists of nodes (individuals having some local, possibly sensitive, data) with connections constituting a graph modeled as a preferential attachment process. This model is believed to be appropriate for a wide spectrum of real systems including social networks. We may assume that each individual has a very constrained knowledge about the network limited to some (semi)trusted neighbors. We formally prove that using a simple algorithm (adding some extra connections between nodes) one may protect privacy of nodes even in the presence of an adversary capable of corrupting significant number of nodes. What is more important, our algorithm needs only some moderate number of local operations. In particular, the exact topology or even its exact size may remain unknown. Apart from rigid formal analysis we provide experimental results performed on data from real networks.
In Section II we present a general model with adversary. In Section III we present our distributed protocols which may be used to enhance privacy (e.g. in social networks). In Sections IV and V we provide analytic and experimental analysis of our protocols. In Section VI we show two examples of privacy amplification using our generic method. Then in Section VII we present some related papers and finally in Section VIII we conclude and outline some interesting problems for future work.
II General Adversarial Model
We consider a social network represented as a graph . The nodes and edges of represent users and friendship relation between pairs of them, respectively.
Our model can be directly used for other distributed systems, wherein a privacy preserving data computation problem is considered (e.g., a sensor network or a systems of smart meters) as long as some assumptions typical for social networks about the network topology are fulfilled.
The intuition behind our adversarial model is as follows. We assume that the Adversary can corrupt some of the users. Corruption gives the Adversary control over the node, yet we assume that he is an honest-but-curious type of Adversary. Namely, corrupted nodes follow the protocol, but they are trying to learn information about processed data and share all information they have with the Adversary.
The corruption of nodes can either be done in a random way or the Adversary can choose an arbitrary subset of nodes to corrupt, knowing the exact structure of the graph (say, he may attack the nodes with the highest degree). Note that random corruptions can model scenario when some users install protecting software and others remain attack-prone. This case also covers the situation with unexpected failures, without an actual presence of Adversary.
Note that the Adversary has full access to all information processed by corrupted nodes. As we show later, from the perspective of the Adversary all connections incident to a corrupted node are removed from the graph .
Definition 1
We will say that a graph is -strong if a subgraph induced by its honest nodes has largest connected component of size at least , where is the number of honest nodes.
Clearly, corruption of a significant number of nodes can dramatically decrease the -strength. For prevention, we can enrich the graph by adding some edges between users, e.g., between some arbitrary user and a friend of his friend. For practical reasons all these operations need to be local (no global topology is known) and simple.
We formally define Disconnection Game with Adversary and a distributed protocol as follows. We have a network with underlying undirected graph This can either be a specific real network graph or e.g., a randomly generated scale-free graph. We define Disconnection Game, denoted by in the following way:
: the set of edges is enriched by adding edges chosen between pairs of unconnected nodes. Rules of adding edges depend on specific game instantiation. This resulting graph is denoted , where is the set of edges added after was applied. 2. 2.
The Adversary chooses, according to restrictions in this game instantiation, a subset of nodes. The nodes belonging to are corrupted and removed from the graph with their incident edges denoted by . Note that the Adversary knows only the initial graph .
The resulting graph is denoted .
We assume that does not depend on the set . This assumption reflects the assumption that the adversary does not know choices of uncorrupted nodes. 3. 3.
The outcome of the game is the fraction of nodes belonging to the biggest connected component in graph .
The model presented in this section is a problem of robustness of the network (see for example [12, 13, 14, 15]). It is, however, worth mentioning that, unlike previous papers in that field, we require that the enhancing protocol is done in a distributed way and without much knowledge of global topology of the graph. Moreover, we pick rather strong notion of robustness, namely the size of the largest connected component.
If the resulting structure is -strong, it means that there exists a structure that is not controlled by the adversary that is connected and contains at least out of nodes. Intuitively, this allows to provide a common response secured in such way that the adversary cannot observe separate inputs of nodes but the aggregated value of a large set of nodes. In Section VI we present references to particular protocols.
III Security-enhancing protocols
We present two protocols aimed at improving -strength of the network and in consequence security of aggregation protocols. We prove their properties both in analytic (Sec. IV) and experimental (Sec. V) way for underlying graphs typical for social networks.
III-A -Two Steps Friend Finder
The person who wants to improve his chances of being in the big component asks his friend (chosen uniformly at random) to recommend him yet to another friend. Namely, our new friend is a former "friend of a friend" that is added to the list of connections (or just a separated contact used for privacy-preserving actions). This procedure is iterated times, namely ask randomly chosen friends for recommendations. That would result in obtaining (at most) new friends. Note that sometimes it might happen that a specific "friend of a friend" will be recommended more than once.
Formally, every node that wants to actively participate in the protocol performs a random walk of length starting from himself. Note that one could propose different length of the random walk, our choice of length is to minimize communication and keep the protocol as local as possible.
Formally the -Two Steps Friend Finder (-2SFF, for shortness) is presented as an Algorithm 1.
Note that -2SFF can be performed by a node without any knowledge of the underlying graph, except its neighbors. Moreover, it can be done in a fully distributed manner, with messages sent in the network, where is the number of nodes participating in the protocol.
III-B -Ask Fat For a Friend
The approach in this protocol is substantially different. Here we want to rely on the preferential attachment properties of real networks. In particular, we assume that there is a commonly known list of a few nodes with highest degrees. We will call them fat nodes. In real life situation we might think that there are a few well-known and somewhat trusted parties in the distributed system.
Existence of such fat nodes is typical for structures governed by preferential attachment model (a.k.a. "rich get richer"). Note that there is a vast research in this kind of models and it turns out that complex, real life networks tend to exhibit such properties.
-Ask Fat For a Friend ( -A3F) goes as follows. Every node that wants to improve its chance to belong to the big component has to choose uniformly at random one fat node from the common list and ask for an address of one of its neighbors chosen at random. Formally, -A3F protocol is presented in Algorithm 2 and 3.
Using a list of ’fat’ nodes may be perceived as a bottleneck of the protocol, yet one should easily realize that in many real life cases the fat node has significantly more resources. Think about the case where the network is the WWW and ’fattest’ nodes are e.g., Google, Yahoo or Facebook. Moreover a fat node does not participate in further communication. It just contacts two nodes so that they can establish an independent connection.
In the next Sections we show that using fat nodes for finding friends substantially improves the immunity of the graph even facing a massive attack of the adversary.
IV Analytic results
In this Section we analyse a specific, most interesting case of our protocols in a general model. Other cases are also considered in the next Section. Let us analyse the -A3F with Adversary knowing the topology of graph in advance thus attacking the nodes with the highest degree. We consider to be preferential attachment graph having some properties that can be met in real-life networks. One of such properties is existence (whp) of a group of vertices having high (in some sense) degrees. Their neighborhood covers whp the linear number of vertices from .
Thus, let us assume throughout this Section the following. Let be the subset of vertices whose degrees vary from to for some constants , for some constant . is the set of the fat nodes from our protocol and, at the same time, the set of vertices that will be corrupted by Adversary. By we denote the neighborhood of without vertices from , thus , where is the neighborhood of . We assume also that for some constant . Let . We will use the well known fact about the Erdös-Renyí model (see for example [16]), namely that whenever for some , then whp is connected.
First, let us consider the case in which all vertices want to participate in the -A3F Protocol.
Theorem 1
If then after executing -A3F for all vertices in we obtain which is whp -strong. (Recall that is the set of edges added during the protocol execution and is the set of edges incident to vertices from .)
Proof:
Note that the set of vertices of satisfies and and are disjoint. First, let us concentrate on the set . Let . Let be such that . Let us estimate the probability that there exists an edge (denote this event by ). Let denote the event that established an edge during the protocol. For some and sufficiently big we get
[TABLE]
Note that is the lower bound for the probability that establishes an edge in a single step of the protocol. Indeed, does not need to be the only neighbor of in . The second inequality follows from the bounds for . The third inequality follows from the fact that converges to from below for , the fourth one from the fact that . The last inequality follows because and . Since each vertex creates new edges during the protocol independently from other vertices, we have . Of course, the lower bound (1) is true also for for all . We can think that the subgraph of induced on (denote it by ) decomposes into Erdos-Renyi , where , and some other random graph. Thus will inherit some monotone properties of , among others, it will be connected whp. Since Adversary corrupts the nodes with the highest degrees, namely the whole set , all the vertices from will stay in . Thus we have proved the existance (whp) of a giant component (which contains ) of size at least in .
Now, let us concentrate on the set . Let us estimate the probability that a vertex is not connected with (denote this event by ). What needs to happen is that whenever the fat node sends to the id of , needs to be a fat node as well. Since there are fat nodes and their degrees are at least , we obtain
[TABLE]
Vertices from act during the protocol independently and the above probability is so small that we can simply estimate the probability that all vertices from are connected with (denote this event by ) and show that it happens whp:
[TABLE]
Thus whp is connected. ∎
The above theorem gave us a very strong result however its assumption about the number of vertices taking part in the protocol was also very strong. Now, let us discuss the following case: fraction of vertices from and fraction of vertices from take part in the protocol. (We don’t care about vertices from because they are going to be corrupted and their incident edges will not appear in eventually).
Theorem 2
If and then after executing -A3F for vertices as described above on we obtain which is whp -strong.
Proof:
Let denote the set of vertices from which take part in the protocol (). Even though the vertices from do not take part in the protocol, they can be chosen as those to whom vertices from establish new edges. Let us estimate the probability that will not get connected to any vertex from during the execution of the protocol (denote this event by ). Let be such that and are neighbors in . We have
[TABLE]
(compare 1).
Now, let us estimate the probability that all vertices from are going to be connected with (denote this event by ). We get
[TABLE]
since . Thus again whp is connected.
By calculations analogous to those from Theorem 1 we also get that all vertices from which participate in the protocol (denote this set by ) are connected with whp. We proved that whp has a giant component containing , . This completes the proof.
∎
V Experimental results
We present experimental results conducted on real data of Epinions social network collected in SNAP dataset by Stanford University (see [17] and [18]).
This is a who-trust-whom online social network of a a general consumer review site Epinions.com. Members of the site can decide whether to ”trust” each other. All the trust relationships interact and form the Web of Trust which is then combined with review ratings to determine which reviews are shown to the user. Our network has nodes and edges where nodes denote users of Epinions.com site and edges denote trust relation.
V-A Random Failures
Random failures is a widely used model in network robustness but also fault tolerance (see [19]) literature. We assume that corrupted nodes (or in other words, nodes which are prone to failure) are distributed in a uniform way across the whole network.
V-A1 -2SFF Protocol
First let us concentrate on the -2SFF Protocol in the case of Random Failures. Initially we assume that all nodes launch the -2SFF Protocol, namely each node does random walks of length to establish extra connections. Obviously, the larger , the better safety of the nodes.
In Figure 1 we show how the -2SFF Protocol performs on Epinions social network graph under Random Failures model. We can see how the network behaves without any enrichment, and with . Note that on the x-axis we have the percentage of corrupted nodes. With walks, around of remaining nodes are in the single giant connected component. Note that the edges are added before the corruption phase. Therefore, for each remaining node, a lot of added neighbors are corrupted and therefore useless. On the positive side, one can easily see that for up to around failures, even walks are sufficient to have almost every node belonging to the giant component.
Despite these somewhat optimistic results, it is quite unrealistic to assume that all users want to participate. We want to weaken this assumption. We still demand high level of security, at least for the participating users. In the Figure 2 we show some experimental results when a part of nodes participates, only. Here we assume and fraction of participating nodes. That is, nodes participate in -2SFF protocol. Then we are interested what is the fraction of participating users that belong to the biggest component and how it compares to the situation when all users do participate.
Note that in the case where there is a significant decrease of security. Namely, with massive number of failures, we have around nodes in biggest component in comparison to in the full participation case. Note that even if we consider only the subset of participating nodes, then the fraction of nodes belonging to biggest component amongst them is below . The security indeed improves with greater , yet still even if we consider only the participating nodes, the results are significantly worse than when all users participate. Thus this protocol turned to be useful in communities if we know that strong majority of nodes is willing to use it.
V-A2 - A3F Protocol
Now we focus on the -A3F protocol under Random Failures model. Again, we initially assume that all nodes participate in the protocol, namely each node does queries which consist of randomly choosing one of the fat nodes and asking for randomly chosen neighbor of that node. Here we fixed the number of the nodes considered fat for . It means that 16 nodes which have the highest degree in the initial graph are on the common list of ’fat nodes‘.
In Figure 3 one can see the performance of A3F on Epinions social network graph under Random Failures model. Similarly as before, we show the behavior of the network without any enrichment, and with . This time, with queries, almost of remaining nodes are in the giant component despite of a large number of failures. Another interesting thing to observe is that the cutoff (moment when the fraction of nodes in the giant component begins to decrease significantly) appears much farther. For example, in case of -2SFF we see that the size of the giant component starts to deteriorate since approximately failures, before this threshold it remains very close to . In the case of 2SFF, on the other hand, for the cutoff appears as far as failures and before such a massive corruption of nodes, it remains negligibly close to .
Again we are interested in the performance of A3F in the case where only a fraction of users wants to participate. We assumed and participation. In Figure 4 we have shown the results for 2SFF with partial participation.
The most interesting thing is the fact that the safety level amongst the participating nodes in case of partial participation is virtually the same as the safety level when all nodes participate. This fact is very important from the practical point of view. It gives the users a choice - whether they want to sacrifice their safety and not participate in the protocol, or participate in the protocol and be safe no matter what other users choose as long as at least some fraction (say ) decides to participate in the protocol.
V-A3 Comparison
A glance at the figures in this subsection is enough to see that -A3F performs better than -2SF under Random Failures regime. See for example that for and for failures the A3F protocol gives approximately nodes belonging to the giant component, while 2SFF gives only . Moreover, for the cutoff and therefore non-negligible deterioration of the fraction of nodes in the biggest component appears for greater fraction of failures than in -2SF protocol.
Intuitively, these differences in the results stem from the fact that in A3F we leverage naturally emerging preferential attachment models in real, complex networks, while 2SFF does not really utilize this fact. Connecting to neighbors of fixed, high-degree set of nodes massively improves robustness of real networks.
V-B Targeted Adversary
In this subsection we present experiments conducted under far stronger Adversarythat can corrupt nodes of the highest degree. Namely, if the Adversary has to corrupt nodes, she sorts the list of nodes by degree and corrupts first of them.
Note that the Adversary only has access to the initial graph, without enrichment. Obviously, for a specific instance of the graph one could possibly devise a more clever way of attack, however this strategy seems to be optimal in general. Note that complex network which resemble preferential attachment features are extremely prone to such attacks.
V-B1 -2SFF protocol
In Figure 5 we show how -2SFF performs on Epinions social network graph under Targeted Adversary model. We can see how the network behaves without any enrichment, and with . Note that on the x-axis we have the percentage of corrupted nodes and this time it ranges from [math] to instead of due to the Adversary’s strength. Note that without enrichment the fraction of nodes in the biggest222Note that from graph-theory perspective we have in this case a giant component - a single component that contains a fraction of all nodes component dramatically falls to almost [math] for failures. In other words, if the Adversary destroys nodes of highest degree, the remaining graph consists only of very small components. On the other hand, see that for up to corruptions the walks version gives almost nodes belonging to the biggest component. Even for corruption the fraction of nodes in the biggest component is considerably large (approximately ). Recall that without enrichment under such a strong adversary there is virtually no giant component whatsoever.
Let us investigate the protocol if we assume that only a fraction of non-corrupted users participate actively. We assumed and participation. In Figure 6 we have shown the results for -2SFF with partial participation under Targeted Adversary regime.
An interesting difference between the results for this model and Random Failures can be seen in this figure. Namely, the fraction of nodes belonging to the giant component amongst those who participate is only slightly greater than amongst those who do not participate. This is highly undesired, as it gives no notion of improvement and benefit of participating actively in the protocol. A node could decide that it is pointless to waste precious resources and rather hope that the others would participate actively. See that even if half of the users actively participate, the fraction of nodes in the giant component are significantly smaller than when all nodes participate.
V-B2 -A3F protocol
After somewhat unsatisfying results for -2SFF under Targeted Adversary, we will now present experiments on the -A3F protocol. As before, let us first assume that all nodes participate in the protocol.
In Figure 7 one can see the performance of -A3F on Epinions social network graph under Targeted Adversary model. As previously, we show the behavior of the network without any enrichment, and for the cases where . This time, with queries, approximately of remaining nodes are in the biggest component for up to corruptions and over of nodes are in the giant component for up to corruptions. Another interesting thing to observe is that the cutoff again appears for greater number of corruptions. For example, in case of -2SFF we see that the size of the giant component starts to deteriorate since approximately failures, before this threshold it remains close to . In the case of -A3F, on the other hand, the cutoff appears as far as at failures.
Similarly as in the previous subsection, we want to see how the protocol behaves if we assume that only a fraction of non-corrupted users participate actively. We assumed and participation. In Figure 8 we show the results for A3F with partial participation under Targeted Adversary regime.
Figure 8 is probably the most striking one due to the fact that in all three cases, one can easily see that the fraction of nodes belonging to the giant component amongst the actively participating nodes is almost the same as when all nodes participate. This is a very desirable feature of -A3F because it gives the user a natural choice - participate in the protocol, which costs come computational resources, but be in the giant component independently of the choices of other nodes or do not participate, but then you are facing serious risk of ending up disconnected from the giant component.
V-B3 Comparison
First of all, the results for both protocols are obviously worse than for Random Failure model, which is not surprising. However, they still give a significant improvement of the size of the giant component. Moreover, in the regime of Targeted Adversary, the -A3F has a very interesting property of assuring almost the same fraction of nodes belonging to the giant component for participating fraction of nodes (even if only of users participate) as in the case where all users participate.
This regime shows that -A3F is indeed a very powerful enrichment to the graph structure. Note that we went from no giant component for failures to almost nodes belonging to the giant component amongst the actively participating nodes even if only of users participate. This scenario shows a significant improvement of security which is gained via -A3F for those who actively participate in it. Note that the difference between the performance of -2SFF and -A3F is strongly connected with utilizing preferential attachment in real networks.
VI Some Consequences for Security and Privacy
Let us assume that graph is -strong.
Corollary 1
Assume that we have a network with underlying graph which is -strong. Then using cryptographic methods for data aggregation (see for example [10]) one can aggregate data even without adding noise. Such results are already presented in literature and require appropriate amount of users participating (see [20, 21, 22])
Corollary 2
Assume that we have a network with underlying graph which is -strong. Then aggregation protocol PAALEC from [23] with parameters and applied to graph is -differentially private for the nodes belonging to the largest connected component. Moreover, PAALEC aggregation protocol is -differentially private for any arbitrary node.
VII Previous and Related Work
This paper spans several areas, thus many different papers should be pointed as related work. Since the idea of scale free network modeling appeared, there has been a vast amount of research concerning these kind of networks, including classic papers like [24, 25, 26, 27, 28]. Also worth mentioning are papers which provided rigorous mathematical treatment for scale free networks [29, 30, 31]. More recent papers on properties of scale free networks include [32, 33]. Also worth mentioning are papers [34, 35] where authors consider various properties of a graph given its expected degree list.
We should also mention papers about community structure in large networks [36, 37]. Some empirical result can also be found in [38].
The problem of robustness in complex networks has also been widely analyzed. To mention a few papers concerning the robustness and enhancing of robustness in scale free networks we cite [15, 39, 13, 40]. One should also mention [41] wherein authors consider adversarial deletion in scale free graphs and [12], where authors improve graph robustness by edge modifications. Note that, in the network robustness literature the notion of robustness is mostly the fact that the largest connected component exists. Here, however, we are interested in non-asymptotic results and more precise size (or lower bound for the size) of the giant component. Moreover, our protocols can be performed locally and without knowledge of the graph topology.
Furthermore, papers concerning various anonymity and ’crowd-blending’ concepts should be mentioned. See for example [1, 8, 7, 3, 4] for -anonymity. See also [5, 6] for extensions and variations of anonymity.
We should also mention some privacy preserving papers with emphasis on those which could benefit from having large connected component of appropriate size, namely [20, 21, 22, 23]. Also important are the papers [10, 19] where authors use cryptographic methods to amplify privacy for large group of users in data aggregation scenario. For survey about privacy see [42] and references therein.
VIII Conclusions and Future Work
We presented how to improve the size of the largest connected component under massive adversarial attack and demonstrated why this observation is important for a wide range of applications (with most emphasis put on privacy preserving protocols). Moreover, our methods are conceptually simple and can be performed locally, i.e. with minimal knowledge about the global network. We proved that the presented methods are efficient in preferential-attachment graphs, which are commonly believed to be an accurate model of various real-life networks including social interaction networks, World Wide Web, airline networks and many other. Finally, we confirmed our observations using experiments on graphs of real networks.
We believe that many questions important both for theory as well as design of practical privacy preserving solutions are left unanswered. In particular, for future work we plan to investigate:
- •
even stronger Adversary, who can choose adaptively (namely during the enhancement protocol) vertices to corrupt;
- •
longer random walks, where we establish an edge with every node visited on the way;
- •
Our protocols improve security of participating individuals, but the level of privacy is improved also for other users. The questions is, how to design a mechanism (i.e., via constructing extra incentives) to improve global privacy dependently on a power of the adversary.
The reference list from the paper itself. Each links out to its DOI / PubMed record.
- 1[1] A. Pfitzmann and M. Kohntopp, “Anonymity, unobservability, and pseudonymity - A proposal for terminology,” in Designing Privacy Enhancing Technologies, International Workshop on Design Issues in Anonymity and Unobservability, Berkeley, CA, USA, July 25-26, 2000, Proceedings , ser. Lecture Notes in Computer Science, H. Federrath, Ed., vol. 2009. Springer, 2000, pp. 1–9. [Online]. Available: http://dx.doi.org/10.1007/3-540-44702-4_1
- 2[2] P. Samarati, “Protecting respondents identities in microdata release,” IEEE transactions on Knowledge and Data Engineering , vol. 13, no. 6, pp. 1010–1027, 2001.
- 3[3] P. Samarati and L. Sweeney, “Generalizing data to provide anonymity when disclosing information,” in Proceedings of the seventeenth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems , ser. PODS ’98, 1998, p. 188.
- 4[4] L. Sweeney, “k-anonymity: a model for protecting privacy,” International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems , vol. 10, pp. 557–570, 2002.
- 5[5] A. Machanavajjhala, J. Gehrke, D. Kifer, and M. Venkitasubramaniam, “ ℓ ℓ \ell -diversity: Privacy beyond κ 𝜅 \kappa -anonymity,” in Proceedings of the 22nd International Conference on Data Engineering , ser. ICDE ’06, 2006, p. 24.
- 6[6] X. Xiao and Y. Tao, “M-invariance: towards privacy preserving re-publication of dynamic datasets,” in Proceedings of the 2007 ACM SIGMOD international conference on Management of data , ser. SIGMOD ’07, 2007, pp. 689–700.
- 7[7] C. Díaz, S. Seys, J. Claessens, and B. Preneel, “Towards measuring anonymity,” in Privacy Enhancing Technologies, Second International Workshop, PET 2002, San Francisco, CA, USA, April 14-15, 2002, Revised Papers , 2002, pp. 54–68. [Online]. Available: http://dx.doi.org/10.1007/3-540-36467-6_5
- 8[8] A. Serjantov and G. Danezis, “Towards an information theoretic metric for anonymity,” in Privacy Enhancing Technologies, Second International Workshop, PET 2002, San Francisco, CA, USA, April 14-15, 2002, Revised Papers , 2002, pp. 41–53. [Online]. Available: http://dx.doi.org/10.1007/3-540-36467-6_4
