Characterizing and quantifying privacy in internet services

Abstract

An increasing amount of personal information from different sources is collected and mined by different entities in the age of Internet, however the privacy implications of the availability of personal data on such a large scale are still unclear. This thesis concentrates on studying user privacy in two popular online services that heavily rely on user data: mobile application networks and online social networks (OSNs). We identify, characterize and quantify privacy issues arising in these services, and propose solutions to preserve users privacy. Recent work has shown that an excessive amount of personal data is collected by mobile ad libraries. We first investigate how the information is handled beyond the point of data collection and we reveal how privacy is leaked through mobile analytics services. We demonstrate how an external adversary can easily extract individualâ s profile and application usage pattern from analytics services providers. Then, we characterize the usage pattern of a location-based social network (LBSN), a type of mobile OSNs that integrates location data as one of their primary features and we evaluate the risk of user re-identification based on the spatial-temporal patterns. Our results indicate that the pervasive spatial-temporal data can be used to build metrics for user re-identification, not only within the networks but also potentially by other mobile services that collect this information. To understand the privacy implications of cross-linking profiles across multiple OSNs, we then characterize the information revealing patterns of users. Our findings suggest multiple sources data aggregation not only enrich the amount of exposed information but also improve the quality (e.g. granularity) of information. We then address the important goal of quantifying the threats of linking external records to public OSN user profiles, by providing a method to estimate the uniqueness of such profiles and by studying the amount of information carried by public attributes. Finally, we leverage our understanding of the OSNs and mobile networks to design privacy-preserving mechanisms. We study a number of obfuscation schemes that prevent statistical inference attacks in OSNs from user perspective. Our results contribute to better understanding of obfuscation in the OSN setting and suggest how a user-friendly strategy can be derived. To preserve privacy in opportunistic mobile networks, i.e. mobile ad-hoc networks (MANETs) we also propose an anonymous identity management protocol that provides strong anonymity as well improved performance.