SciTechBits – Interesting Bits of Science & Technoglogy Served For You!

Privacy has been a major issue with all Social Networks. While the networks do try to address the issues, most of the times – the solution provided is opting out of certain features. Researchers have tested a new privacy model, based on Bayesian Belief Networks – which creates a win-win situation for both the users and the network.

Everyday so many users join Social Networking Sites (SNSs) such as Facebook, Twitter, Orkut, MySpace etc, to keep up with friends, organize events with friends, make new friends, or flirt. One of the main features of SNSs is the”profile” where users post information about themselves. The profile can include real name, e-mail, physical address, phone number, academic classification, major, hometown, birthdates, sexual orientation, relationship status, interests, job history, favorite music/movies/books, etc. This revelation of personal information provides credibility to the profile and also helps match with other profiles. Users post personal information for a variety of reasons – 89% use it to keep up with friends, 57% use it make plans with friends, and 49% use it to make new friends. How much and what kind of information is revealed depend on users’ privacy concern and the trust on the SNS and its members.

Third party applications have become a very essential part of all the social networks, making the networks more interesting by adding specific features to the users taste. Facebook which has more than 250 million users has about 350,000 applications with 200 of them having more than a million users. To make the applications engaging, the applications are generally provided with almost all information about the users and their friends. However, this opens up lots of opportunities for malicious use of the information gained access to.

Collecting users’ data such as behavior, interest, demographic is valuable for personalized systems and web applications. Even though personalized systems are beneficial to provide relevant contents, targeted emails, e-commerce, the users express significant concerns about their privacy. Usual solutions for privacy issues is – opting out of disclosing selected information or sharing with applications. Most cases, this opt-out needs to be user initiated and not defaulted, making obvious of the intentions behind the “opt-out privacy model”. A study on use of privacy settings shows that majority of Facebook users do not change their default privacy settings even though they can limit visibility of their profile information from strangers. Large amount of personal information in easily harvestable environment (Facebook, MySpace, Orkut) can lead to social phishing attacks.

Several research projects have been done to address these issues. For instance, Platform for Privacy Preferences (P3P) project is created by W3C for privacy standard by having proposed user agents integrated in browsers check for compatibility of users’ privacy preferences and website privacy policy. If there is a violation, users are notified. Due to lack of support from browser vendors, integrating P3P into application has unfortunately been slow.

A group of researchers from Texas have proposed a Bayesian Belief Network (BBN) based privacy model for Facebook and have done some preliminary testing on the model. The proposed model includes three components: Profile Information (PI), Profile Manager (PM) and Profile Zoning (PZ). The PM decides based on PI what information can be disclosed (PZ). PM configures user’s profile information into allowed and not allowed to access categories. For the PM, the structure of the Bayesian Belief Network is created either using a Tree Based Deployment Algorithm or B-Course algorithm. Following creation of the structure, the BBN is trained to create the conditional probability tables for each arc in the structure.

A sample of ten queries was run to test the accuracy of the model. In one of the queries, if age was 20, gender was male, relationship status was ‘in a relationship’ and political preference was moderate – What was the probability of disclosing rest of the profile? The model predicted that 37% of users will not reveal their current residence (actual data indicates that 41% did not reveal for the tested group – 90% accuracy), 95.1% would reveal high school and 96.1% would reveal education level (both of these information was indeed revealed by almost all of the tested group members). The estimates for other information also reflect similar range of accuracy. The researchers propose for a much more thorough test on the model by testing all possible queries for accuracy.

The model proposed by the researchers, would make it easy for the unaware user, who does not change the default privacy settings, but would intend to. This model still works along the quest for data from the social networks but only making it easier for the user by managing their default settings based on a few parameters and thus creating a win-win situation.

Journal Reference: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=5137300&isnumber=5137253