Hauptseminar Privacy in Online Social Networks

--> will not be offered during Wt 17/18 !

Current news:

• The deadline for choosing a topic has been postponed to 19.04.2017
• This summer term's seminar is going to be organized on Friday, April. 7, 9:20 at APB/E010.

TOPIC

This seminar addresses current research in the context of privacy and security. Every participant writes a report about a selected topic. The participants get feedback in form of reviews of their submitted papers and revise their work accordingly. The reviews are done by other participants of the seminar, and each student will receive at least one review by their supervisor. At the end of the seminar, every participants presents her results followed by a discussion. Publications from relevant journals, conferences, and books are chosen for topics, but interested students may propose their own topics, as well. For the grade, preparation and presentation of the work as well as the quality of the review and the report are taken into account.

A Conference Seminar: seminar talks will be held on a single day (or two days) at the end of the term. The seminar will have the form of a scientific conference (see below). Precise dates and deadlines will be announced later.

First meeting (Vorbesprechung): Friday, April 7, 9:20, APB/E010

Information

Description

The seminar will have the form of a scientific conference. It will contain the following phases:

• Each participant will choose a topic (topic suggestions can be found below) and write a seminar paper about it. Following a period of about 6 weeks for writing, all participants submit their initial paper for reviewing, using a conference management system. The papers must be written in their entirety by this time, unfinished submissions will be excluded from the remainder of the course.
• Each participant will have around two weeks to peer-review 2 or 3 papers written by other participants. "Reviewing" means reading the paper in-depth and making suggestions for improvements. The reviews will be double-blinded: the authors will not know who reviewed their papers, and the reviewers will not know who wrote the papers they review.
• Each participant will receive the reviews to their submission and will be given around 2 weeks to make improvements.
• At the end of the term (date will be announced later) the conference will take place. It includes talks by participants, discussions and a social event. The Best Paper Award will be given to one of the papers.

Important dates

•  07.04. - topic presentation
•  **19.04.** - topic assignment
•  21.04. - kickoff - writing & reviewing
   25.04. - list of initial references
             - discussion with supervisor
• 12.06. - paper submission
• 13.06. - review claiming
• 26.06. - reviews due
• 17.07. - final paper due
• 21.07. - send initial version of presentations
• 28.07. - presentations

Links & Resources

• Slides Topic Presentation
• Slides Kickoff
• EasyChair instance of POSN-SS17
• LaTeX Template

Topics

The following list gives an overview of potential topics/fields, (including resources for initial information), independent suggestions that fit the course are welcome:during the first meeting.

List of topics:

(1) The rise of social bots & their techniques

Stephan Escher

Nowadays a considerable amount of communication in social networks is generated by automated programs. These so called social bots control faked or hijacked social media accounts and mimic humans or human behavior. The threas of such bots are very widespread. Identity theft, distributing spam, phishing or malware, creating fake product reviews or spreading misinformation and propaganda are only a few examples [4,5]. This work should give an overview of the state-of-the-art of social bots in different OSNs and their threats.

• [1] Ferrara, Emilio, et al. "The rise of social bots." 2014.
• [2] Boshmaf, Yazan, et al. "The socialbot network: when bots socialize for fame and money." Proceedings of the 27th Annual Computer Security Applications Conference. ACM, 2011.
• [3] http://truthy.indiana.edu/botornot/
• [4] Aiello, Luca Maria, et al. "People are Strange when you're a Stranger: Impact and Influence of Bots on Social Networks." 2014.
• [5] Hegelich, Simon, and Dietmar Janetzko. "Are Social Bots on Twitter Political Actors? Empirical Evidence from a Ukrainian Social Botnet." Tenth International AAAI Conference on Web and Social Media. 2016.

(2) Combating the rise of social bots

Stephan Escher

Nowadays a considerable amount of communication in social networks is generated by automated programs. These so called social bots control faked or hijacked social media accounts and mimic humans or human behavior. The threas of such bots are very widespread. Identity theft, distributing spam, phishing or malware, creating fake product reviews or spreading misinformation and propaganda are only a few examples. This work should give an overview of the state-of-the-art of countermeasures to social bots.

• [1] Wang et. al, You Are How You Click: Clickstream Analysis for Sybil Detection, USENIX Security Symposium, 2013.
• [2] Cao, Qiang, and Xiaowei Yang. "Sybilfence: Improving social-graph-based sybil defenses with user negative feedback." 2013.
• [3] Lee, Kyumin, James Caverlee, and Steve Webb. "Uncovering social spammers: social honeypots+machine learning." Proceedings of the 33rd international ACM SIGIR conference on Research and development in information retrieval. ACM, 2010.

(3) Filter Bubbles in Online Social Networks

Stephan Escher

Social media have become a prevalent channel to access information. However, it has been suggested that social and algorithmic filtering may cause exposure to less diverse points of view [1]. This work should give an literature overview of Filter Bubbles in OSNs, different views of researchers, methods of measurement, and potential risks.

• [1] Pariser, E. et al. “The filter bubble: how the new personalized Web is changing what we read and how we think” 2011.
• [2] Flaxman, Seth et al. "Filter bubbles, echo chambers, and online news consumption" 2016.
• [3] Nikolov, Dimitar et al. "Measuring online social bubbles" 2015.

(4) Modeling social networks with random graphs

Clemens Deußer

Graph models of social networks exhibit a number of topological properties. For instance social networks tend to be sparse (average degree independent of number of vertices) and the degree distribution can be approximated by a power law distribution. These properties can be generalized to an extend, allowing us to generate graphs exhibiting those properties and thus being similar to social graphs, to an extent. The subject of this topic will be the classification and examination of existing approaches to such graph generation algorithms.

• Albert, Réka, and Albert-László Barabási. "Statistical mechanics of complex networks." Reviews of modern physics 74.1 (2002): 47.

• Goldenberg, Anna, et al. "A survey of statistical network models." Foundations and Trends® in Machine Learning 2.2 (2010): 129-233.

• Newman, Mark EJ, Duncan J. Watts, and Steven H. Strogatz. "Random graph models of social networks." Proceedings of the National Academy of Sciences 99.suppl 1 (2002): 2566-2572.

(5) Matching semi isomorphic social graphs

Clemens Deußer

Social networks can be modeled as graphs in a variety of ways, for example using friendship relations or communication paths. When users and enough of their peers participate in several social networks, then graph models based on them will be sufficiently topologically similar to match the networks to each other and thus link profiles across social networks. In this topic you will examine existing approaches to produce such matchings and possible countermeasures.

• Cordella, Luigi P., et al. "A (sub) graph isomorphism algorithm for matching large graphs." IEEE transactions on pattern analysis and machine intelligence 26.10 (2004): 1367-1372.

• Hay, Michael, et al. "Resisting structural re-identification in anonymized social networks." Proceedings of the VLDB Endowment 1.1 (2008): 102-114.

(6) Digital payment systems

Martin Byrenheid

Digital currencies, such as Bitcoin, have become quite popular during the last decade. The goal of this seminar is to give an overview about currently existing digital currencies together with the corresponding payment schemes and compare their anonymity guarantees.

• [1] Bonneau et al.: "SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies"
• [2] Burges et al.: "Enabling Secure Web Payments with GNU Taler"
• [3] Ben-Sasson et al.: "Zerocash: Decentralized Anonymous Payments from Bitcoin"
• [4] Ahamad et al.: "A Survey on Crypto Currencies"

(7) Countermeasures against sybil attacks on Friend-to-Friend-Networks

Martin Byrenheid

The insertion of multiple identity by the same user, referred to as a Sybil attacks, are a problem for both centralized and distributed systems. A Sybil attack is preparatory step for manipulating reputation systems or compromising the security, anonymity  or availability of a service. For instance, Sybil attacks present a problem for the availability of content in F2F networks, P2P networks with mutual real-world trust
relationships between connected peers, because an adversary can delete content stored on its nodes. Hence, if the fraction of controlled nodes in the network is high, the probability that the requested content is available on honest nodes is low, thus allowing for effective censorship.

In order to prevent such attacks, the detection of and defense against Sybils  is essential. Such detection and defense strategies are commonly based on a social graph, e.g., the underlying trust graph of a F2F network, under the assumption that communities of artificially created identities exhibit a different structure than real-world social networks. The goal of this seminar is to review the current state of the art on defenses  against sybil attacks and classify them according to the following aspects: 

• What assumptions are made regarding the number of sybil identities and the number of links between malicious and honest nodes?
• How much overhead is introduced by the defense when there is an attack and when there is no attack?
• If the defense involves detection of sybil identities: What ratio of false positives and true positives is achieved?

Initial literature:

• Gao, Peng, et al. "Sybilframe: A defense-in-depth framework for structure-based sybil detection." arXiv preprint arXiv:1503.02985 (2015).
• Wei, Wei, et al. "Sybildefender: Defend against sybil attacks in large social networks." INFOCOM, 2012 Proceedings IEEE. IEEE, 2012.
• Alvisi, Lorenzo, et al. "Sok: The evolution of sybil defense via social networks." Security and Privacy (SP), 2013 IEEE Symposium on. IEEE, 2013.
• Koll, David, et al. "On the state of OSN-based Sybil defenses." Networking Conference, 2014 IFIP. IEEE, 2014.
• Yu, Haifeng, et al. "Sybilguard: defending against sybil attacks via social networks." ACM SIGCOMM Computer Communication Review 36.4 (2006): 267-278.

(8)  Reidentification Attacks on Social Media Services

Prof. Dr. Thorsten Strufe

Many users register with different services, commonly with different pseudonyms, in order to keep different aspects of their lives separated. This approach works much less than expected, and several studies have shown, how easy it is, to re-identify users in different services. The task of the seminar is to give an overview of different re-identification attacks (not graph-based but based on behavior or content), and also to explain the methodology of performing such a study (including the criticism of Oana Goga in the referred paper).

• [1] Goga et al: On the Reliability of Profile Matching Across Large Online Social Networks