Publications Search
Michael Hay, Chao Li, Gerome Miklau, David Jensen
Accurate Estimation of the Degree Distribution of Private Networks Proceedings Article
In: ICDM 2009, The Ninth IEEE International Conference on Data Mining, Miami, Florida, USA, 6-9 December 2009, pp. 169–178, IEEE Computer Society, 2009.
Abstract | Links | BibTeX | Tags: Privacy and Networks
@inproceedings{hay2009accurate,
title = {Accurate Estimation of the Degree Distribution of Private Networks},
author = {Michael Hay and Chao Li and Gerome Miklau and David Jensen},
url = {https://doi.org/10.1109/ICDM.2009.11},
year = {2009},
date = {2009-01-01},
booktitle = {ICDM 2009, The Ninth IEEE International Conference on Data Mining,
Miami, Florida, USA, 6-9 December 2009},
pages = {169--178},
publisher = {IEEE Computer Society},
abstract = {We describe an efficient algorithm for releasing a provably private estimate of the degree distribution of a network. The algorithm satisfies a rigorous property of differential privacy, and is also extremely efficient, running on networks of 100 million nodes in a few seconds. Theoretical analysis shows that the error scales linearly with the number of unique degrees, whereas the error of conventional techniques scales linearly with the number of nodes. We complement the theoretical analysis with a thorough empirical analysis on real and synthetic graphs, showing that the algorithm’s variance and bias is low, that the error diminishes as the size of the input graph increases, and that common analyses like fitting a power-law can be carried out very accurately.},
keywords = {Privacy and Networks},
pubstate = {published},
tppubtype = {inproceedings}
}
Michael Hay, Gerome Miklau, David Jensen, Don Towsley, Philipp Weis
Resisting structural re-identification in anonymized social networks Journal Article
In: Proceedings of the VLDB Endowment, vol. 1, no. 1, pp. 102–114, 2008.
Abstract | Links | BibTeX | Tags: Privacy and Networks
@article{hay2008resisting,
title = {Resisting structural re-identification in anonymized social networks},
author = {Michael Hay and Gerome Miklau and David Jensen and Don Towsley and Philipp Weis},
url = {https://dl.acm.org/doi/pdf/10.14778/1453856.1453873},
year = {2008},
date = {2008-01-01},
journal = {Proceedings of the VLDB Endowment},
volume = {1},
number = {1},
pages = {102--114},
publisher = {VLDB Endowment},
abstract = {We identify privacy risks associated with releasing network data sets and provide an algorithm that mitigates those risks. A network consists of entities connected by links representing relations such as friendship, communication, or shared activity. Maintaining privacy when publishing networked data is uniquely challenging because an individual's network context can be used to identify them even if other identifying information is removed. In this paper, we quantify the privacy risks associated with three classes of attacks on the privacy of individuals in networks, based on the knowledge used by the adversary. We show that the risks of these attacks vary greatly based on network structure and size. We propose a novel approach to anonymizing network data that models aggregate network structure and then allows samples to be drawn from that model. The approach guarantees anonymity for network entities while preserving the ability to estimate a wide variety of network measures with relatively little bias.},
keywords = {Privacy and Networks},
pubstate = {published},
tppubtype = {article}
}
George Dean Bissias, Marc Liberatore, David Jensen, Brian Neil Levine
Privacy vulnerabilities in encrypted HTTP streams Proceedings Article
In: International Workshop on Privacy Enhancing Technologies, pp. 1–11, Springer 2005.
Abstract | Links | BibTeX | Tags: Privacy and Networks
@inproceedings{bissias2005privacy,
title = {Privacy vulnerabilities in encrypted HTTP streams},
author = {George Dean Bissias and Marc Liberatore and David Jensen and Brian Neil Levine},
url = {https://scholarworks.umass.edu/cgi/viewcontent.cgi?referer=https://www.google.com/&httpsredir=1&article=1097&context=cs_faculty_pubs},
year = {2005},
date = {2005-01-01},
booktitle = {International Workshop on Privacy Enhancing Technologies},
pages = {1--11},
organization = {Springer},
abstract = {Encrypting traffic does not prevent an attacker from performing some types of traffic analysis. We present a straightforward traffic analysis attack against encrypted HTTP streams that is surprisingly effective in identifying the source of the traffic. An attacker starts by creating a profile of the statistical characteristics of web requests from interesting sites, including distributions of packet sizes and inter-arrival times. Later, candidate encrypted streams are compared against these profiles. In our evaluations using real traffic, we find that many web sites are subject to this attack. With a training period of 24 hours and a 1 hour delay afterwards, the attack achieves only 23% accuracy. However, an attacker can easily pre-determine which of trained sites are easily identifiable. Accordingly, against 25 such sites, the attack achieves 40% accuracy; with three guesses, the attack achieves 100% accuracy for our data. Longer delays after training decrease accuracy, but not substantially. We also propose some countermeasures and improvements to our current method. Previous work analyzed SSL traffic to a proxy, taking advantage of a known flaw in SSL that reveals the length of each web object. In contrast, we exploit the statistical characteristics of web streams that are encrypted as a single flow, which is the case with WEP/WPA, IPsec, and SSH tunnels.},
keywords = {Privacy and Networks},
pubstate = {published},
tppubtype = {inproceedings}
}