Section: New Results


Privacy Protection in Social Networks

Participants : Younes Abid, Bizhan Alipour, Sourya Joyee De, Abdessamad Imine, Michaël Rusinowitch.

To increase awareness about privacy threats, we have designed a tool, SONSAI, for Facebook users to audit their own profiles. SONSAI predicts values of sensitive attributes by machine learning and identifies user public attributes that have guided the learning algorithm towards these sensitive attribute values. The tool is designed to perform reasonably with the limited resources of a personal computer, by collecting and processing only a small relevant part of the network data [31], [32]. We also show how SONSAI is fully interfaced with Facebook along different scenarios. In each case a dataset was built from real profiles collected in the user's neighbourhood network. The whole analysis process is performed online, mostly automatically and with an accuracy of 0.79 when inferring political orientation. More details on the inference of other sensitive attributes are given in [8]. We are now investigating potential privacy attacks based on other data types such as posts, comments and images.

Online social network profiles help users to build new friendships as well as reviving and enhancing existing ones. However, users can become the victims of privacy harms such as identity theft, stalking or discrimination due to the personal data revealed in these profiles. So they have to carefully select the privacy settings for their profile attributes, keeping in mind this trade-off between privacy and social benefit. To aid in this decision process, we have developed a user-friendly model based on Integer Programming [27]. Our model provides a social network user with easy-to-implement suggestions about the privacy settings of his profile attributes such that he can achieve the maximum social benefit while protecting himself from all or at least some major privacy risks. We have tested our approach on user profiles with varying vicinities (i.e. the list of friends) and social benefit requirements [25].

Users' interactions must consider both privacy risks and social benefits, a view supported by the EU General Data Protection Regulation (GDPR). In addition, the GDPR recognizes user consent as a legitimate ground for data processing. In [26], we analyze the present status of user consent in online social networks and we observe that evaluating the privacy risks of user consents to data processing activities can be an effective way to help users in their decision to give or refuse consent.

Compressed and Verifiable Filtering Rules in Software-defined Networking

Participants : Ahmad Abboud, Michaël Rusinowitch.

In a joint project with the Resist research group at Inria Nancy and the Cynapsys/Numeryx companies, we are working on the design, implementation and evaluation of a double-mask technique for building compressed and verifiable filtering rules in Software Defined Networks with the possibility of distributing the workload processing among several packet filtering devices operating in parallel.