Privacy Preserving Interceptor for Online Social Media Applications

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10089)

Abstract

In the current scenario, online social network (OSN) plays a vital role in user’s day to day life. User’s store lots of their personal information in OSN, and they share their day to day experiences with their connections. There are enormous number of third party application (TPA) services allied with OSN to provide extended services to the users. The OSN manages the identity verification by authenticating the user and granting access to allied TPAs. The TPA requests permissions to access personal attributes about the user when accessed by the user for the first time. The personal attributes marked as required by the TPA has to be shared to avail the service. The privacy risk increases exponentially with the users TPA usage. The users not only leak their information to TPA but also end up unlocking a new type of threat from correlation with auxiliary information, through the data available from alternative sources. In this paper, we focus on reducing the level of sensitive data exposed to the external parties. The feasibility of providing such a service by restricting the data flow through access control policies is not feasible with the current All or Nothing approach. Hence, in this paper, we propose, the Privacy Preserving Interceptor (PPI) that acts as an interceptor between OSN and TPA to provide the required utility and yet preserves user’s privacy. PPI identifies the sensitive attributes shared by the user and transforms the original data into a less sensitive form that still meets the utility goals. Standard Differential Privacy in combination with other perturbation mechanism of replacing with random values is used in PPI. The users privacy remains more or less the same both before and after the data share to TPA and still meets the utility needs of the user.

Keywords

Online social networks Third party applications Privacy Data perturbation Differential privacy 

References

  1. 1.
  2. 2.
  3. 3.
    Aldhafferi, N., Watson, C., Sajeev, A.: Personal information privacy settings of online social networks and their suitability for mobile internet devices. arXiv preprint arXiv:1305.2770 (2013)
  4. 4.
    Anthonysamy, P., Rashid, A., Walkerdine, J., Greenwood, P., Larkou, G.: Collaborative privacy management for third-party applications in online social networks. In: Proceedings of the 1st Workshop on Privacy and Security in Online Social Media, p. 5. ACM (2012)Google Scholar
  5. 5.
    Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All your contacts are belong to us: automated identity theft attacks on social networks. In: Proceedings of the 18th International Conference on World Wide Web, pp. 551–560. ACM (2009)Google Scholar
  6. 6.
    Chaabane, A., Ding, Y., Dey, R., Kaafar, M.A., Ross, K.W.: A closer look at third-party OSN applications: are they leaking your personal information? In: Passive and Active Measurement, pp. 235–246. Springer, Cham (2014)Google Scholar
  7. 7.
    Cheng, Y., Park, J., Sandhu, R.: Preserving user privacy from third-party applications in online social networks. In: Proceedings of the 22nd International Conference on World Wide Web Companion, pp. 723–728. International World Wide Web Conferences Steering Committee (2013)Google Scholar
  8. 8.
    Egele, M., Moser, A., Kruegel, C., Kirda, E.: Pox: protecting users from malicious facebook applications. Comput. Commun. 35(12), 1507–1515 (2012)CrossRefGoogle Scholar
  9. 9.
    Mills, E.: Facebook suspends app. that permitted peephole (2008). http://news.cnet.com/8301-10784_3-9977762-7.htm. Accessed 10 May 2016
  10. 10.
    Jernigan, C., Mistree, B.F.: Gaydar: Facebook friendships expose sexual orientation. First Monday 14(10) (2009)Google Scholar
  11. 11.
    Kelly: identity at risk on Facebook (2008). http://news.bbc.co.uk/2/hi/programmes/click_online/7375772.stm. Accessed 19 June 2015
  12. 12.
    Kong, D., Jin, H.: Towards permission request prediction on mobile apps via structure feature learning. In: Proceedings of SIAM International Conference on Data Mining (SDM 2015). SIAM (2015)Google Scholar
  13. 13.
    Kosinski, M., Stillwell, D., Graepel, T.: Private traits and attributes are predictable from digital records of human behavior. Proc. Nat. Acad. Sci. 110(15), 5802–5805 (2013)CrossRefGoogle Scholar
  14. 14.
  15. 15.
    Selkie, E.M., Fales, J.L., Moreno, M.A.: Cyberbullying prevalence among us middle and high school-aged adolescents: a systematic review and quality assessment. J. Adolesc. Health 58(2), 125–133 (2016)CrossRefGoogle Scholar
  16. 16.
    Tomy, S., Pardede, E., Taniar, D., Pardede, E.: Controlling privacy disclosure of third party applications in online social networks. Int. J. Web Inf. Syst. 12(2) (2016)Google Scholar
  17. 17.
    Ybarra, M.L., Mitchell, K.J.: How risky are social networking sites? A comparison of places online where youth sexual solicitation and harassment occurs. Pediatrics 121(2), e350–e357 (2008)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Department of Information Science and TechnologyAnna UniversityChennaiIndia

Personalised recommendations